Home

This Plugin was created to help WordPress admins clean infections off their site. It was inspired by my own need to clean up one of my BlueHost accounts after a pretty bad hack (see How It All Started). It is still a work in progress and I want to add many new and exciting features. It is currently being offered completely FREE of charge, though it did take quite a lot of time and hard work to develop, test, and make nice.

This project will continue to need my energy to keep it effectively getting rid of new threats and patching new vulnerabilities. That is why I am asking anyone who can, to please make a donation to keep this project going.

Aloha,
Eli Scheetz

Testimonials

  • Great plugin, just donated, grateful for your plugin and thanks for your hard and smart work! xx
    -- Xenia

617 Comments on "Home"

  • On April 15, 2016 at 2:02 am, Jim said:

    Hi,

    This plugin sounds great. but to upgrade to the premium, how much does it cost and what is that donate button, what if the different?

    In general, donate is up to us how much to give, upgrade premium is a set price, no where to be find?

    Very confusing??? Please explain how it go and work? Thanks

    Reply
    • On April 15, 2016 at 3:38 pm, Anti-Malware Admin said:

      There are different feature available at different levels of donations (explained in red next to locked features). You should feel free to donate as much or as little as you want, but basically everything is unlocked at the $29+ level for as many domains as you want ;-)

      Reply
  • On April 11, 2016 at 7:05 am, Robin said:

    I received a message from my hosting that my site had been infiltrated by phishing malware. I tried to run a “Core Scan”, but at 31% it had found a backdoor script but stopped scanning. A pop-up indicated that there was either not enough memory or something else was preventing the scan from completing. The pop-up instructed me to use the “complete scan” feature to scan the site. In so doing the “complete scan” completed 100% but found no malware. How is this possible when the core scan resulted in at least one issue? I have been asked to close my site for maintenance until this issue is resolved. Google Safe Browsing Diagnostic is indicating that my site is “Partially Dangerous”. I sent an email to eli AT gotmls DOT net regarding this issue, and received no response. Please acknowledge and advise. Thank you

    Reply
    • On April 12, 2016 at 11:26 am, Anti-Malware Admin said:

      I replied to your direct email 7 days ago, right after you sent it, please check your spam folder.

      Did you Fix the Back-door that was found when you ran the Core File Scan? It does not need to reach 100% for you to Fix the problems that it finds. I don’t know of any reason why the Complete Scan would find less than the Quick Scan unless you already fixed that threat or if you are only running the Complete Scan on the plugins and the prior threat was not found in the plugins at all.

      Please try the Complete Scan on the whole site, look for any problems, and let me know what you find.

      Reply
  • On March 29, 2016 at 3:08 am, Primož Kvaternk said:

    I have installed on 2 of my blogs your anti-malware software which is great. But I have special problem, that intruders put malicious code on a regular basis and I need all the time cleaning my blogs. Do you intend to create a scheduled software triggering?

    Thanks for your reply, Primoz

    Reply
    • On March 29, 2016 at 3:20 pm, Anti-Malware Admin said:

      Yes, I am currently working on a script that can be executed from the command line and scheduled in your crontab.

      I will make a big announcement when this capability is available as it is a much requested feature.

      Reply
  • On March 23, 2016 at 10:13 pm, Михаил Беляев said:

    Спасибо за скрипт !! Очень помог !! Успехов в развитии.

    Reply
  • On March 23, 2016 at 12:43 am, Arno said:

    Hello,
    Your WP plugin is really great.
    It solved a brute forece attack problem I have since month at one of my clients WP blog.

    Is it possible to donate a amout of money via paypal to have a multisite license ?

    Regards.
    Arno

    Reply
    • On March 23, 2016 at 7:12 pm, Anti-Malware Admin said:

      You can run my plugin on multi site or on as many individual WordPress installs as you want, and if you register each site with the same email address then your donation will count for all of your sites :-)

      Reply
  • On March 22, 2016 at 5:34 am, Test Site said:

    Installed the plugin to remove a hack from a test site on a subdomain that we were using. But now I can’t login to my regular WordPress site. I need to either remove the plugin OR figured out how to get around this error message:
    44360641

    You have been redirected here from (website) which is protected against brute-force attacks by GOTMLS.NET

    Please help.

    Reply
    • On March 22, 2016 at 7:29 am, Anti-Malware Admin said:

      This is caused by a JavaScript error on your wp-login page. The Events Calendar plugin on your site it throwing a warning and because your server is set to output warning it is breaking my JavaScript output.
      On line 49 of …/wp-content/plugins/the-events-calendar/common/src/Tribe/Admin/Notice/Archive_Slug_Conflict.php the error is:
      “in_array() expects parameter 2 to be array, boolean given”

      To fix this problem you can either deactivate that Events Calendar plugin or fix the code in that plugin or disable the displaying of PHP warnings in your server’s php.ini file.

      Please let me know if I can be of any further assistance in this matter.

      Reply
  • On March 16, 2016 at 6:16 pm, David Smith said:

    I have made a 14 dollar donation can I run auto repair or do I have to pay another 29 this is for a carity website that has been hacked?

    Reply
    • On March 17, 2016 at 8:41 am, Anti-Malware Admin said:

      Thanks for your donation, but my plugin will remove know threats and back-door scripts (in red) even if you do not make a donation.

      If you are asking about potential threat (in yellow), these will never be removed automatically because they are likely not malicious at all.

      If you have any more questions or need any more help please send me a screenshot so I know what you are dealing with.

      Reply
  • On February 11, 2016 at 2:01 am, shamiraz k said:

    very nice
    i love to use this in sites as i am new i haven’t use this before
    really awesome work by you guys keep it up

    Reply
  • On January 24, 2016 at 1:30 am, Katherine Martin said:

    This is a God send!! Thanks so much!

    Reply
  • On January 14, 2016 at 5:50 pm, David Norwood said:

    awesome! thanks so much..im worried that the issue may be bigger than I thought as I did a google search for the website and see pages that may have been created by hacker, which is causing the website to be flagged..any suggestions on what action I should take?

    Reply
  • On January 14, 2016 at 5:24 pm, David Norwood said:

    hi there! I recently signed up for my website, and I love this! However, I got a key and used it on here to sign up and register, but when I log in to wordpress, the right bar says “No key!” also, is the scan actually working??

    - David

    Reply
    • On January 14, 2016 at 5:40 pm, Anti-Malware Admin said:

      Use the “Get FREE Key” button on the right site of the Anti-Malware Settings page in your wp-admin. Then you the form provided to register the pre-filled key if it prompts you to, and then download the latest definition updates.

      Then you can start a Complete Scan to find and remove any Known Threats ;-)

      Reply
  • On January 14, 2016 at 11:08 am, Tolly said:

    Thanks for the wonderful plugin. I have one quick question tho.
    The plugin constancy keeps changing my PHP back to 5.2 whenever I update to 5.4.
    It might also be changing my htaccess too.

    Thanks.

    Reply
    • On January 14, 2016 at 11:33 am, Anti-Malware Admin said:

      Thank you but it couldn’t possibly be my plugin that is changing your PHP version. Also, it only changes the .htaccess file when you click on the XMLRPC patch and then it only adds a Directive and doesn’t change anything else in that file. It must be something else that is messing with your PHP settings.

      Reply
  • On January 9, 2016 at 1:27 am, DebLiz said:

    Just….. God bless you. Seriously. You’re the best thing that’s ever happened to me in 6 years of working with WordPress!

    I haven’t donated yet because I just don’t have the funds, but I promise you as SOON as I get paid for my latest project, I’ll be donating just as much as I can.

    I’ve been in tears over my server being completely inundated with malicious stuff – it’s been awful. I lost most of my portfolio websites and had to just delete most everything. Luckily I was able to get to the admin dashboard for the important sites and I’ve been just praying for a solution…

    I’m currently scanning my site, debliz.com and so far (at 37%) your plugin has detected and fixed one htaccess treat, SIX backdoor scripts, and almost SEVENTY “known threats”!!! I KNEW it was bad… but my gosh!

    There’s also 23 “potential threats” … I’m not sure what to do with them – but I’m tempted to just let your plugin ‘fix’ them without even checking into them. I’m so unbelievably grateful to you for all of your hard work.

    You may very well have saved my entire web business. I cannot express to you how grateful I am. And I’ll show my appreciation monetarily as soon as I possibly can. THANK you so much again!

    D

    Reply
    • On January 11, 2016 at 3:41 pm, Anti-Malware Admin said:

      Thanks for your kind words and I see that you donated so thanks for that too ;-)

      The Potential Threats are usually not malicious so my plugin doesn’t fix them automatically but if you are still finding malicious content on your site after the auto-fix of the Known Threats then you can click through these potential threats to view the suspect code and decide if it’s something you want to remove or if it looks safe you can leave it there. You can also send any Potential Threats to me directly and I will let you know what I think.

      Reply
  • On December 22, 2015 at 2:14 am, Rob Edmunds said:

    Hi,

    Have a clients site that has been hacked and possibly a few more, would like to register and pay a donation for use on multiple sites – is this possible??

    thanks,

    rob.

    Reply
    • On December 22, 2015 at 8:48 am, Anti-Malware Admin said:

      Yes, each site will have it’s own Key but if you register those Keys using the same email address then they will all be under the same account.

      Reply
  • On December 11, 2015 at 1:58 am, xriz said:

    hi, i love the plugin and soon will donate. i just have 1 question, is it safe if i delete all files in quarantine? thanks

    Reply
    • On December 11, 2015 at 7:26 am, Anti-Malware Admin said:

      If your site is now clean and working fine then yes, it’s safe to delete the quarantine but it’s also safe to leave those records in the quarantine. Quarantine records are not a danger to your site and they can be helpful for investigating the source and method used to infect your site.

      Reply
  • On December 5, 2015 at 6:34 am, Foamy Media said:

    thanks so much for this plugin, it helped remove a back door script which my hosting company could not find!! awesome

    Reply
  • On December 2, 2015 at 11:22 am, Ruoall said:

    Hi,

    Love the plugin.

    Regarding the donation, if I donate, will I get the Bruteforce and BETA functions to all my sites that I have it installed on or do I have to donate per site?

    Reply
    • On December 2, 2015 at 1:33 pm, Anti-Malware Admin said:

      One donation per account, you can register multiple site under the same account by using the same email address on the registration form.

      Reply
  • On November 26, 2015 at 4:42 am, Kristine Allcroft said:

    Hey Eli!
    Thanks for creating this plugin.
    It’s better than Site Lock’s anti malware protection.
    I’m having a bit of a problem. When the scan reaches 93% it starts all over again at zero.
    What’s up?
    I’d like to get a complete scan and move on.

    Happy Thanksgiving!

    Reply
    • On November 26, 2015 at 8:47 am, Anti-Malware Admin said:

      It’s not actually starting over “at zero”, it’s just going back to “re-scan” some of the files that it failed to read on the first pass. If your server’s memory limit is too low then there may be a lot of files that it failed to scan in bulk, but it will re-scan them and then it will finish. There may then be a number of read/write errors listed in your results, those would be the files that failed the re-scan.

      The overall problem you are facing is entirely to do with your sub-par hosting. I would strongly suggest moving your site to a better host.

      Reply
  • On November 25, 2015 at 7:25 am, Duncan E said:

    Thanks for a great plugin. I’ve spent the last few weeks tracking an infection on our main webserver with no permanent success. But your plugin has nailed the little bugger once and for all. Well worth the donation!

    Reply
  • On November 18, 2015 at 7:15 am, Lois said:

    Hi Eli,

    Just wanted to say how much easier your plugin has made to my life & management of my sites! Malware was constantly being injected into my WP sites so much so that Blue Host shut 2 sites down twice. I’d no sooner get them cleaned and I’d be infected again. The amount of money I paid for cleaning and patching was astronomical. I am not a web builder or coder and clearly I was taken advantage of. I found your plugin through a search, installed on sites, (very easy) and now I run scans on my own, clean what comes and have saved myself a small fortune. I have recommended your plugin to dozens of colleagues and I thank you so much for making this available to techies and non-techies (me)!>

    Reply
  • On November 13, 2015 at 3:26 am, Bill Sierchio said:

    Updated from 4.15.42 to 4.15.44 – Now my scans have come to a crawl – used to be able to complete a full scan in about 30mins, now in 24hrs it only made it to 1% done.
    any suggestions?

    Reply
  • On November 1, 2015 at 8:53 am, Jennifer Rutherford said:

    i just wanted to drop a line and say how much i like your anti-malware. i run http://www.foogazoo.com, a very simple site that is just meant to make people smile.

    recently, i was attacked by malware, and after several days and trying other fixes, i came across your software. i found it easy to use and most importantly, entirely effective!

    so i wanted to let you know, i just donated the suggested $29. thank you eli!

    Reply
  • On October 28, 2015 at 3:31 am, Anil said:

    Hi

    https://wordpress.org/plugins/gotmls/ this shows missing seems plugin i deleted where i can download please give me link.

    Reply
    • On October 28, 2015 at 12:54 pm, Anti-Malware Admin said:

      Otto at WordPress complained about my plugin’s use of base64_decode. Even though it was totally legit (I use it to decode my definitions blob that stores an array of Threats) he suspended the plugin on wordpress.org saying that it was in violation of the WordPress Plugin Guidelines. I changed the PHP code into an array so it is “human readable” (not that it will make any more sense to most people than that Base64 blob did), but now I am just waiting for them to review the changes and restored the link to the WordPress Plugin Repository.

      For now you can download The new version of my plugin here:
      http://gotmls.net/gotmls.zip

      Reply
  • On October 19, 2015 at 12:03 am, Dan P said:

    HI Eli,

    does this plugin take server ressources when not scanning (at least not started by me)?

    Using your plugin on several installations on server and get /tmp space issues and Relic alerts all the time even when not running any of them. Is it better to deactivate them after a run?

    Thx a million

    Dan

    PS.: Couldn’t solve this RUM warning GOTMLS.NET gives me…is it possible that New Relic software (server monitoring by hosting company) makes GOTMLS.NET give me thge warning? I disabled every cache etc …? Thx again for your work & help

    Reply
    • On October 19, 2015 at 12:09 am, Dan P said:

      before I forget: THANK YOU SO MUCH FOR SUCH A GREAT HELPFUL TOOL… I tested several and yours is the best I have seen!

      Reply
    • On October 19, 2015 at 12:22 am, Anti-Malware Admin said:

      My plugin does not use up resource when you are not running a scan. If you have the Brute-Force Protection feature enabled then your server may white session information to the /tmp directory, that could be a problem it your tmp space is really limited.

      What “RUM warning” are you getting?

      Reply
      • On October 19, 2015 at 12:32 am, Dan P said:

        Hi Eli,

        thx for the fast response!!!

        yes, we have /tmp size issues… will look into the size thing

        THis is the warning I get everywhere:

        Another Plugin or Theme is using ‘New Relic auto-RUM’ to handle output buffers.
        This prevents actively outputing the buffer on-the-fly and will severely degrade the performance of this (and many other) Plugins.
        Consider disabling caching and compression plugins (at least during the scanning process).

        any idea??

        Thx

        Dan

        Reply
        • On October 19, 2015 at 1:12 am, Anti-Malware Admin said:

          That warning is just to let you know about any code that has run ob_start with a custom output buffer handler. You should only be getting this message on the Anti-Malware pages in your wp-admin. If you are getting this on other pages then something is very wrong on your site. If you want me to take a look at it then you can send me you wp-admin login, but it is after 1am here so I will get some sleep first and check it out when I get up.

          Reply
  • On October 16, 2015 at 1:17 pm, Lorie Collins said:

    I have not yet used your plugin as we just came across it; my host provider actually installed this after an SEO malware infection was detected on the client’s site. I just have a question for you.

    It is my intention to begin using this plugin on all our client sites, and I have no issues with signing up each individual client/site, and encouraging them to donate to you. My question is, how does the plugin work with:

    A) multiple domains (domain.com; http://www.domain.com; http:// https://; parkeddomains.com)
    B) if we install the plugin on an under development site (dev.domain.com) and then move it to the live http://www.domain.com, do we need to create a new account when we launch the site? If we register the account on the http://www.domain.com but install it on the dev.domain.com, will it work or create conflicts of any kind?

    I need to know if this will allow a preemptive installation at the beginning of the development, or if it has to be the very last step after launch.

    C) How does it work with Ecommerce sites where part of the website is hosted elsewhere? Example I have a client who’s wordpress that I want to protect is on http://www.domain.com but one of her “pages” is on domain.bigcommerce.com. Will THAT create a conflict? Should we create an exclusion rule so the 2ndary offsite store doesn’t weird out your plugin and create false postives?

    D) What is the size of your installed plugin? We use Duplicator (Free version) for backups. Will this create an issue with the backups due to size (it doesn’t like files 3+ mbs)?

    E) Will caching plugins create any kind of a conflict? w3-total-cache; wp-super-cache; wp-fastest-cache

    Reply
    • On October 16, 2015 at 3:31 pm, Anti-Malware Admin said:

      A) It works fine with multiple domains/URLs, each domain must be registered with it’s own auto-generated key, but if you use the same email address then all the registered sites will be under the same account.
      B) Just register the plugin again with the same email whenever you change the URL and it will not loose anything and there will be no conflicts.
      C) My plugin will not effect, protect, block, conflict with, or otherwise interfere with any external site. It only scan the local file system on the server that your website resides on, and it only protects the WordPress site it is directly installed on.
      D) My plugin is only about 400KB in total.
      E) Caching plugins are a bit of “can-of-worms”… they tend to conflic with many other plugins in lots of inconsistent or unpredictable ways, and are generally not worth the trouble they can cause, IMHO. At the very least you should turn off caching and delete all cache files before running any kind of scan on your sites. Caching can interfere with the scanning process and also render inaccurate results. Cache files are temporary so there is not much point in scanning them but if they are scanned it can be tedious and time consuming for the scanning software and so it can dramatically increase the scan time.

      I hope that adequately answers all your questions. Feel free to contact me again if you have any more concerns.

      Reply
  • On October 10, 2015 at 8:23 am, Bill Bostic said:

    Awesome application. Nothing else is remotely close!

    Thank you!

    Reply
  • On October 9, 2015 at 9:49 am, Nerissa Drury said:

    Hi, I just found out through Google that my website has been hacked. Apparently URL injection. This is added onto the end of my website address /INVICTA/10051027708.html
    Can this software clean this kind of hacking?

    Thanks in advance!

    Reply
    • On October 9, 2015 at 10:34 am, Anti-Malware Admin said:

      It is hard to detect and differentiate HTML that advertises something you might want on your site from HTML that was put there maliciously that advertises something your don’t want on there. That said, my plugin will detect most PHP threats and vulnerabilities that would let a hacker put stuff like that on your site. It would be best if you delete that INVICTA folder if it was added maliciously and there is no important content in it, but it is also a good idea to run a Complete Scan of your whole site to look for the back-door scripts or other threats that may be exploitable so that that kind of content does not keep getting put on your site. If you have a chronic re-infection problem then you may want to look for a more secure hosting environment.

      I do also offer Super Secure Hosting for $12/month per site, if you want to more your site to a server that does not get hacked ;-)

      Reply
  • On October 7, 2015 at 5:03 am, Alicia said:

    When I try to update the definitions, I get the following error:
    unused

    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, webmaster@blog.nrcprograms.org and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

    I made a donation under my initial email address and blog a few months ago, but we have since moved to a new sub-domain. I was able to update the definitions last month, so I don’t think that is the problem, but I guess it is still possible. Is there anything else that could be the problem?

    Thank you,
    Alicia

    Reply
    • On October 7, 2015 at 3:33 pm, Anti-Malware Admin said:

      Your host must be blocking the JavaScript Update. You should try the Automatic Update method, that seems to work fine on any server even if the manual update method fails.

      Let me know how that works for you.

      Reply
  • On September 18, 2015 at 8:49 am, Mike Blaney said:

    I have installed the plugin on two websites hosted at Bluehost. I have run the scan 20 times on each website over the past few days and every second time the back door script is back and often there are 3 core file changes. I fix them each time, fo to my ftp file manager and delete new directories, but the malware keeps coming back and trying to send emails. Any suggestions?

    Reply
    • On September 18, 2015 at 1:32 pm, Anti-Malware Admin said:

      You need to find out how these malicious scripts are getting planted on your server. The next time you get hit with these files you need to take a look at the timestamps on these files. There is the modified time, which might be help but can sometimes be forged, there is also a changed time which is surely going to indicate the exact time of the infection. This is the most important info you can get from these files and it needs to be examined and recorded before you make any kind of changes to these files. You can then look in the raw access_log files and cross reference infection times with any unusual activity to see what scripts were called at that exact time. This could indicate where your vulnerability is.

      Reply
  • On August 23, 2015 at 11:13 am, Luis Castro said:

    Hi, i have several domains on my account. Do i need to donate 29$ in each of them in order to access the full package?

    Reply
    • On August 24, 2015 at 7:58 pm, Anti-Malware Admin said:

      Nope, one donations will active the full features on all sites registered to that email address.

      Reply
      • On August 24, 2015 at 8:08 pm, noppadol L said:

        we need to install your plugin all our domain site if we have many domain? and if we have many subdomain.? Thanks.

        Reply
        • On August 31, 2015 at 6:39 am, Anti-Malware Admin said:

          Scanning the main site may scan the files of the other sites if they are nested inside the directory of the main site. However, the scan works best on a single site and the firewall and brute-force protection is only active on the sites you have the plugin installed on. Therefor, it would be best to install the plugin on each domain. If you have a Multisite installation then you can Network Activate a single copy of the plugin to protect all sites.

          Reply
  • On July 15, 2015 at 9:56 pm, Pharma Hygiene said:

    Don’t you agree it would be a good idea to update your wp to 4.2.2 for security reason?

    Reply
    • On August 4, 2015 at 9:24 am, Anti-Malware Admin said:

      If you are on 4.2 or 4.2.1 then you should definitely update to the newest version which is currently 4.2.4, but if you on a older version of WordPress then I don’t necessarily recommend upgrading to 4.2.X automatically. Call me old fashion but I personally like 3.7 and I have just update to the latest security release 3.7.10. I use the tried and true versions that have been around for a while and there are no known security vulnerabilities with 3.7.10 that I am aware of. Whereas, 4.2.X is still fairly new and they keep finding more bugs to fix which make is less stable and potentially less secure, IMHO.

      Reply
  • On July 12, 2015 at 6:32 am, Ray Rodriguez said:

    Quick question if I want to donate and use the plugin in multiple sites, so i need to donate for each site in order to get the extra benefits?

    Reply
    • On July 13, 2015 at 9:03 am, Anti-Malware Admin said:

      Currently your donations are applied to your account and all sites/keys registered to the email address associated with that account.

      Reply
  • On July 8, 2015 at 8:42 am, Larry Launstein Jr said:

    I recently paid the $29 donation to get the extra features of your program, and I have not gotten those updates yet. What do I have to do?

    Reply
    • On July 8, 2015 at 9:54 am, Anti-Malware Admin said:

      You need to enable the Automatic Update feature to get the Core Files definition update. Once you run the Complete Scan with the Automatic Updates enabled you will have the option to check for Core File Changes.

      Reply
  • On July 1, 2015 at 7:21 am, Ross Barbieri said:

    Just made a second donation. I gotta say man: you’re awesome – and gotmls is an excellent tool. I’m a developer, so if there is a way I can help you out let me know.

    Reply
  • On June 27, 2015 at 2:51 pm, Dennis Albert said:

    I am the admin for this website and I cannot log into the back end of my website. The message I keep getting is You have been redirected here from http://www.greenwichneighborsunited.com which is protected against brute-force attacks by GOTMLS.NET & then the #5199346.
    I have refreshed my browser, cleaned all cookines & cache, still cannot get in!
    Please help me to be able to get back into my own website!
    Thanks,
    Dennis

    Reply
    • On June 27, 2015 at 6:27 pm, Anti-Malware Admin said:

      #5199346 is a NO_SESSION error. So your browser in not maintaining a persistent session. I just tested you login page from my browser and I was not redirected so it is not a problem with your server or my plugin. You should check the security settings on your browser to make sure sessions are enabled or try a different browser.

      Reply
  • On June 24, 2015 at 10:17 pm, Mehedi Hasan said:

    thanks

    Reply
  • On June 11, 2015 at 11:50 am, Yogesh said:

    Hey,

    if i donate, then for how many sites can i use that key?

    Reply
    • On June 11, 2015 at 5:54 pm, Anti-Malware Admin said:

      Each site is registered to it’s own key. You can register as many keys/sites as you want using the same email address so that they are all under the same account that you donated with.

      Reply
  • On May 28, 2015 at 12:52 am, Pat Ward said:

    Every time I click on “check for definition updates” I get this message

    “No response from server!” why am I getting this message?

    Reply
    • On May 28, 2015 at 10:45 am, Anti-Malware Admin said:

      There must be something blocking you from checking my server for updates. Check the error console in your browser to see if it will tell you why the update server is blocked. You may need to change the security settings in your browser or try another browser.

      Reply
  • On May 27, 2015 at 10:51 am, Daniel said:

    Hi Eli,
    On scanning my website the result is 1 known threat, and it highlights the code lines as in the image attached https://dl.dropboxusercontent.com/u/3546925/Threat.jpg . Could you please have a look and tell me if this is indeed a threat as I want to inform the plugin creator to fix but I don’t know how to explain to him ? Thank you.

    Reply
    • On May 27, 2015 at 11:37 am, Anti-Malware Admin said:

      Thanks for send this info to me. This is actually a false positive. I found the reason for this file being incorrectly identified as a Known Threat and I have released new Definition Update that resolves this issue. Please download the new Definition Update and this file will no longer be flagged as a Known Threat. Thanks again for bringing this to my attention.

      Reply
  • On May 17, 2015 at 12:23 pm, Toby Drysdale said:

    Love the plugin and have been happy to donate.

    However, I appear to have a problem on a few sites that I’ve installed the plugin on. The full scan starts the process OK but sticks at 0%. I’ve tried running the quick scan and that fails too at between 30% and 54%. Memory is set to 512Mb on all sites. The websites are spread over 2 different servers and a few of the sites scan without a problem. Really stumped as to how to proceed further – I’ve retried the scans and left for several hours – any help/tips would be greatly appreciated :)

    WordPress: 4.2.2
    Plugin: 4.15.21
    Definitions: F5B9Q

    Reply
    • On May 17, 2015 at 2:46 pm, Anti-Malware Admin said:

      Thanks for reporting this bug. I found that the WP function current_user_can() cannot be called from the admin_init or admin_menu hooks in some versions of WordPress without causing a Fatal error in /wp-includes/capabilities.php. This is because it calls wp_get_current_user() which is found in /wp-includes/pluggable.php but not always included at this point.

      This looks like a major bug in WP and I am not yet sure what versions are affected but I will be submitting a bug report to the WP Core team shortly. For now I have release a patch for this issue in version 4.15.22 that include the needed pluggable.php file before calling current_user_can.

      Please upgrade to version 4.15.22 and confirm that that fixes the issue for you.

      Reply
  • On May 16, 2015 at 4:42 am, Rahul Sharma said:

    Hello,
    I have just installed your plugin and it is scanning website….however I hosted my wordpress websites on ipage they have send me a list of 1500 + Malware and ask me to fix or remove it in 48 hours from there servers and I have around 20 + websites so will it work for all the website?
    I am worried or else I have to buy another shared hosting who will allow me to host my websites ??? This ipage company is forcing me to buy sitelock which is of no use..I have read so many reviews in the past one week,,,,about sitelock …I have read a lot about your plugin and I am hopefull……

    Reply
    • On May 16, 2015 at 7:45 am, Anti-Malware Admin said:

      You should be able to clean all your sites with my plugin. I understand they have given you a very tight deadline. If all your sites are structured as sub-directories under one main site then you could scan then all at once from the main site.

      Reply
  • On May 10, 2015 at 12:57 pm, Mztar Lharrywizzy said:

    Thanks To You My site Is Normal

    Reply
  • On May 5, 2015 at 7:45 am, Daniel said:

    Hi Eli,
    I have a subfolder in the /wp-content/uploads named quarantine and an index.php inside that has a base64 line. Is this normal, is it something your plugin installed? That base64 coding looks strange to me. Can you pls have a look? Thank you https://dl.dropboxusercontent.com/u/3546925/quarantine.zip

    Reply
    • On May 6, 2015 at 10:29 am, Anti-Malware Admin said:

      Yes, That file is ok. It was written like that so that the HTML content could not be modified by hackers but I can see that it might cause more confusion than it’s worth to use base64 encoded output if people may jump to the conclusion that it is malicious code. I will alter the encoding of that file in my next release so that it is more human-readable.

      Reply
  • On April 28, 2015 at 8:31 pm, Pav said:

    Hello,

    I was wondering if it is possible to register multiple websites with one email address/key? I am a developer and I have a few websites under my wing.
    Do you have any developer license options or anything similar?

    Awesome product by the way – works like a charm.

    Reply
    • On April 28, 2015 at 8:46 pm, Anti-Malware Admin said:

      Thanks!

      Each site generates it’s own key, but you can register all your site under the same email address.

      Then you can make one larger donation and it will count for all of them ;-)

      Reply
      • On April 29, 2015 at 6:37 pm, Pavan Ratra said:

        Awesome, thanks mate. Also, how do I go about upgrading to get access to the Core Files scanner?

        Reply
        • On April 29, 2015 at 6:45 pm, Anti-Malware Admin said:

          If you donate at the $29+ level then you can use the automatic update feature to install the Core Files integrity check, that will also dramatically speed up the scan of the wp-include and wp-admin folders.

          Reply
  • On April 28, 2015 at 1:20 pm, Marcio said:

    too good to be true, uh? LOL

    Reply
  • On April 27, 2015 at 6:20 am, dj said:

    Hello – i tried to run a quick scan today and it keeps stopping at 32%. My definitions are updated. I processed a wordpress scan then a plugins scan just prior and both worked.

    I would appreciate any assistance you would provide.

    Thank you.

    Reply
    • On April 27, 2015 at 7:42 am, Anti-Malware Admin said:

      Your server does not allocate enough memory for PHP to scan all your files in a single process. Unfortunately this is very common on shared hosting that is designed to limit your consumption of shared resources. That is why it is recommended that you run the Complete Scan, this will take longer because it splits up the scan job into smaller pieces but it should be able to finish the scan at 100%.

      Reply
  • On April 21, 2015 at 7:01 am, Ian Miller said:

    Hi I just upgraded to the latest version and when I try to run the scan all I get is a

    … Loading, Please Wait … and nothing happens..
    It worked on the older versions . I host multiple site on the system and this is the first I’ve seen it.

    Reply
  • On March 26, 2015 at 9:46 am, Bruno Accioly said:

    Your plugin is simply amazing!

    You should take a look at this.
    It is spreading fast!
    http://blog.sucuri.net/2015/03/pseudo-darkleech-server-root-infection.html

    Reply
    • On March 26, 2015 at 10:46 am, Anti-Malware Admin said:

      Thank you. I have seen many variations of this Darkleech Infection and my plugin already looks for and removes malicious code like that.

      Reply
  • On February 26, 2015 at 6:50 am, Dan Stevens said:

    Hi

    I have loads of “potential threats” that I can see are actual threats.

    How do i clean these? There doesn’t seem to be an option to do so.

    I have donated to the plugin

    thanks

    Dan

    Reply
    • On February 26, 2015 at 8:00 am, Anti-Malware Admin said:

      Potential Threats are usually no malicious, but it sounds like you found some that definitely are. If you can send me the infected files I will add those to the list of Known Threats. Then you can download the new definition update and my plugin will fix them for you.

      Alternatively, if you send me your WP Admin login I will have a look at them in-place and add the definition update for you.

      Reply
      • On March 17, 2015 at 10:28 am, lila said:

        I am having the same issue, could you help me please? I can send you my log in info. i love the plug in congratulations

        Reply
        • On March 18, 2015 at 11:48 am, Anti-Malware Admin said:

          As I told Dan, you can send me the infected files I will add those to the list of Known Threats. Then you can download the new definition update and my plugin will fix them for you, or you can send me your WP Admin login I will have a look at them in-place and add the definition update for you.

          Reply
  • On February 9, 2015 at 7:38 pm, Mark said:

    its a great plugin! just a question, does it only find and remove the virus or prevent also from future attacks?

    Happy user!
    Mark

    Reply
    • On February 9, 2015 at 7:58 pm, Anti-Malware Admin said:

      My plugin can also protect your site from some of the most common attacks and I am always working to improve the protection as new threats emerge.

      Reply

Leave a Reply to shamiraz k Cancel reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>