Hi,
I read the MScan Malware Scanner Guide and ran it for a website that I suspected had problems.
Report: 57 suspicious files.
I went through them all, downloaded the files into a folder on my hard drive to look at.
I also noticed that the ‘Pattern Matching’ is not 100% accurate like the file hash is. Questions:
- would a core file look like something like this: (suspicious file=)…/wp-content/cache/wp-rocket/example.com/topic/index-https.html – is that pattern matching or file hash comparison? It’s part of WP Rocket but it doesn’t seem like it would be core.
- If not core then pattern matching – what are next steps to determine an html code that’s suspicious? Is there something I could run that file through that would tell me if it was indeed corrupted?
Thanks.