Support

Here are the recommended channels for receiving support:

  • First Read the FAQs - These Frequently Asked Question may have answers that address your issue.
  • Forum Topics - There may already be a topic that relates to your problem, if not, you can create one.
  • WordPress Forum - If you prefer to use the forum on wordpress.org to get support.

209 Comments on "Support"

  • Keami Terrill
    On October 23, 2016 at 3:37 pm, Keami Terrill said:

    I can’t log in my website because my website is hacked…so how do I use this plugin to get i if I can’t even log in my hacked site?? Please help!!!

    Reply
    • Anti-Malware Admin
      On October 24, 2016 at 1:18 pm, Anti-Malware Admin said:

      In your case you will need to ask your hosting provider to turn off Mod_Security so that you can once again login to your site. They should also review their own Mod_Security setting so that they do not lock you out of your own site in the future. If they are not cooperative or helpful then you should move your site to another hosting provider and demand that they give you a refund for services not provided ;-)

      Reply
  • wing
    On September 28, 2016 at 1:29 pm, wing said:

    I use this plugin “Knight Lab TimelineJS” in some of my sites as I like to time line features. It basically links to a spreadsheet which resides in a shared google drive or like to collaborate with peers. It seems to be created by a reputable university. However, when scanning with your plugin, it reports every time the plugin contains known threat back door script and ask for removal. I have contacted the support of this plugin, they are curious why the malware tool would report them as a threat. Could you comment?

    Reply
    • Anti-Malware Admin
      On September 28, 2016 at 3:26 pm, Anti-Malware Admin said:

      I downloaded that plugin just now and checked it myself and there are no Known Threats or Back-door Scripts, so I suspect that the copy you have installed on your site has become infected with the malicious code that my plugin detected sometime after you installed it. If you send the so suspicious code to the plugin author I believe that they will confirm that the code you send them is not part of the plugin that is distributed by them.

      My plugin should be able to remove this malicious code that has been added to this plugin while leaving the good code in place so that the plugin will still function properly, however, it wouldn’t hurt to delete the plugin and reinstall it from a clean copy of the source.

      The bigger problem for you is to determine how you got infected in the first place so that this does not happen to you again.

      Reply
  • Terry
    On August 8, 2016 at 2:18 pm, Terry said:

    Hi GOTMLS,

    I just donated/downloaded the plug-in, but when I tried to register to get updates you show my email but when I type my password you won’t accept it (and also the password that I’m typing in is not my password because I was never given one! So what is my password so that I can finish registration and get new definition-updates ?????

    Reply
    • Anti-Malware Admin
      On August 8, 2016 at 2:27 pm, Anti-Malware Admin said:

      You site is already registered and the password was automatically sent to the email address you registered the site under. I see your donation on that account too, thanks!

      All you need to do now is go back to the Anti-Malware Settings page in your wp-admin, check the box that says “Automatically Update Definitions”, and click Save ;-)

      Reply
  • eileen smith
    On August 4, 2016 at 9:28 am, eileen smith said:

    Thank you so much for making this plugin available (I just donated). My blog was hacked a few days ago and I was notified by Dreamhost. I’m not a tech person at all but I figured your plugin was a good place to start. The scan seemed to get rid of the suspected threat files yet there are still 2 lines of text visible at the top of my blog and my dashboard. When I click on the links they fail to download and read “access denied.” Not sure what to do! Any advice would be much appreciated.

    Reply
    • Anti-Malware Admin
      On August 4, 2016 at 9:51 pm, Anti-Malware Admin said:

      It looks like you have some permission errors with some of your theme files. Maybe you need to delete and reinstall your theme.

      Reply
  • Panduranga Reddy
    On May 5, 2016 at 12:16 am, Panduranga Reddy said:

    Taking this from WordPress support forum…

    My question:
    I getting “No response from server!” message for Brute-force Protection, thanks for the support.

    your answer:
    This error means that either your server cannot create a persistent session or your mod_rewrite in your .htaccess file is not working, so the patch will not work unless those are fixed. I am working on a workaround for a future release but it’s not ready yet.

    can you please elaborate to understand better… thank you.

    Reply
    • Anti-Malware Admin
      On May 5, 2016 at 8:25 am, Anti-Malware Admin said:

      My patch and the built-in test that is returning the “No response from server” message relies on an active session that must be able to be created on your server and also rewrite rules in must work on your server to perform this test. If either of those are broken or not working right on your server then this Brute-force Patch will not work for you and there is nothing my plugin can do about that. This is something you would need to take up with your host to figure out why these things are not working and they would need to configure your server to restore this functionality if you are going to be able to enable this patch on that site.

      Reply
  • juan sanchez
    On March 23, 2016 at 2:23 pm, juan sanchez said:

    Hi, first of all congratulations, your plugin has cleaned more than 1000 infected files in 10 wordpress installations on my server, and you saved me life. I have donated for sure.

    I have 2 joomla installations also infected, do you have anything for this CMS, or can you recommend me about this? Best regards and great job. Juan.

    Reply
    • Anti-Malware Admin
      On March 23, 2016 at 7:09 pm, Anti-Malware Admin said:

      Thank you! I’m glad my plugin was so helpful to you with your WordPress sites.

      I don’t currently have a joomla version of this plugin but if you put the files from your joomloa site in a subdirectory within one of your WordPress sites then you can use the WordPress plugin to scan those files too ;-)

      Reply
  • Dawn DeBruyn
    On March 17, 2016 at 7:16 am, Dawn DeBruyn said:

    Hi, I donated $29 but the donation doesn’t show when I log in, or on the plugin’s setting screen. Is there a waiting period?

    Reply
    • Anti-Malware Admin
      On March 17, 2016 at 8:32 am, Anti-Malware Admin said:

      If you had donated from the form on the Anti-Malware Settings page in your wp-admin then it would have matched your donation to your registration key instantly. Since you did not, and you donated from an email address that was not the one you registered the site/key to, and the name on the PayPal account is different from your name, and you didn’t enter your domain name in the notes field when you made the donation, there was no way to match donation to your registration.

      I have just found your registration and assigned your donation to it, so it should show up for you now ;-)

      Reply
  • eliza
    On March 14, 2016 at 9:22 am, eliza said:

    Hi

    A lot of my readers complain that they can’t leave a message on my blog because they are seen as SPAMMER. How can I resolve this? Other readers do manage to leave a message behind…

    Reply
  • M
    On February 10, 2016 at 3:29 am, M said:

    Hi, I have using this plugin to clean my infected files. I got files in the quarantine and it says, “The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.”

    Do I need to delete them? Are they safe to leave? What happens if I delete them?

    I also run several WordPress sites. If I donate, can I use them all or do I need to donate for each site?

    Reply
    • Anti-Malware Admin
      On February 10, 2016 at 10:58 am, Anti-Malware Admin said:

      No, you don’t need to delete them.
      Yes, they are safe in the Quarantine.
      The Quarantine is just a record of the files that were fixed, the old code that was removed from the files is now encoded in your database as a backup. If you delete the Quarantine then you will not have any record of the original content of those files.

      If you register all your sites under the same email address then your donation will count for all of them ;-)

      Reply
  • On January 24, 2016 at 5:28 pm, Alison Withers said:

    Hi,

    I’ve just made a second donation to make up the total price of unlocking the core wp scanner, how do I activate it? It still shows up with a red line for it and is disabled. Thanks.

    Reply
  • Mark
    On January 23, 2016 at 7:05 pm, Mark said:

    Hello,

    This looks like a nice program. I noticed that the description mentions
    Premium Features, but I do not see any pricing for them…

    Is there a Premium Version and if so what is the cost?

    Also, just to check, if we have a site that is having issues (hacked),
    running this plugin will remove and fix the issues? or will it just tell
    us what is wrong and we then need to make changes manually?

    Thank You!

    Reply
    • Anti-Malware Admin
      On January 23, 2016 at 9:32 pm, Anti-Malware Admin said:

      My plugin can remove any Known Threats from infected files that it finds when you run a scan.

      Currently you can get access to the Core Files Definitions through the use of the Automatic Update feature if you donate at least $29 and you can use the Brute-Force Protection if your donation is at least $14.

      Reply
  • Dar
    On January 22, 2016 at 5:33 am, Dar said:

    Hi Eli,
    I was thrilled to discover your plugin! It cleaned my malware on the first crack and got me off the Google blacklist so many thanks to you for that!! Problem is that my site continually keeps getting reinfected and after I run a scan with your plugin, Google gives me a green light and a promise that I will be removed from their blacklist but hours later I’m right back on it! It’s the same damn script that keeps going back on….I’ve been through each and every page of script on my site and can’t find it to delete it so maybe it’s hidden in javascript? I’m at my wits end!

    Reply
    • Anti-Malware Admin
      On January 22, 2016 at 9:49 am, Anti-Malware Admin said:

      If the same file(s) keeps getting re-infected on your site then you need to figure out how the hacker(s) are getting write-access to your filesystem. Check the Anti-Malware Quarantine page to get the Infected Time(s) of these files and then look through your access_log files to see what scripts/URLs are called at that exact time, that may indicate the vulnerability that is being repeatedly exploited on your site. If not than you site may be getting crossover contamination from another site on that shared hosting server, in which case it might be best if you move you hosting to a more secure server.

      Reply
  • Strawberry Girl Designs
    On December 9, 2015 at 8:15 am, Strawberry Girl Designs said:

    I have a site that I cannot get past the Brute Force re-direct. Is there a way to remotely reset that, or a file I can get to via ftp that I should update? I have tried multiple days as well as changing the password via the wordpress login page, but so far nothing is working.

    Reply
    • Anti-Malware Admin
      On December 9, 2015 at 8:52 am, Anti-Malware Admin said:

      Maybe your browser is blocking the JavaScript on your login page or there is something else blocking you because the code on your login page is working fine in my browser. Can you send me a screenshot of the error you are getting?

      If you want to try disabling the login protection you can edit your wp-config.php file and just add // right after the first Reply

      • Strawberry Girl Designs
        On December 9, 2015 at 12:52 pm, Strawberry Girl Designs said:

        Got in! There must have been a conflict with the alora theme. I was able to get in and change the theme remotely and was then able to sign in. Thanks for all your help working through it, I really do appreciate it!!

        Reply
        • Anti-Malware Admin
          On December 9, 2015 at 1:59 pm, Anti-Malware Admin said:

          Thanks for posting your solution. Were you able to tell from the error_log files what the conflict was?

          Reply
  • On November 24, 2015 at 7:56 am, Eugene McGrath said:

    Hi Eli,

    Do you not reply to your support tickets
    I sent you a support ticket 9 days ago :(
    No reply

    Thanks

    Reply
    • Anti-Malware Admin
      On November 24, 2015 at 11:35 am, Anti-Malware Admin said:

      I do, actually. Sometimes I don’t get a notification so it takes me longer to notice a post but I just looked and I don’t see any posts from you on either the WordPress forum or on My Own Support Forum. Can you please send me a link to this post of your’s so that I can reply to it?

      Reply
  • sunny tewathia
    On November 23, 2015 at 8:54 am, sunny tewathia said:

    Hii Eli,

    Something i am facing something very unsual. My site is hacked, but not a single plugin inlcuding your is telling me that.

    Only way i found it is by, visiting my website manually from Opera and internet explorer.

    Chrome never shows it, but other browsers are showing. I see a pop-up every 3rd or 4th time when i am visiting my website from Google using some search query for my site, it redirect the webpage to somehere else.

    I am not seeing this problem on chrome.

    My site url : http://www.healthy-drinks.net/

    Reply
    • Anti-Malware Admin
      On November 23, 2015 at 9:48 am, Anti-Malware Admin said:

      I do not see any malicious redirect on your site in any browser. Maybe it is your own PC that is infected and it is your browsers that are causing the redirect. Try another computer or see if anyone else can reproduce this redirect on your site.

      Reply
  • David Hild
    On November 21, 2015 at 5:38 am, David Hild said:

    Hi Eli, fantastic plugin! Used it to fix a non-writable htaccess file issue that was driving me nuts. Your plugin found and cleaned up a half dozen backdoor threats and other garbage I had no idea were lurking.

    Everything was mean and clean until this morning when I thought to tighten everything up by changing my database password (then was going to do same with my user account). I changed my DB password on GoDaddy and also in wp-config. But my site was now down:

    “Fatal error: Call to undefined function phpdefine() in /home/content/37/7902137/html/wp-config.php on line 1″.

    (I believe I saw a reference to that file after a scan, but my site ran fine anyway)

    I have all options turned on within the plugin so maybe the login hack lockout was triggered? I’m pretty good at troubleshooting and have tried resetting my DB password back, messing with the top of wp-config, etc. Here is the top of wp-config:

    <?phpdefine('WP_CACHE', true); // Added by WP Rocket /**

    Of course I can't get into my WP admin panel either. Website is:
    http://thememorytheater.com

    Please advise! I have a feeling this is something pretty easy to take care of just editing .php files on FTP.

    Cheers!

    David

    Reply
    • Anti-Malware Admin
      On November 21, 2015 at 8:59 am, Anti-Malware Admin said:

      It sounds like you removed some blank space between “php” and “define” at the top of your wp-config.php file, or maybe WP Rocket messed that up.

      You file should start with
      /*Then a blank line here, and then*/
      define(‘WP_CACHE’, true);

      Reply
      • David Hild
        On November 21, 2015 at 9:15 am, David Hild said:

        All set. I stripped out everything at the top of wp-config. That got me to a WP screen that advised checking DB name and password. I changed my DB password again and in wp-config and got back into WP. THANK YOU again for this amazing plugin!

        Reply
  • Tom Davidson
    On November 13, 2015 at 3:30 am, Tom Davidson said:

    Hi. I keep getting an error message that the there is no Nonce token. I am a paid user if that makes any difference. What do I need to do to run a scan? Thanks!

    Reply
    • Anti-Malware Admin
      On November 13, 2015 at 4:11 pm, Anti-Malware Admin said:

      My new release fixes this issue. Please download version 4.15.45 and let me know if you have any more problems.

      Reply
  • AMU A
    On November 12, 2015 at 2:21 pm, AMU A said:

    Hello Eli,

    Thank you very much for your vey efficient help. All is ok now !!

    Best regards,

    Amu

    Reply
  • Ari Waknine
    On November 11, 2015 at 10:28 am, Ari Waknine said:

    I have installed your plugin, registered and gave a donation, but I have not received an email from you yet with my password. I have 2 other websites that I would like to add your plugin as well as give a donation for each upload, but do I need to register with different emails with my other sites?

    But my main concern is why I haven’t received an email with my password. Does it usually take long to receive an email after registering?

    Reply
    • Anti-Malware Admin
      On November 11, 2015 at 10:44 am, Anti-Malware Admin said:

      Your registrations email was sent out 45 minutes ago. Maybe it’s in your spam folder?

      At any rate you don’t need your password to register more site under the same account, just use the same email address when you register the other sites.

      Reply
  • Dayne
    On November 10, 2015 at 10:10 am, Dayne said:

    I just tried to install GOTMLS on one of my WP sites, and when I go to “settings” on it, I get: “You do not have sufficient permissions to access this page.”

    It’s worked fine on my other WP sites. Any thoughts on this?

    It’s also not showing up in my left sidebar like it did on my other WP sites.

    Thanks! Great plugin!

    Reply
  • Robin
    On October 26, 2015 at 10:56 am, Robin said:

    What does this page mean this page when I try to log into my site. How do I access my site adminnow.

    24705844

    You have been redirected here from fudgemental.com which is protected against brute-force attacks by GOTMLS.NET

    Reply
    • Anti-Malware Admin
      On October 26, 2015 at 8:40 pm, Anti-Malware Admin said:

      That Error Code refers to a JavaScript error on your login page. I just checked it and the JavaScript seemed to work fine for me. I did notice you were using a CAPTCHA plugin on the login page too, perhaps that was interfering. If you refresh the login page and there are no JavaScript errors then it should work for you.

      Reply
  • Sam Gridley
    On October 21, 2015 at 1:52 pm, Sam Gridley said:

    Hi, are you still considering adding a scheduled scan feature?

    Thanks,
    Sam

    Reply
  • Allison Bowlus
    On October 7, 2015 at 2:45 pm, Allison Bowlus said:

    Hello,

    Love your app. Thanks so much for it.

    I am trying to update definitions on two DreamHost sites, and get this error on a white screen of death for both sites:

    unused

    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, webmaster@drtedbowlus.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

    I am able to update definitions on other sites that are hosted elsewhere just fine and don’t get this error, so it seems to be DreamHost specific. I tried to contact DreamHost and they told me to contact you.

    Thanks so much in advance!

    Reply
    • Anti-Malware Admin
      On October 7, 2015 at 3:35 pm, Anti-Malware Admin said:

      I think Dreamhost must be blocking the JavaScript Update method. You should try the Automatic Update method, that works fine on any server even if the manual update method fails.

      Let me know if that works for you.

      Reply
  • Hannah
    On September 13, 2015 at 1:45 pm, Hannah said:

    Hi Eli,
    Thank you so much for your plugin. I just downloaded new definitions on my own art blog and did a complete scan of my site. It does not appear to be picking up 5 500 server errors that Sucuri is reporting, but I’m not sure if what I’m looking at is malware or not. Here’s what Sucuri says:
    Internal Server Error 500-error?v1

    What do you advise?

    Reply
    • Anti-Malware Admin
      On September 14, 2015 at 11:16 am, Anti-Malware Admin said:

      My plugin does not look for 500 errors, it scans the contents of the files on your server looking for malicious code.

      If it doesn’t find any known threats then this could be something new or it could be a server configuration error. You should check the error_log files on your server to see what is causing this error.

      Reply
  • Frank
    On September 13, 2015 at 8:23 am, Frank said:

    I installed your plugin the other day, but it’s blocking one plugin. WassUp Real Time Analytics. Any way to unblock it?

    Reply
    • Anti-Malware Admin
      On September 14, 2015 at 11:27 am, Anti-Malware Admin said:

      I don’t understand how my plugin would be blocking your analytics. Are you sure it’s not another plugin you installed?

      How can you tell your analytics is being blocked? If you deactivate my plugin is it still blocked?

      Reply
  • Ross Barbieri
    On July 31, 2015 at 7:20 am, Ross Barbieri said:

    Is there a way to completely uninstall the gotmls plugin. I believe I have corrupted settings, but deactivating and reactivating doesn’t help. I want to remove completely and do a clean install.

    Reply
    • Anti-Malware Admin
      On July 31, 2015 at 7:47 am, Anti-Malware Admin said:

      If you want to just wipe out all the settings and definitions you can delete all the records in the wp_options table where the option_name field starts with GOTMLS_ but that should not be necessary. I don’t see how the setting would have gotten corrupt in the first place but they would be corrected automatically whenever you save anything or run a scan. It is more likely that there is something else interfering. What are the symptoms you are experiencing?

      Reply
  • Alicia
    On July 7, 2015 at 2:31 am, Alicia said:

    I didn’t have any issues with the plugin earlier, but now I get the following error when trying to update the definitions manually. What could the problem be? Thanks in advance for the help.

    unused

    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, webmaster@blog.nrcprograms.org and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

    Reply
    • Anti-Malware Admin
      On July 7, 2015 at 6:21 am, Anti-Malware Admin said:

      This error indicates that the definition updates have been block by a firewall of some kind. If you have installed a firewall please try whitelisting your own IP address or even temporarily disabling the firewall to do the update. You could also check your error_log to see if there is anything indicating the reason for the error or ask your hosting provider why it’s being block and if there is a way around it. Otherwise, you could just just the automatic update feature, that should work for you in the situation.

      Reply
  • Victor
    On July 6, 2015 at 12:47 am, Victor said:

    Hi, I get this error when I log to wp dashboard:
    “Warning: unlink(/home/whitepea/public_html/wp-content/uploads/quarantine/.htaccess): Permission denied in /home/whitepea/public_html/wp-content/plugins/gotmls/index.php on line 659

    Warning: unlink(/home/whitepea/public_html/wp-content/uploads/quarantine/index.php): Permission denied in /home/whitepea/public_html/wp-content/plugins/gotmls/index.php on line 659

    Warning: rmdir(/home/whitepea/public_html/wp-content/uploads/quarantine): Directory not empty in /home/whitepea/public_html/wp-content/plugins/gotmls/index.php on line 664

    Warning: Cannot modify header information – headers already sent by (output started at /home/whitepea/public_html/wp-content/plugins/gotmls/index.php:659) in /home/whitepea/public_html/wp-includes/option.php on line 748

    Warning: Cannot modify header information – headers already sent by (output started at /home/whitepea/public_html/wp-content/plugins/gotmls/index.php:659) in /home/whitepea/public_html/wp-includes/option.php on line 749″

    I can’t delete files from ftp, because owner is 99.

    WordPress: 4.1.5
    Plugin: 4.15.28

    also, when I try to make a simple folder scan, I get into a loop “… Loading, Please Wait …”.
    How can I fix it? Thanks.

    Reply
    • Victor
      On July 6, 2015 at 12:51 am, Victor said:

      Also, I find this in error file:
      “PHP Warning: chmod(): Operation not permitted in /home/whitepea/public_html/change.php on line 34″

      Reply
      • Anti-Malware Admin
        On July 7, 2015 at 6:12 am, Anti-Malware Admin said:

        This chmod warning is caused by that change.php file which could be malicious. I would like to look at the contents of this file if you are willing the grant me access.

        Reply
    • Anti-Malware Admin
      On July 7, 2015 at 6:09 am, Anti-Malware Admin said:

      These warnings stem from the need to delete the old quarantine folder that was created by an older version of my plugin. The newer version of my plugin no longer needs this folder and is trying to get rid of it. I’m not sure why the permissions would have been changed on those two files in that directory, they were created by my plugin so they should be able to be removed by it too. You should be able to delete those files within the FileManager provided by your hosting control panel if not via FTP.

      I’m not sure why the scan would get stuck in a loop as you describe, I can look into this if you are willing to send me your WP Admin login.

      Reply
      • Victor
        On July 8, 2015 at 12:26 am, Victor said:

        Thanks for you answer.
        I try to delete this files with php script, with ftp and with cpanel, but still can’t delete them. As I see, the owner of folder and files are nobody (99). I think the scan get stuck in a loop because of this error. How can I delete them?
        Also, that file, change.php, no more exist on server.

        Reply
        • Anti-Malware Admin
          On July 8, 2015 at 8:08 am, Anti-Malware Admin said:

          You may need to have your host delete those files as root. You should also ask them how the permission would have gotten so messed up that you can’t delete them yourself.

          Reply
  • On May 13, 2015 at 11:11 am, Carlos C said:

    Your plugin is great, but i cant help me get rid of this:

    http://pastebin.com/z1rxMYqE

    …/wp-includes/nav-menu.php is infected with malicious code at line 465. Your plugin detected, clean, but the next day nav-menu.php is changed again. Any clues?

    (im a donator for you plugin in several sites)

    Reply
    • Anti-Malware Admin
      On May 13, 2015 at 11:51 am, Anti-Malware Admin said:

      So my plugin is removing the malicious code from that nav-menu.php file but the hack keeps coming back, right?

      You need to look for the vulnerability that is allowing the hacker to reinfect this site. You should look in the raw access_log file for any suspicious entries that coincide with the timestamp on the infected file. Look in the Anti-Malware Quarantine for the original infected time of that file and cross reference that time in the acccess_log file to see how it might have been hacked.

      Reply
      • On May 13, 2015 at 12:01 pm, Carlos C said:

        Where can i see the raw access_log file?

        Reply
        • Anti-Malware Admin
          On May 13, 2015 at 1:56 pm, Anti-Malware Admin said:

          That depends on your hosting. If your host provides a control panel then you might find it there. Otherwise you would need to ask your hosting company.

          Reply
  • george
    On May 7, 2015 at 12:33 pm, george said:

    Hi,
    I have a question, please.
    If i install your plugin on a single wordpress website, can i protect with your plugin all wordpress websites hosted on the same dedicated server?
    Do i have to change some settings on a single installation of your plugin to protect all wordpress websites hosted on a dedicated server?
    Or your plugin can protect only a single wordpress website?
    Thank you.
    George

    Reply
    • Anti-Malware Admin
      On May 8, 2015 at 6:22 pm, Anti-Malware Admin said:

      It is possible for my plugin to scan and fix threats on multiple sub-site installed on the same server, but the protection features only work on the domain that you have installed the plugin on.

      Reply
  • On May 2, 2015 at 6:38 am, Carlos C said:

    Hi, i make a 29 donation but my plugin doesnt update definitions, it tells me that the key is not registered…

    Reply
    • On May 2, 2015 at 6:55 am, Carlos C said:

      I see i use an incorrect site URL, can this be the reason?

      Reply
      • Anti-Malware Admin
        On May 2, 2015 at 7:53 am, Anti-Malware Admin said:

        I see your registration and your donation is correctly linked to it. Maybe you just need to click the button in the sidebar that says “Check for new Definitions” and then you can download the new definitions.

        Reply
  • Mike Sennikov
    On April 30, 2015 at 8:50 am, Mike Sennikov said:

    Hi!
    This is great plugin but after few days of using it i noticed an issue
    How could it be fixed?

    Headers already sent in /var/www/u0053080/public_html/putevida.ru/wp-content/plugins/gotmls/images/index.php on line 98.
    This is not a good sign, it may just be a poorly written plugin but Headers should not have been sent at this point.
    Check the code in the above mentioned file to fix this problem.

    Cannot send session cache limiter – headers already sent (output started at /var/www/u0053080/public_html/putevida.ru/wp-content/plugins/gotmls/images/index.php:98) in /var/www/u0053080/public_html/putevida.ru/wp-includes/plugin.php on line 496

    Reply
    • Anti-Malware Admin
      On April 30, 2015 at 9:27 am, Anti-Malware Admin said:

      There is nothing on line 98 of that file that would generate output. I suspect that my plugin may have been altered on your site and this alteration is causing that error. If you can send me the copy of that index.php file in /plugins/gotmls/images/ then I can tell you what the problem is. If you delete my plugin and re-install a fresh copy then you will not get that error.

      Reply
  • Jaime
    On April 28, 2015 at 12:34 am, Jaime said:

    Hi,

    I have activated your plugin and now I have a blank plugins page. I have try to rename the folder “gotmls” to “gotmls_old” but I still can´t access to the plugins page.

    Can you help me to fix it?

    Thanks!

    Reply
    • Anti-Malware Admin
      On April 28, 2015 at 7:06 am, Anti-Malware Admin said:

      If you renamed my plugin folder and that did not fix it then my plugin is not the source of your problem.

      You can check the error_log to see if there are any clues as to what is causing the white screen.

      Please let give me more info if you need more help.

      Reply
  • Edward Alexander
    On April 19, 2015 at 6:11 am, Edward Alexander said:

    I installed your plugin. Now I cant log in with my own password. I get this error:

    You have been redirected here from a site that is protected against brute-force attacks by GOTMLS.NET

    Whats going on and how do I fix this??

    Reply
    • Edward Alexander
      On April 19, 2015 at 6:22 am, Edward Alexander said:

      Never mind – suddenly I am able to log in when I tried again after a few minutes. Is login blocked for a specific time if entering the wrong password? Could that be the reason for the message above, if I first entered wrong password by misspelling it or so? The strange thing is that the message above came on first attempt at logging in – next time now that I managed it, I first wrote wrong password and got a normal wordpress message saying the password was wrong and asked me to try again, and I entered in with my correct password…

      Reply
      • Anti-Malware Admin
        On April 20, 2015 at 3:07 pm, Anti-Malware Admin said:

        My protection loads before the WordPress bootstrap so it has nothing to do with getting the password wrong. Too many attempts or a session timeout will trigger the redirect though. In your first post you left out the error number that would have told me what problem was with your first failed attempt, but I would guess it was a session timeout.

        Reply
        • Jade
          On April 23, 2015 at 2:01 pm, Jade said:

          I have the same issue now, I went to log in to a client’s website today and I’m getting this same error, the number is 2709137.

          What causes this problem?

          I’m going to delete the plugin for now so I can log in.

          thanks

          Reply
          • Anti-Malware Admin
            On April 23, 2015 at 2:15 pm, Anti-Malware Admin said:

            In your case this error number refers to a session timeout. Did you try just going back to the wp-login page and attempting to login again?

            I see that you also have Wordfence login security. I don’t think that would cause any conflict but maybe you could try just using one or the other and not both, just to see if that makes a difference.

            If you ever get the NO_SESSION error in the future just try refreshing the wp-login page before you try to login again and it should work fine.

  • Suzanne Black
    On March 28, 2015 at 7:28 am, Suzanne Black said:

    When I click “Install Patch”, it doesn’t do anything. Why? Thank you

    Reply
    • Anti-Malware Admin
      On March 30, 2015 at 9:26 am, Anti-Malware Admin said:

      Thanks for sending me your login so that I could look into this, it gave me the opportunity to see a rare error caused by the unusual permissions on your wp-config.php file. I was able to find a workaround and I patched my plugin on your site so that it would be able to access that file to make the necessary additions. I will be incorporating this change into my next plugin update.

      Thanks again for allowing me into your site to have a first-hand look at this issue.

      Reply
  • Gabe
    On March 26, 2015 at 3:18 am, Gabe said:

    Hi there,
    Your plugin is awesome!! I always recommend to my clients, and they love it.
    I never had any problem with it.
    But one of my clients website seems to bad :( This msg i got after scan:

    fixing /home/neriumchina/public_html/wp-content/themes/swell/layouts/option.php …
    Warning: fileperms(): stat failed for /home/sanyi77ua/public_html/wp-content/uploads in /home/neriumchina/public_html/wp-content/plugins/gotmls/images/index.php on line 410
    Failed!

    Also 1 read and write error. It can not repair any infected files :(

    Please give me an advise where to start.

    Thanks
    Gabe

    Reply
    • Anti-Malware Admin
      On March 27, 2015 at 11:23 am, Anti-Malware Admin said:

      I just released an update that fixes that PHP Warning you got and also gives more descriptive reason for why it might have failed to fix that file.

      Please download the plugin update version 4.14.65 and let me know what results you get after that. If I had to guess, I would say that your uploads directory inside wp-content is not writable and a quarantine folder could not be created. You must have a valid/writable quarantine folder before my plugin will fix any infections. Check the permissions on the upload directory and let me know if I can be of any further assistance.

      Reply
  • Laura Brijde
    On January 31, 2015 at 6:26 am, Laura Brijde said:

    Help! I’m panicking!

    I activated the 2-authentic identification tool out of precaution for my website. Now when I clicked on ‘save’ button it logged me out of WordPress. I tried to log in again with my correct password and received the message ‘Login is protected by 2-factor authentication. If your login details were correct, you will have received an email to complete the login process.’ Now the thing is, I’m not receiving ANY email! This means I’m not able to log in to my account!

    Please help me, this is very urgent! The only e-mail I’m receiving is from Sucuri ‘Failed login attempt’, which is obviously me.

    Reply
    • Anti-Malware Admin
      On January 31, 2015 at 7:22 am, Anti-Malware Admin said:

      This is GOTMLS.NET not sucuri.net … my Anti-Malware plugin does not have a “2-factor authentication” feature to lock you out of your own site.

      It sounds to me like you need to contact Sucuri directly.

      Reply
  • Tina Granzo
    On January 29, 2015 at 1:48 pm, Tina Granzo said:

    Two of my clients can’t log-in to their WordPress dashboard anymore. They are on an in-house network, so they both appear to the web to have the same IP address. I am 3000 miles away from them and can log-in as both of them with no problem. I tried whitelisting their IP address in our firewall plug-in, but that didn’t help. The message they see when they try to log-in is:

    857255

    You have been redirected here from [domain name] which is protected against brute-force attacks by GOTMLS.NET

    Can you tell me what I need to do so that they don’t register as potential brute force attackers?

    Reply
    • Anti-Malware Admin
      On January 30, 2015 at 3:26 pm, Anti-Malware Admin said:

      That error code you sent me (857255) corresponds to a combination of all four of the following errors:
      SERVER_REMOTE_ADDR NOT SET!
      SERVER_HTTP_HOST NOT SET!
      SERVER_REQUEST_URI NOT SET!
      SERVER_HTTP_USER_AGENT NOT SET!
      These error are exactly the kind of errors you would get if a hacker was brute-forcing the login and spoofing the server variables. It makes sense that they might get a lot of the same kind of errors if they were trying to connect internally so this type of protection my not be the right solution for this type of situation. Since you can login from your location you should go into the admin and Disable the Brute-Force Protection on the Anti-Malware Settings page so they can login.

      Please let me know if there is anything else I can do to help.

      Reply
  • Margaret Aranyosi
    On January 9, 2015 at 11:23 am, Margaret Aranyosi said:

    Works exactly as expected. I found this after beating my head against repeated infections of the same site. It found & repaired the vulnerability I kept missing (hidden in a legitimate file that I was sure I had previously replaced!). I will definitely use this with all my clients’ sites. Thanks!

    Reply
  • spilomac
    On January 7, 2015 at 8:45 am, spilomac said:

    Hello,

    I want to add Brute Force Protection but I have an error:

    Warning: file_put_contents(/home/sqiijgpv/public_html/wp-content/plugins/gotmls/../../../wp-config.php): failed to open stream: Permission denied in /home/sqiijgpv/public_html/wp-content/plugins/gotmls/images/index.php on line 757

    My version 4.14.54 and WordPress 4.1

    thank you

    Reply
    • Anti-Malware Admin
      On January 7, 2015 at 12:42 pm, Anti-Malware Admin said:

      You need to change the permissions on the wp-config.php file so that it can be written to by your webserver. If your not sure what the permissions should be you can compare that file to other files that are writable. If you want me to look at it for you then you can send me your WP Admin login and I’ll fix it for you.

      Reply
  • AG Administrator
    On December 30, 2014 at 12:20 pm, Allagash Administrator said:

    Hi there. Installed latest update: Version 4.14.53, and not the plug in cannot connect to your servers to check for updates and definitions. Both processes are stuck on ‘searching for updates’.

    I have seen other posts about this issue on the WordPress site.

    Thanks

    ML

    Reply
  • Erick
    On December 30, 2014 at 8:34 am, Erick said:

    Hi, I just installed this plugging in our site, the reviews are great, but for some reason the pluggin can not connect to your servers, this is for the sections Definition Updates and the Pluggin Updates. So I cant even register. please advise

    Reply
    • Anti-Malware Admin
      On December 30, 2014 at 8:43 pm, Anti-Malware Admin said:

      I fixed this in version 4.14.54, just released. Please update and let me know if you have any other issues.

      Reply
  • Dale Seiler
    On December 9, 2014 at 5:43 am, Dale Seiler said:

    Hey Eli,

    Getting Brute force attacks on my wp-login.php files on a couple sites. Installed your plugin, but it’s not giving me the option to update the wp-login update after a scan. The “Found 0 WP-Login Updates just stays green?

    Reply
    • Anti-Malware Admin
      On December 14, 2014 at 7:33 am, Anti-Malware Admin said:

      Try the new version I just released, it has the option to Enable Brute-Force Protection right from the settings page.

      Reply
  • GJ FO
    On December 6, 2014 at 4:29 pm, GJ FO said:

    Hi Eli,

    Sucuri found MW :SPAN :SEO on the website.

    I ran your script once and find 6 Known treats that I delete. I ran your script once more and found another Known treat that I also delete. The third time there were no Known treat but Google Webmaster tools still shoes contaminated pages. Some of them are included in 404 pages. Sucuri tell the website clean.

    Is there another category or migration through a new MW:SPAM:SEO in this website?

    I have just sent you a pm with url and admin

    Reply
    • Anti-Malware Admin
      On December 6, 2014 at 6:15 pm, Anti-Malware Admin said:

      I don’t see any malware on your site. It sounds like you already removed it with my plugin. Have you requested a review in your Webmaster Tools? It may take some time for Google to lift that warning. Are the dates on the contaminated pages in your Webmaster Tools before or after you cleaned them?

      Reply
  • philip matthew salt
    On November 5, 2014 at 10:29 am, philip matthew salt said:

    Hi there Eli,

    I am getting the following error within the php error log:

    WordPress database error Table ‘DATABASENAME.wp_options’ doesn’t exist for query SELECT substring_index(option_name, ‘/’, -1) AS `mt`, option_name, option_value FROM wp_options where option_name like ‘GOTMLS_scan_log/%’ ORDER BY mt DESC LIMIT 1 made by do_action(‘toplevel_page_GOTMLS-settings’), call_user_func_array, GOTMLS_settings, GOTMLS_scan_log

    Infront of the database name is a prefix. Looks like Anti-Malware and Brute-Force Security plugin doesn’t want to recognise the prefix. May be I am barking up the wrong tree. Thanks in advance. Phil

    Reply
    • Anti-Malware Admin
      On November 5, 2014 at 10:35 am, Anti-Malware Admin said:

      Thanks for reporting this bug. I am aware of this problem, it has to with me hard-coding the table name `wp_options` in one of my queries instead of using the the dynamic wpdb variable name. I have already fixed this bug in the next release of my plugin, which should be finished and available to download by this weekend.

      Reply
  • Liviu
    On October 9, 2014 at 2:16 am, Liviu said:

    Hello,

    I used for first time your plugin…but after every scan and auto fix I try to do another scan..result: I have approx the same Known Threats

    first scan: http://prntscr.com/4ugq9q
    second: http://prntscr.com/4uh2f3

    Its ok ? If not, is anything what I must do?

    Thank you!

    Reply
    • Anti-Malware Admin
      On October 13, 2014 at 7:40 am, Anti-Malware Admin said:

      Your screenshots show that it is not fixing all the threats in one click. You are getting a message “Fixed 80 threats, but could not fix the rest, try fixing again…”

      Just click the Automatic Fix button again each time it says that until it fixes them all. You don’t need to rescan each time you click Fix. Just get them all fixed first and then rescan to make sure you got them all.

      Reply
  • Gavin Leahy
    On October 4, 2014 at 10:44 am, Gavin Leahy said:

    Hi there … I’ve just installed your plugin but when I go to try activate it it comes up with the following error:

    “Plugin could not be activated because it triggered a fatal error.”

    I’m using WordPress 4.0 with the Avada Theme and woocommerce. I have read through your forum and see you mentioned on: On May 13, 2013 at 5:54 am, Anti-Malware Admin said:

    “Your server cannot write session files because it does not have write permission to the /tmp directory. My workaround for this is to add the following line of code to the top of the gotmls/index.php file:”

    if(!session_save_path()) session_save_path(dirname(__FILE__).’/images/’);

    I added in the above code and still no luck!

    ANY Suggestions??

    Reply
  • Jessica Blum
    On August 1, 2014 at 6:35 am, Jessica Blum said:

    Hi,
    I just downloaded this plug in and when I ran it on my site, most of the plug ins were deactivated “due to an error: The plugin does not have a valid header.” And the website header disappeared too.

    Reply
    • Anti-Malware Admin
      On August 1, 2014 at 9:58 am, Anti-Malware Admin said:

      Thanks for sending me you WP Admin login. The first thing I found was that you had not downloaded the lasted Definition Updates for my plugin. I did this right away and then my plugin was able to find and fix all those plugins with corrupted headers. There were about 500 infected PHP file that had malicious PHP code injected at the top which was causing all the plugin headers to be misread by WordPress, but they are all clean now.

      I have scanned the root directory for more threats, and found the whole site had more hundreds of infected files. It took some time to finish the whole scan but it looks like it’s all clean now. All the infected files are backed up in the Quarantine in case you need to see them or restore any of the files I have cleaned. You can now reactivate all the plugin you need from within your admin.

      I feel I should warn you that your current hosting provider is not very good, they are running a old version of apache that has know security holes and there are limitation on your hosting account that made it take a long time to run this scan and fix all those threat. I got this error message more than once and it was a real hindrance: “This account has reached its limit of concurrent processes.”

      It is possible, even likely, that your site will get hacked again soon. You should consider looking for better hosting. I offer Super Secure Hosting for people like you who have been hacked and need a safer place to host their site. It’s not as cheap as your typical shared hosting but it’s way safer. Let me know if you’re interested.

      Reply
  • jon sherwood
    On July 8, 2014 at 12:26 am, jon sherwood said:

    hi we have recently received notification from a customer that our site is showing as Site Potentially Harmful Sucuri.net says my site has been blacklisted. I installed your plug in, it has found 7 Potential Threats, but, I cant seem to fix them. What do I do? Please Advise.

    Reply
    • Anti-Malware Admin
      On July 8, 2014 at 8:22 am, Anti-Malware Admin said:

      The Potential Threats are usually not malicious code so they should not be removed without confirmation, but it’s a good place to start looking if my plugin did not find any Known Threats. Once the treat has been removed you will still need to request a review to get off the blacklist.

      I don’t see anything fishy on your site so it may already be clean but if you still have a threat actively showing up on your site and would like my help finding it just send me your WP Admin login and I’ll take a look.

      Reply
  • rio tups
    On March 20, 2014 at 11:30 pm, rio tups said:

    help !! Warning: Your Website Has Been Blacklisted!
    what should i do…

    Reply
    • Anti-Malware Admin
      On March 20, 2014 at 11:39 pm, Anti-Malware Admin said:

      Go to the Malware or Security section of Google Webmaster Tools. That will tell you what they found. If you have already cleaned up that threat then just Request a Review on that same page.

      Reply
  • Frances Stark
    On September 25, 2013 at 3:38 pm, Frances Stark said:

    Hello!
    I tried to “fix” one bad link on my site, and now my site is broken. I do not see a revert button. Where is it? Do you have any suggestions? The site is francesstark.com/wp .

    Thanks!!!
    Sydney

    Reply
    • Anti-Malware Admin
      On September 25, 2013 at 5:05 pm, Anti-Malware Admin said:

      The restore option is on the Quarantine page. Select the files you want to revert back to and click the “Restore …” button.

      I am more interested in why your site broke. This malware that was removed may be linked by another malicious file on your site. If you would be willing to send me your WP Admin login I would love to take a look at it for you.

      Reply
    • Anti-Malware Admin
      On September 26, 2013 at 5:32 pm, Anti-Malware Admin said:

      Thanks for sending me your login credential. I updated the definitions and my plugin was then able to remove that malicious code from the header file without breaking the theme.

      I also expanded the search range of the plugin so that you can scan your entire domain and not just the wp folder that WordPress is installed in. You should run a Complete Scan of the whole domain now to make sure there are no other threats or vulnerabilities (it will take a while to run through all those sub-directories but you need to know that it’s all clean or it may come back.

      Please let me know if you find anything else that you need help with.

      Reply
      • Frances Stark
        On October 23, 2013 at 12:55 pm, Frances Stark said:

        Hi Eli,

        Thank you so so so much for your help. The scan came back clean. We are so grateful!

        All the best to you.

        Reply
  • Gigi
    On September 18, 2013 at 6:13 pm, Gigi said:

    I have your plugin on my WP based site. However, recently I’ve had a Viagra ad on the page as it first uploads, then the Viagra script disappears. I can see this happen on my cell phone, but not all PC’s or mac’s experience this issue. Anything you can do to help me? Thanks!!

    Reply
    • Anti-Malware Admin
      On September 18, 2013 at 7:42 pm, Anti-Malware Admin said:

      My plugin should be able to remove this threat automatically. If it is not working for you as intended can you give me access to your WP-Admin so I can take a look?

      Reply
  • James Gardiner
    On September 8, 2013 at 9:44 am, James Gardiner said:

    Hi My WP blog has recently been highlighted by Google as spreading malware, I installed your plugin and scanned it found no errors but a ton of suspect files most using eval but I simply can’t tell if these calls are legit. Would appreciate some guidance on what to look for as the malware is still present.

    thanks

    James

    Reply
    • Anti-Malware Admin
      On September 8, 2013 at 11:56 am, Anti-Malware Admin said:

      If you can send me your WP Admin login I will look through the potential threats to see which one is causing this malicious output and update my definitions to flag it as a know threat so that it can be automatically removed.

      Reply
      • Peter Watkins
        On January 15, 2014 at 10:21 pm, Peter Watkins said:

        the same thing is happening on my site as well

        Reply
        • Anti-Malware Admin
          On January 16, 2014 at 5:58 pm, Anti-Malware Admin said:

          Thanks for sending me your login.

          I found this new threat in you footer, added it to my definition updates, and removed it from your site.

          I also Requested a Review in Google Webmaster tools so you should see that warning going away soon.

          Aloha, Eli

          Reply
  • John Hawkins
    On September 6, 2013 at 7:22 am, John Hawkins said:

    Hello, I recently had to reinstall all of my wp sites because of malware infection. Within 1 day they had already gotten infected again. This Anti-Malware worked perfectly. But I have 3 wordpress sites and I have installed the anti-malware on 2 of them. Is there a way other than transferring the registration from one to the other? Also I noticed that my donation did not show up, it was like I created a new acct. I would like to install this on all of my wordpress sites. Count on me for a monthly donation

    Reply
    • Anti-Malware Admin
      On September 6, 2013 at 7:48 am, Anti-Malware Admin said:

      You can install and register my plugin on all three site on the same account (or three different accounts if you like). When you re-register the the site you made a donation from on your account you should see that donation on you account again. Please try installing and registering my plugin on all three sites and let me know if you have any trouble with that.

      Reply
  • Patrick Cohn
    On September 6, 2013 at 3:13 am, Patrick Cohn said:

    When I do a scan of my site, it tells me that FlowShield and Wishlist Member plugins are “backdoor sccripts”. How do I know if they are corrupted plugins?

    Patrick

    Reply
    • Anti-Malware Admin
      On September 6, 2013 at 6:43 am, Anti-Malware Admin said:

      I don’t know about FlowShield but I am pretty sure that Wishlist Member is a false positive. If you can zip up both plugins and send them too me I can check them myself and let you know. They can be whitelisted but I would only do that if I was sure there are safe. Alternatively If you want to send me your WP Admin login I will check them in-place.

      Reply
  • Clifford Hickton
    On August 22, 2013 at 9:32 am, Clifford Hickton said:

    Hi Eli,

    I have had my site re-scanned and the result is still infected. Your Plugin has failed to remove the Malware. Please advise

    Reply
    • Anti-Malware Admin
      On August 22, 2013 at 9:42 am, Anti-Malware Admin said:

      Thanks for sending me your WP Admin login credentials. I am scanning you site now and Will have results for you soon. There may be some new variants of malicious threats that are not identified in my definitions yet. Please give me a little time to find them and add them to my definition update and we can get you all cleaned up.

      Reply
  • Mike
    On August 15, 2013 at 2:20 pm, Mike said:

    Hi i have web site
    half in .html and plus in folder instal wordpress
    now i have virus
    Blackhole Exploit Kit 2726
    how to remove?
    tnx

    Reply
    • Anti-Malware Admin
      On August 18, 2013 at 9:07 am, Anti-Malware Admin said:

      Have you tried a Complete Scan with my Anti-Malware plugin?

      What have you already tried and what results have you gotten?

      Reply
  • Gabriel Quiroga
    On July 30, 2013 at 3:38 pm, Gabriel Quiroga said:

    I have run the scan and having problem removing the malware from my site. I am new to this and trying to remove the malware without breaking the code. Any help would be greatly appreciated.

    Reply
    • Anti-Malware Admin
      On July 30, 2013 at 3:46 pm, Anti-Malware Admin said:

      If you send me you WP Admin login I will see what I can do for you. You can email your credentials directly to me: eli AT gotmls DOT net

      Reply
  • Jenny
    On July 29, 2013 at 8:07 am, Jenny said:

    Hello,

    I just installed your plugin as the site I admin had been hit with malware. I ran the scan and cleaned the infected files, however, we’re still seeing the malware listed when I do a check with Securi. I also see the malware when I try to place a link to our website on Facebook it shows a paragraph about employment and viagra in the description. Any suggestions?

    Thanks!

    Reply
    • Anti-Malware Admin
      On July 29, 2013 at 8:32 am, Anti-Malware Admin said:

      sucuri.net caches their scan results. I when I just scanned your site on sucuri.net it showed your infections and said the results were from two days ago. So I clicked on rescan and it showed your site is now clean.

      Please let me know if there is anything else I can do for you.

      Reply
  • set nan
    On July 12, 2013 at 4:14 am, set nan said:

    Hi How are you. I’m totally clueless as to how to remove the malware, my site has been flagged by google I was wondering if you could help. I have your plugin on my site and it located potential malware but I dont know what to do.

    Thanks

    Reply
  • Tammy Hawk-Bridges
    On June 25, 2013 at 6:35 am, Tammy Hawk-Bridges said:

    Hi there I am trying to register but it wont take my key.

    Thanks!

    Reply
    • Anti-Malware Admin
      On June 30, 2013 at 5:58 pm, Anti-Malware Admin said:

      Sorry, I was traveling… It looks like you got registered ok.

      Is there anything you still need help with?

      Reply
  • alex
    On June 21, 2013 at 10:35 am, alex said:

    hi eli, i’m using your plugin since a few weeks and today I’m not able to login, error message: Parse error: syntax error, unexpected T_STRING in /web/htdocs/www.visionphoto.it/home/blog/wp-content/plugins/gotmls/safe-load.php on line 34

    can you help me?

    thanks a lot, alex

    Reply
    • Anti-Malware Admin
      On June 21, 2013 at 1:36 pm, Anti-Malware Admin said:

      I’m not sure how your file got corrupted but you can just replace it with a fresh copy from the WordPlugin Plugin Repository here:
      http://plugins.svn.wordpress.org/gotmls/trunk/safe-load.php

      if this error is preventing you from loging into you admin then just delete that file so that you can login, then you can delete and re-install the whole plugin if you need to.

      Please let me know if you need any more help with this.

      Reply
  • Greg Roth
    On June 19, 2013 at 3:39 pm, Greg Roth said:

    Hi, I went to my WP admin page and I cannot find the plug in and it is not showing up on my dashboard or settings. I tried to reinstall but it says that I already have it in a folder. Can you tell me what happened to the plug in?

    Reply
    • Anti-Malware Admin
      On June 19, 2013 at 3:53 pm, Anti-Malware Admin said:

      Try deleting the gotmls folder in the plugins directory and then re-install.

      WordPress must have hiccuped when you did an update and left behind an empty folder.

      Reply
  • John
    On May 23, 2013 at 1:15 pm, John said:

    Help! I installed your plugin and now my entire site is down!

    Fatal error: Unknown: Failed opening required ‘/data/5/0/52/144/215633/user/219093/cgi-bin/.php/sessions/sess_3fa452ae65160f235f6c2a14d3c5603f’ (include_path=’.:/usr/services/vux/lib/php’) in Unknown on line 0

    What can I do?

    Reply
    • Anti-Malware Admin
      On May 23, 2013 at 2:51 pm, Anti-Malware Admin said:

      It sound like your server is having problems reading the session files. Can you send me your URL so I can see what’s wrong. If you are still not able to load your site you can delete gotmls from the plugins directory. I would like to get in there and fix it for you if you are willing to give me access to your site.

      Reply
  • John Barry
    On May 22, 2013 at 6:31 am, John Barry said:

    How do I un-quarantine all my files?
    I tried the restore quarantined files button but it does not work.

    It put important files in there and I need them back.

    Reply
    • Anti-Malware Admin
      On May 22, 2013 at 7:16 am, Anti-Malware Admin said:

      You should be able to restore files from the quarantine by checking the box and clicking the restore button. Note that the quarantined files should then be copied back into their original locations but a copy will remain in the quarantine too. Are you getting any permission errors when trying to restore?

      Also, were these files wrongly flagged as a threat? I would like to know why you want to restore them so that I can add them to the whitelist if there is really no malicious code in them.

      Reply
      • John Barry
        On May 23, 2013 at 7:32 am, John Barry said:

        I don’t believe they are getting copied back.
        They are all the files for the wishlist member plugin.

        Reply
      • John Barry
        On May 23, 2013 at 7:45 am, John Barry said:

        scratch that. I got it fixed. Thank you

        Reply
        • Anti-Malware Admin
          On May 23, 2013 at 6:21 pm, Anti-Malware Admin said:

          That’s great, Thanks for letting me know.

          I am working on a white-list for that wish-list plugin but for now you can just add it to the directory exclude list on the Scan Settings page.

          Reply
  • kundan singh
    On May 14, 2013 at 2:14 pm, kundan singh said:

    Hi Eli
    we go a mail from Microsoft that your site is malware infected when i run AVG
    online website scanner http://www.avg.com.au/resources/web-page-scanner/
    through this link we got a message Potentially Active Threats Blackhole Exploit Kit
    in my website http://www.echnologix.com can u explain me hot to remove this one from
    my website or is this a fake result shown by AVG because we have run another
    scanner and didn’t got anything like that please help me out of this please.
    Regards
    kundan singh

    Reply
    • Anti-Malware Admin
      On May 15, 2013 at 10:33 am, Anti-Malware Admin said:

      I’m not sure if you are still infected. I don’t see any obvious signs of infection from the outside of your site.

      If you think you may still be infected you can give me your WP Admin login and I’ll check it out for you.

      Reply
  • Wayne Dibble
    On May 13, 2013 at 1:52 am, Wayne Dibble said:

    Hi,
    I just installed your latest update, I got this error message: Plugin could not be activated because it triggered a fatal error.

    I uninstalled and tired to install fresh plug in – same error.. I am currently unprotected – how do I get your plug in to activate properly?

    Thanks
    Wayne

    Reply
    • Anti-Malware Admin
      On May 13, 2013 at 5:54 am, Anti-Malware Admin said:

      Sorry about that. I remember your special case from last time. You server cannot write session files becasue it does not have write permission to the /tmp directory. My workaround for this is to add the following line of code to the top of the gotmls/index.php file:

      if(!session_save_path()) session_save_path(dirname(__FILE__).’/images/’);

      Reply
  • D B
    On March 9, 2013 at 4:03 pm, D B said:

    Hi,
    I installed your plugin after reading the great reviews but unfortunately I cannot get it to complete a full scan. It will start to do a quick scan but then gives me the memory allocation warning. I am running on a windows server and seem to have been hacked as the site is going down about three times a day with no apparent problems.

    I wonder if you could take a look at it for me or let me know what I need to do to get it working.

    Thanks in advance!

    Reply
    • Anti-Malware Admin
      On March 9, 2013 at 5:30 pm, Anti-Malware Admin said:

      I would love to take a look at it for you. If you send me your WP Admin credentials I’ll get right on it.

      You can email my login directly to me: eli at gotmls dot net

      Reply
  • Luigi Martinez
    On March 4, 2013 at 10:58 am, Luigi Martinez said:

    I having some type of bug at the top of my dashboard like this =

    Notice: Undefined index: timthumb in /home/czlahafy/domains/efezmedia.com/public_html/wp-content/plugins/gotmls/index.php on line 1105

    Notice: Undefined index: htaccess in /home/czlahafy/domains/efezmedia.com/public_html/wp-content/plugins/gotmls/index.php on line 1105

    Notice: Undefined index: known in /home/czlahafy/domains/efezmedia.com/public_html/wp-content/plugins/gotmls/index.php on line 1105

    Notice: Undefined index: backdoor in /home/czlahafy/domains/efezmedia.com/public_html/wp-content/plugins/gotmls/index.php on line 1105

    Reply
    • Anti-Malware Admin
      On March 4, 2013 at 11:21 am, Anti-Malware Admin said:

      Thanks for posting this Notice and for sending me your WordPress Admin credentials (That made it very easy to fix).

      I will include this fix in my next plugin update that I will be releasing soon, so that anyone else with PHP Notices turned on will also stop getting this message.

      Reply
  • Chris Buckelew
    On February 28, 2013 at 2:08 am, Chris Buckelew said:

    My site won’t download the known definitions file. Is there a way to download them from your site and then ftp up to my site?

    Reply
    • Anti-Malware Admin
      On February 28, 2013 at 5:45 am, Anti-Malware Admin said:

      There is currently no way for you to download this files manually but I am working on it. If you have that firewall plugin you should try turning it off while you download the update or whitelist your IP. If that doesn’t solve the issue you are having I will email you the definition update file.

      Reply
  • Kim Hadley
    On February 19, 2013 at 4:13 am, Kim Hadley said:

    I can’t tell if the plugin is doing anything. I ran a complete scan and it found 2 known threats. So I clicked to repair them automatically. Then I get the pop up box that says, “Loading results, please wait.”….and that’s as far as it gets. If I click on the buttons that says, “It’s taking too long, I can’t wait” then I get a box that says “Fixing….”…but it has been doing that for quite awhile, with no change to the screen. How do I tell if it’s doing anything?

    Reply
    • Anti-Malware Admin
      On February 19, 2013 at 9:43 am, Anti-Malware Admin said:

      It sounds like my plugin is not able to fix these two files that it has found infections in. I have never seen it get stuck at that particular place before. Perhaps you would be willing to allow me access to your WP Admin, I would like to check it out first hand and improve my plugin so that it can overcome this obstacle for you (and others that may have the same trouble).
      If you would like my personal help in this matter please send me some WP Admin credentials to: eli at gotmls dot net

      Reply
  • Taleed Sabawi
    On February 8, 2013 at 2:13 pm, Taleed Sabawi said:

    Hello!
    I have installed the plugin and now all of my links have been broken (which I heard may happen) and I can no longer get into my wordpress panel. It seems that the link I used before is not the right link.

    Is there anyway you can help?

    Thanks!

    Reply
    • Anti-Malware Admin
      On February 8, 2013 at 2:22 pm, Anti-Malware Admin said:

      I can certainly help but I’ll need to get the admin working for you before I do anything else. Can you provide FTP access to the site? You can email credentials directly to eli at gotmls dot net

      Reply
      • Taleed Sabawi
        On February 8, 2013 at 3:16 pm, Taleed Sabawi said:

        Thank you so much for your quick reply! I have sent you an email with the information. Please let me know if you need anything else.

        Reply
        • Anti-Malware Admin
          On February 9, 2013 at 9:38 am, Anti-Malware Admin said:

          No problem. Thanks for the FTP credentials, it was your htaccess file that was redirecting all the pages so that you could not even login. Now that it’s fixed you should be able to run a Complete Scan for malware. Please let me know if you need any more help. And thanks for your donation!

          Reply
  • Daniel Nemzer
    On December 4, 2012 at 2:11 pm, Daniel Nemzer said:

    I run many websites and I keep having to secure my websites but I guess I keep be hacked and I don’t know about it. So i have these questions that would solve this problem for me and probably many others.

    Can this script be automated and scheduled to automatically remove known threats? and can all the results be sent to a log file while its being run in a non interactive mode? Can this be run through linux script and set up cron.

    Please send me any info that could help solve my issue.

    Reply
    • Anti-Malware Admin
      On December 4, 2012 at 3:26 pm, Anti-Malware Admin said:

      I’m happy to help. I am working on a Scheduled Scan feature that involves a non-WordPress Wrapper so it can look forward to that very soon.

      Continual removal is not a very good solution to your issue of repeated re-infection. There must be some undetected threat or vulnerability on your server that is causing or allowing the re-infections. I would be willing to look into your issue and find the source of the problem if you could give me WP Admin access to your site (FTP way help me too).

      Reply
  • Rafael Alencar
    On November 25, 2012 at 7:41 am, Rafael Alencar said:

    First of all: sorry for my bad english because I’m from Brazil and here we speak portuguese not english.
    I have been infected. The issue is that a link (download.cnet.com/YouTube-To-MP3/3000-2071_4-75810474.html) is automatic added to 3 posts of my site. Every time that I manually delete them they comeback in another place of the same post. I tried to run your plugin but I had a read/write error. So my web folder can’t bee scanned. I had to take off the infected posts and put them in private mode. download.cnet used to be a good site. If you help me I’ll do a good donate to you.
    Help me!

    Reply
    • Anti-Malware Admin
      On November 26, 2012 at 7:12 am, Anti-Malware Admin said:

      First of all: Don’t apologize for your English, it’s not that bad, and I can’t speak Portuguese at all!

      As for your infection: This sound different from most of the problems I’ve seen. It may be something new that my Plugin is not equipped to handle yet. I could take a closer look at it and maybe find the source of the infection if you can give me WP Admin credentials for your site. I could also take a look at that Read/Write error for you.

      Reply
  • Tim Snow
    On November 14, 2012 at 5:00 pm, Tim Snow said:

    Dear Admin,

    Sucuri.net says my site is infected with malware. I installed your plug in, it shows me possible infections, but, I cant seem to delete/remove them. What do I do? I love supporting companies like yours, I just want to make sure that I get help. I have 10-20 infected sites in the same hosting. Can you help me? Please Advise, Tim Snow

    Reply
    • Anti-Malware Admin
      On November 14, 2012 at 5:55 pm, Anti-Malware Admin said:

      I just updated the definitions. Try Downloading the new Definitions Update and run the scan again and let me know if it finds it or not.

      Reply
  • Jeffrey Titamer
    On November 1, 2012 at 11:15 pm, Jeffrey Titamer said:

    Hey, Great Program I Hope and actually believe this will be a Huge success!

    I have Two suggestions though.

    Add A Link to the website inside the Scan Settings Page in your next update.

    Provide us some banners or other creative and solicit help by advertising this also.

    Happy Holidays!
    Jeff T.

    Reply
    • Anti-Malware Admin
      On November 6, 2012 at 1:47 am, Anti-Malware Admin said:

      Thanks for the suggestions. I have added a small banner that you can copy and put on your site. You can get the code by hovering over the “Malware Protection” banner on the right sidebar of any page on GOTMLS.NET (right under the Donate button).

      There should already be links to my site on your Scan Settings Page.

      Reply
  • Archie Lopez
    On October 12, 2012 at 6:49 pm, Archie Lopez said:

    hello Sir,

    This is so helpful and thanks for this site our wordpress site alive again

    more power and ill donate soon as possible

    God Bless

    Reply
  • Leonie Marinovich
    On October 9, 2012 at 9:41 pm, Leonie Marinovich said:

    Hi, I have tons of suspected files, I have registered your plug-in on 3 of my sites all hosted by the same host. EVERYTHING is infected. Sitelock is scanning and repairing, but the infections are back within a day,

    Please help,

    Thanks for your plugin, I love it so far

    Reply
    • Anti-Malware Admin
      On October 9, 2012 at 10:14 pm, Anti-Malware Admin said:

      Thanks for your donation. I am happy to help you in any way I can.

      If the infections are coming back it is likely that there is still a security hole. Are you scanning for timthumb vulnerabilities? My plugin can fix them by automatically upgrading any timthumb files to version 2.8.10.

      Also, if this is a shared server, there may may be infected files at the root level. If you are willing to give me access to your WordPress Admin I can make some tweaks to my plugin on your site so that you can scan the root level directory and all the sites on your server at once. I could also go through the “Potential Threats” and verify that there is nothing malicious there.

      Reply
      • Jeffrey Titamer
        On November 1, 2012 at 11:23 pm, Jeffrey Titamer said:

        Hey, Anti-Malware Admin… What’s your name?

        I’ll give you another $20 donation if you can do that “Above” for my web host. I have several domains on my web host some with dedicated IPs so I don’t know how that would work. However, instead of installing that on all of the sites could it be set up from one and run scans for all? Or possibly you could set up a WP Install on the root IP that way I believe would be one solution anyway.

        Reply
        • Anti-Malware Admin
          On November 10, 2012 at 7:18 am, Anti-Malware Admin said:

          I have updated your registration to extended the scan one directory level higher. Hopefully this did the trick for you. Please let me know if you need more.

          Reply
  • Dennis Crawford
    On October 2, 2012 at 1:18 pm, Dennis Crawford said:

    Help! I didn’t see that you solved the multi-site registration issue and want to change the email address that I used to register your site to coincide with my paypal account. It’s easier that way :)

    How do I delete the user registration and change it to a different email address? Thanks! GOOD WORK!

    Reply
    • Anti-Malware Admin
      On October 2, 2012 at 2:51 pm, Anti-Malware Admin said:

      Create a new registration for the email address you want to use and then login to the old one and transfer your registrations to the new address.

      Reply
  • Will Chapman
    On September 19, 2012 at 4:07 am, Will Chapman said:

    Eli

    I have been getting loads of warnings in my error_log file and they appear to be caused by the process you use to strip out malware code in index.php.

    Basically, there appear to be two unwanted effects of the stripping-out process:

    1. There is a blank line above the marker is missing.

    As I expect you know, php is sometimes not smart enough to handle blank lines and I believe these above two anomalies are the cause of the following warnings which though not affecting the running of the plugin, do affect other plugins which report quickly fill up the error_logs with the following warning (I’ve just deleted several which were way over 5mb):

    function: Unavailable
    > Warning | Cannot modify header information – headers already sent by (output started at /home/waterway/public_html/index.php:2)

    Regards

    Will Chapman

    Reply
    • Anti-Malware Admin
      On September 21, 2012 at 10:33 pm, Anti-Malware Admin said:

      Thanks for letting me know about that. I just released my newest update today. I added some more cleanup code to this new version to take care of those blank line.

      Let me know if that does the trick.

      Reply
  • Zak
    On September 18, 2012 at 8:24 pm, Zak said:

    WP Content started to scan and it stuck on 66% and not moving anyware
    HELP

    Reply
  • Stacy
    On August 30, 2012 at 2:28 am, Stacy said:

    will not finish scan, I use godaddy, legitworkathome.com is the parent site with a lot of folders and one folder containg an x-cart shopping cart script. The first 2 scans go fine, but when I do the html scan it quits @ 13% and I have tried about 10 times with the same result. Should I try the beta & how do I get it if so?

    1.2.07.30 = BETA Release, Only downlod this version if your version does not finish the scan.
    1.2.07.29 = The version you are currently running.

    Reply
  • k-Link
    On August 28, 2012 at 9:01 am, k-Link said:

    i’ve got

    404 page not found on

    /wp-admin/admin.php?page=GOTMLS-settings

    while updating,and scaning

    Reply
    • Anti-Malware Admin
      On August 28, 2012 at 9:21 am, Anti-Malware Admin said:

      Thank you for reporting this bug. I think this is the same as I have seen on a few other site. Your server may be rejecting form posts with arrays or large amounts of data. This could be due to a setting in your php.ini file, or another script on your site that is transforming or manipulating your post data.

      If you are willing to give me access to your WP Admin I can take a look and give you a more complete and accurate answer to your specific issue.

      Reply
    • Eli Scheetz
      On August 28, 2012 at 2:36 pm, Eli Scheetz said:

      Thank you for reporting this bug. I have released a new definition update that fixes this issue. Just click the “Download new definitions!” button in the admin and it should work correctly after that.

      Reply
  • Sam Matthews
    On August 24, 2012 at 12:26 pm, Sam Matthews said:

    Hi Eli,

    I appreciate the effort you put in for helping people out with annoying malware. I would like to request a copy of the beta download if possible. I’ve ran the plugin several times and it finds many warnings and deletes the intrusive files, but sometime less than an hour later the malware reappears and seems to spread even more. Can you guide me in the right direction to find the culprit file to prevent them from reappearing again?

    Thanks

    Reply
    • Anti-Malware Admin
      On August 24, 2012 at 1:22 pm, Anti-Malware Admin said:

      Thanks for contacting me. The most common reason for getting reinfected is that your site is on a shared server with other infected sites that are not getting cleaned and then immediately reinfecting your site. Although, it is also possible that my plugin is missing some new threat or vulnerability on your site.

      I am willing to help you more but I will need more information. First do you know if you are running on a shared server? If so, do you have access to the other sites?

      It may also help if I could see the list of “potential threats” on your site. I may be able to identify one that is a real malicious threat. Could you send me a screenshot of the scan results or copy and paste them into an email?

      You can reply directly to this notification if you don’t want to post your answer.

      Reply
  • Kabelo Tlhapi
    On July 27, 2012 at 11:01 am, Kabelo Tlhapi said:

    This won’t go away: %&($eval(base64_decode($_SERVERHTTP_EXECCODE))|.+)&%/

    Reply
    • Anti-Malware Admin
      On July 27, 2012 at 11:12 am, Anti-Malware Admin said:

      I would be happy to take a look at it. Can you give me admin access to your site?

      Reply
      • Kabelo Tlhapi
        On July 27, 2012 at 10:20 pm, Kabelo Tlhapi said:

        Eli,
        Your plugin rocks! BUT your support is out of this WORLD! That’s what I call service beyond self. Lots of blessings to ya!

        Cheers!

        Reply
        • Eli Scheetz
          On July 28, 2012 at 7:35 am, Eli Scheetz said:

          Thanks. It really helps that you gave me admin access to your site.

          And thanks for the donation too!

          Reply
  • HealingHerald.org Admin
    On July 20, 2012 at 9:38 am, HealingHerald.org Admin said:

    Hey, Just a heads up it fails sometime when script runs on large sites – gives this error…
    Warning: filesize(): stat failed for /homepages/37/d352694429/htdocs/MainSite/wp-content/themes/twentyeleven/colors/lompat.in/dummywwwexecuser-amember.txt in /homepages/37/d352694429/htdocs/MainSite/wp-content/plugins/gotmls/index.php on line 250

    Reply
    • Anti-Malware Admin
      On July 20, 2012 at 10:00 am, Anti-Malware Admin said:

      Yes, thank you. I am working on a release that handles those kind of file system errors better.

      Thanks for your support!

      Aloha, Eli

      Reply
  • Anton le Roux
    On July 2, 2012 at 12:46 am, Anton le Roux said:

    Hi there, i constantly get a Fatal error.

    Fatal error: Maximum execution time of 30 seconds exceeded in D:PleskVHOSTSxxxxxhttpdocswp-contentpluginsgotmlsindex.php on line 78

    Reply
  • Tay
    On May 2, 2012 at 2:18 am, Tay said:

    Hi there,

    Excellent app. However, i cannot find the repair button. It scans everything and tells me of my errors. But there is no button to repair? Can you please help me?

    Reply
    • Anti-Malware Admin
      On May 2, 2012 at 8:20 am, Anti-Malware Admin said:

      I think the FAQs already has a perfect answer to your question. However, if you are getting “known threats” (in red) then you should have an “Automatically Repair SELECTED files Now” button. If you still feel that the Plugin is not functioning according to it’s intended design then please post a new topic in the Support Forum.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>