Home › Forums › BulletProof Security Pro › Problem with malware? mscan-ajax-functions.php and mscan-pattern-match.php
- This topic has 3 replies, 3 voices, and was last updated 5 years, 7 months ago by AITpro Admin.
-
AuthorPosts
-
MaiParticipant
hi
my host gave me some warnnings and am not sure r they correct or no
problem i am facing is with email being sent form my sites in huge amount so i cant send emails
here is what they saidWe are seeing the following during a malware scan of the account:
/home/maiweb/kanee.com/q8jobs/wp-content/plugins/bulletproof-security/includes/mscan-ajax-functions.php: {HEX}a2.edoced_46esab.1.UNOFFICIAL FOUND /home/maiweb/amazingtr.com/wp-content/bps-backup/mscan/mscan-pattern-match.php: {HEX}a2.edoced_46esab.1.UNOFFICIAL FOUND /home/maiweb/public_html/wp-content/bps-backup/mscan/mscan-pattern-match.php: {HEX}a2.edoced_46esab.1.UNOFFICIAL FOUND /home/maiweb/glsummitq8.com/wp-content/plugins/bulletproof-security/includes/mscan-ajax-functions.php: {HEX}a2.edoced_46esab.1.UNOFFICIAL FOUND
i have emaile du but no replay
please advise
thank u so much
i have the pro accountAITpro AdminKeymasterThese are false positives that you can ignore. You should probably inform your web host that these are false positives so that they do not take negative action against your hosting account. Your web host malware scanner is detecting the malware scanning pattern code in BPS Pro MScan. This is pretty common issue with malware scanners and one of the primary reasons malware scanners are not really that reliable. This type of common issue does not happen with BPS Pro AutoRestore|Quarantine Intrusion Detection and Prevention System (ARQ IDPS) scanner because ARQ IDPS is far superior to any malware scanners including BPS Pro MScan.
PAL99ParticipantHi – my host is webhostinghub and they have run a scan and found the same edoced_46esab malware. Are these false positives too? They are all under respective bps-backup/scan directories.
/home/blaguk5/public_html/blag/wp-content/bps-backup/mscan/mscan-pattern-match.php:edoced_46esab
AITpro AdminKeymaster@ Pal99 – Yep, this is a false positive. Your host scanner is matching the pattern matching code used by MScan. This is a very common problem with all malware scanners and that is why they are inferior to the BPS Pro AutoRestore|Quarantine Intrusion Detection and Prevention System (ARQ IDPS) scanning feature. You can ask your host to ignore/exclude/not scan the /home/blaguk5/public_html/blag/wp-content/bps-backup/mscan/mscan-pattern-match.php file.
-
AuthorPosts
- You must be logged in to reply to this topic.