Reply To: MW:JS:GEN2?malware.script_base64.1

Home Forums Support Forum MW:JS:GEN2?malware.script_base64.1 Reply To: MW:JS:GEN2?malware.script_base64.1

#1798
Anti-Malware Admin
Anti-Malware Admin
Key Master

That is because this threat is usually not in any of your files. Instead, this malicious HTML is injected directly into your database. You’ll need to look in your post/page content (using the text tab so that you can see the HTML tags that you don’t want there) and remove the unwanted text manually.

Your bigger problem is that the hacker(s) will likely still have remote access to your database and they can re-inject this unwanted content. There was a widespread outbreak of this particular threat on TSOHOST recently and a number of their customers reported repeated hacks without any recourse to stop them from injecting the same links into their database.

I would suggest changing your DB_PASS and updating your wp-config.php file. If that does not stop repeated infections then you may have to look for a more secure host.