Title: wp-crontrol.php triggering quttera error
Last modified: February 22, 2021

---

# wp-crontrol.php triggering quttera error

 *  [edwardsmark](https://wordpress.org/support/users/edwardsmark/)
 * (@edwardsmark)
 * [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/)
 * hello –
 * wp-crontrol.php is triggering quttera error:
 * > Severity: enMaliciousThreatType
   >  File: wp-content/plugins/wp-crontrol/wp-crontrol.
   > php File signature: d31d8dd41c1a5815d01ceb82ad1d7211 Threat signature: b9dabf14014fb7becc2a63a6cb482a55
   > Threat name: Heur.PHP.Cron.gen Threat: delete_transient( ‘d Details: Cron PHP
   > scheduler
 * and i uploaded the file to [https://virustotal.com](https://virustotal.com) and
   got the following:
 * > Bkav Pro VEX.Webshell
 * its only one notice out of many tests, but still cause for concern.
 * for now, i moved this file to a safe area.
 * any suggestions why this might be an issue?
    -  This topic was modified 5 years, 3 months ago by [edwardsmark](https://wordpress.org/support/users/edwardsmark/).

Viewing 7 replies - 1 through 7 (of 7 total)

 *  Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/)
 * (@sterndata)
 * Volunteer Forum Moderator
 * [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/#post-14086191)
 * The plugin on wp.org is OK, so it would seem that your site is hacked OR there’s
   a false positive.
 * Try removing and reinstalling the plugin. THEN….
 * Get a fresh cup of coffee, take a deep breath and carefully follow [this guide](https://wordpress.org/support/article/faq-my-site-was-hacked/).
   When you’re done, you may want to implement some (if not all) of [the recommended security measures](https://wordpress.org/support/article/hardening-wordpress/).
 * If you’re unable to clean your site(s) successfully, there are reputable organizations
   that can clean your sites for you. Sucuri and Wordfence are a couple.
 *  [quttera](https://wordpress.org/support/users/quttera/)
 * (@quttera)
 * [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/#post-14086278)
 * Can you please send us the detected file for the manual investigation?
 *  Thread Starter [edwardsmark](https://wordpress.org/support/users/edwardsmark/)
 * (@edwardsmark)
 * [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/#post-14086291)
 * file is as mentioned, `wp-crontrol.php`
 * i just ran “diff” on the `wp-crontrol.php` from [here ](https://wordpress.org/plugins/wp-crontrol/)
   against my live script, and there is no difference.
 * the question is now being asked here:
 * [https://github.com/johnbillion/wp-crontrol/issues/55](https://github.com/johnbillion/wp-crontrol/issues/55)
 * it just seemed very peculiar that virusTotal.com flagged the `wp-crontrol.php`
   script in just ONE of their many tests.
    -  This reply was modified 5 years, 3 months ago by [edwardsmark](https://wordpress.org/support/users/edwardsmark/).
    -  This reply was modified 5 years, 3 months ago by [edwardsmark](https://wordpress.org/support/users/edwardsmark/).
    -  This reply was modified 5 years, 3 months ago by [edwardsmark](https://wordpress.org/support/users/edwardsmark/).
 *  [quttera](https://wordpress.org/support/users/quttera/)
 * (@quttera)
 * [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/#post-14086355)
 * The code in github ([https://github.com/johnbillion/wp-crontrol/blob/develop/wp-crontrol.php](https://github.com/johnbillion/wp-crontrol/blob/develop/wp-crontrol.php))
   is clean.
 * From the initial investigation, we didn’t find malicious activity.
 * The detection occurred using the normal scan or high sensitivity scan?
 *  Thread Starter [edwardsmark](https://wordpress.org/support/users/edwardsmark/)
 * (@edwardsmark)
 * [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/#post-14086393)
 * quttera **normal **scan mode. what concerned me is when [https://virusTotal.com](https://virusTotal.com)
   also flagged the script.
    -  This reply was modified 5 years, 3 months ago by [edwardsmark](https://wordpress.org/support/users/edwardsmark/).
    -  This reply was modified 5 years, 3 months ago by [edwardsmark](https://wordpress.org/support/users/edwardsmark/).
    -  This reply was modified 5 years, 3 months ago by [edwardsmark](https://wordpress.org/support/users/edwardsmark/).
 *  [quttera](https://wordpress.org/support/users/quttera/)
 * (@quttera)
 * [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/#post-14086539)
 * Our malware research team will investigate it deeper as well.
 *  [quttera](https://wordpress.org/support/users/quttera/)
 * (@quttera)
 * [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/#post-14088208)
 * Here is the malware research team verdict:
 * We didn’t find malicious/suspicious lines in the code. But I think others
    might
   detect it as it performs hooking in order to manage cron jobs.
 * We will whitelist plugin detection in the next version release

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘wp-crontrol.php triggering quttera error’ is closed to new replies.

 * In: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
 * 7 replies
 * 3 participants
 * Last reply from: [quttera](https://wordpress.org/support/users/quttera/)
 * Last activity: [5 years, 3 months ago](https://wordpress.org/support/topic/wp-crontrol-php-triggering-quttera-error/#post-14088208)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics