The plugin that never dies

As many others have mentioned, there are no configuration options. I can verify false positives because I have experienced several. This plugin seem to randomly claim malware, and of course, one must pay for the pro version of the plugin in order to remove the non-existent malware. Why do I say “non-existent”? Because no other malware scanners ever found anything.

Now that I am migrating several sites to new servers, I discovered another little hidden ‘feature’ of this plugin. When you delete it, there are several things left behind that will cause your migration to fail if they are not corrected.

You have to manually edit the .htaccess file to remove entries made by the plugin, remove the .user.ini file in the root directory, and delete the files in the mu-plugins in the wp-content folder. I also found it interesting that the plugin changes names if you deactivate it.