Does it say anything about the malware it has detected? I don’t see any malware in the original file, so make sure the file hasn’t been tampered with. If it isn’t it might be a false positive and you should contact GoDaddy support to ask for more information.
The Pro Reports extension will suggest to install MainWP Child Reports plugin on child sites which works in tandem with Pro Reports.
However, MainWP does not suggest at any point to install Activity Log for MainWP extension to your child sites.
For future reference, you can find information here on deleting plugins in bulk:
What is strange, we didn’t install this plugin on any sites manually or directly, only we manage the websites, the site owners or any other developer doesn’t access them… and we only accessed the websites via mainwp, so somewhere along the line, it got installed via mainwp – also note, that plugin was on ALL websites we connected to mainwp.
Need to trace back to see where and how that got activated.
I would suggest asking GoDaddy support what triggered their security systems to flag this file.
Also, I texted the plugin author, and as soon as he is available, I believe he will reply here. I assumed he would have more info about it, but not sure yet.
On the other hand, I am not sure how this plugin (extension) could get installed on all your websites.
MainWP plugin itself does not have any feature that would do that. There is no code that “auto-installs” any plugin before MainWP Dashboard user executes the process.
I also checked the Activity Log for MainWP extension and found nothing that would do it.
This is the first time we have had something like this reported. There are 20K+ active installs for MainWP Dashboard from users like you, with over 600K managed child sites, and no one has reported this problem. So, I am sure that the MainWP plugin did not play any role on its own in installing the mentioned plugin on all your Child sites.
I would strongly suggest reviewing server logs so you can get to the bottom of it and figure out how the plugin got installed.
I am Robert from Melapress. A quick update from our end:
It seems that this report is about our MainWP Extension; Activity Log for MainWP.
This should only be installed on the MainWP dashboard, and not on child websites.
By coincidence we are working on an update and I can confirm that there is no malware in that file. Maybe the functionality that triggers the file download has triggered this?
As @bogdan said, can you please ask GoDaddy to be more specific and advise what is triggering this report?
Also, this plugin should not be installed on child websites, but only on the MainWP dashboard. The fact that it is installed on child websites is either a mistake or there is something fishy.
Please drop us an update as soon as you hear back from GoDaddy. Also, would you be able to send me a copy of that file in question so we take a look? Did you compare it to the original one on the repo?