I am guessing that these are false positives, after a server scan inmotion support sent me these two files as suspected hacks. Just double checking so I can confirm with them that these are not malware.
public_html/wp-content/bps-backup/autorestore/wp-content/plugins/bulletproof-security/admin/htaccess/mscan-pattern-match.php
public_html/wp-content/bps-backup/autorestore/wp-content/upgrade-temp-backup/plugins/bulletproof-security/admin/htaccess/mscan-pattern-match.php