Donate!

This Plugin is FREE for anyone to download and use on as many sites as they want. Contributions are encouraged to support the continued maintenance and improvement of the Plugin and the Malware definitions. The more support I get, the more time I can devote to making this malware solution more comprehensive, effective, efficient, and informative, and the more you benefit.

Thank you for your Support!

To contribute either login or enter your Key below

Thank you for your support!

Below is a list of what I plan to do with your contributions. Many of these idea's were requested by users and I am more than happy to hear about any ideas you may have. So hear they are, in no particular order:

  • Add a scheduling agent so that you can setup regular scan at set intervals and receive an email report if threats are found.
  • Add an easy way for you to report a specific file to me for closer examination when you find some malicious code that my plugin missed.
  • Make registration optional so you can download the definition updates without registering the plugin.
  • Add a JavaScript method to the login patch for when the session method is not available.
  • Create a list of professionals who are available for hire to remove malware if extra help is needed.
  • Check for new files that don't belong when running the Core Files Check to remove files that have been added to the wp-includes or wp-admin.
  • Create a non-WordPress-wrapper or CLI for people with infections on a non-WordPress site or for when your WordPress admin is not working.
  • Update the definitions of Known Threats as new malicious threats are discovered.

I will update this list when I hear your thoughts and suggestions too.

Here are a few of the major updates I was able to complete in the with past donations:

  • Added a Database scan to find and remove any malicious code injected directly into your content.
  • Added a Core Files Check to scan for any changes to WordPress files and restore them if any are found.
  • Added the ability to change the admin username if the current username is "admin".
  • Moved the quarantine files into the database and deleted the old directory in uploads.

Aloha and Mahalo,

Eli Scheetz

Testimonials

  • Awesome plugin! Thank you very much!
    -- Sandy

337 Comments on "Donate!"

  • On March 5, 2013 at 2:28 pm, Gary Cope said:

    Two installations and two donations. Worth every penny. Eli’s plugin found a ton of stuff Sucuri didn’t find. Thank you, Eli, for building a great tool to help us keep our WordPress sites secure!

    Reply
  • On March 5, 2013 at 8:40 am, Chahid said:

    Hi,

    Do i have to make a donations everytime that i install the plug-in?

    Reply
  • On February 17, 2013 at 5:06 am, Jamie Wonnacott said:

    I just wanted to add my own recommendation to the growing list of people who have benefited from Eli’s plugin. I was informed by Google yesterday that one of my websites had Malware and was being blocked. This also cancelled the Adwords campaign.

    I installed the plugin, did a full scan, it quarantined the malware files and a secondary scan showed there was nothing else wrong. I then contacted Google asking them to rescan the website for Malware and today the website is back up and running!

    What was a potentially nightmare situation was made clear and simple to solve by Eli – and he provides it to us for free! I have just made a donation and fully support him in future developements. Thanks Eli

    Reply
  • On February 13, 2013 at 1:56 am, Charlie said:

    Eli is a living legend, this plugin is fantastic and the service from Eli that goes with it puts the richest corporate support in the world to absolute shame.

    Reply
  • On February 7, 2013 at 3:54 pm, Jeff said:

    Its monthly donation time. So glad you’re around maintaining this gem of a plugin.

    Mahalo Eli

    Reply
  • On January 31, 2013 at 1:56 am, Suman said:

    Lifesaver!! thanks and happily donated :)

    Reply
  • On January 23, 2013 at 7:52 am, Dennis Daniel said:

    Thank you so much for your work!! Your scan found and fixed all of my problems. I proudly made a donation to support your work.

    Thanks again and keep up the great work!!

    Reply
  • On January 16, 2013 at 3:03 pm, Jeff said:

    Hi Eli

    Thanks for continually updating this plugin. Just stopping by to make my monthly donation. Appreciate you covering my back.

    Mahalo

    Jeff

    Reply
  • On January 16, 2013 at 10:55 am, James said:

    The cost of the donation is well worth the product. People must remember, if people like Eli Scheets were not here, we would be paying far more for a product that expires frequently and costs many times more than your donation.

    Thanks Much Eli.

    James

    Reply
  • On December 29, 2012 at 12:46 pm, Jeff said:

    Happy New Year Eli

    Monthly donation on the way….a small price to pay for your continuing efforts a dedication

    Mahalo

    Jeff

    Reply
  • On December 27, 2012 at 3:26 am, Ruth Phillips said:

    Thanks so much for your hard work – really appreciated . I have donated to the cause – keep up the good work!
    Happy New Year,
    Ruthie Phillips

    Reply
  • On December 26, 2012 at 7:45 pm, rahul patel said:

    YOU GUYS ROCK!!! im just starting my site not pulling the big bucks yet but i donated a bit! and will once this takes off again!!!
    THANKS AGAIN!

    Reply
  • On December 24, 2012 at 5:40 am, Diego Lopes said:

    Now all the files are cleaned. I was asked to not see some folder like uploads and langs, but there was javascript infected too. But now all is really ok. Tks too much and Merry Christmas for you and family!

    Reply
  • On December 23, 2012 at 12:15 am, Hajo said:

    Ein Danke aus Deutschland an euch.
    Das Plugin, das meine Seiten schützt, lässt mcih ruhiger schlafen.

    Ein schönes Weihnachten euch
    Hajo

    Reply
  • On December 14, 2012 at 1:45 pm, Jeff said:

    Best bargain on the web for protecting my side. Just made my monthly small donations plus some.

    Keep up the good work Eli.

    Mahalo and Happy Holidays

    Jeff

    Reply
  • On December 1, 2012 at 11:16 pm, Gazali Ahmad said:

    Thanks for developing the plugin. Donated a modest $10. Here’s what happened: It seems that a script was automatically put in the footer widget. I’ve deleted it and a couple of days later it came back. Re-install WordPress and it still keeps coming back.
    Then The site got blacklisted by Google. You know the scary page by Google whenever you visit a site.
    Deleted the script in the footer widget and resubmit to Google.
    Today when I went to my site, it re-directed automatically to another site. Checked and found the script again in the footer widget.
    Scan it using your plugin and found 1 know threat from a plugin. Repaired and I deleted the plugin. Actually I don’t really use that plugin much.
    Re-scan twice and it looks safe for now.
    Just wondering how did it managed to infect that particular file and caused a script to be placed in the footer widget over and over again?

    Reply
    • On December 1, 2012 at 11:25 pm, Anti-Malware Admin said:

      Do you still have the infected file? If so, check the timestamp on the file, you may be able to find a reference to it in your raw access logs. If you can send me the files I can tell you more.

      Reply
  • On November 12, 2012 at 5:00 am, Will Chapman said:

    Eli

    Your great plugin hit the spot again – found 4 malware injections in 4 of my 5 websites – am sending you another $10 donation – well worth the expense.

    A question – in spite of making all sorts of recommendations to try to keep my sites secure, these hackers still seem to be able to plant malware infections. Do you have any thoughts of how they gain access to sites?

    I was wondering if it was practical to keep a record of time & dates of all IPs that gain access and then compare that with file changes (I have one plugin installed that issues file change warnings)?

    Regards

    Will

    Reply
    • On November 12, 2012 at 6:39 am, Anti-Malware Admin said:

      Thanks for the additional donation!

      My Plugin automatically fixes the security hole in timthumb files but it sounds like you may have another kind of vulnerability on your server. I think it’s less important to know who changed your files then it is to know how they did it. IPs are not going to help you as much as knowing what vulnerability was exploited to gain access to your server.

      What I would do is to scan frequently for new infections. When one is found, don’t fix it right away, first “stat” the file and check the “Change” time to see exactly when this happend (Not the “Modify” time you usually see in your FTP client or maybe even that “file change warning” plugin you have). Then search your raw access log files for that time (within a few seconds) to see if there are any fishy parameter passed to a vulnerable script. Keep in mind it could be in the raw access logs for another domain (multiple domains on a shared server can easily infect each other).

      I am happy to help you track it down if you want to let me know ASAP the next time you get infected. I would need SSH access or another way to “stat” a file and access to your raw access logs for all domains. Then just give the path to an untouched infected file and I could figure out if it was a script on your server that allowed it to get infected.

      Reply
  • On October 13, 2012 at 12:56 pm, Jeff said:

    Hey Eli

    You saved my hide again. I set up some new WP product sites and within 2 days redirects were everywhere including my other sites. Must have come from 1 of the plugins I used or the theme I installed.

    But your plugin cleaned it all up.

    I made a small donation for the big help you provide.

    Can you email me….I want to pass along a message I got from Sucuri.

    Thanks

    Jeff

    Reply
  • On October 11, 2012 at 10:40 pm, Xavier said:

    Great plugin, thank you.

    Reply
  • On October 11, 2012 at 2:25 am, Carlo said:

    I just donated $10. I know that this is just a little amount for a lifesaver plug in. I have 4 sites infected.

    Reply
  • On October 5, 2012 at 2:17 pm, Ingrid Kaslik said:

    Eli,

    You have been a great help and I appreciate your plug-in and your accessibility. Thanks for your prompt responses. You were worth a double donation for sure!

    Cheers,
    Ingrid

    Reply
  • On September 27, 2012 at 11:42 pm, Will Chapman said:

    Eli

    Following my policy of making another donation each time the plugin detects and clears some malware, I have just made another donation.

    I hope other users adopt the same policy of supporting this fantastic plugin – surely each time it finds and clears up an infection is worth at least at least an hours pay?

    Reply
  • On September 18, 2012 at 3:19 am, Philip Ferreira said:

    Hey my dude, having some issues with the wp-content scan it hangs. I’m on google’s malware list and I’ve been de-railed because of it. I’ve removed all the plugins your app said could possibly cause issues, then I scanned with wp-content… it goes for about 3 – 5 minutes and then does a 404 error. Let me know if you have any thoughts on what I can do to remedy the situation. If you need more info (if you think it’s a bug or whatever) I’d be jazzed to let you take a look see. Thanks for your time.

    Reply
    • On September 18, 2012 at 7:12 am, Anti-Malware Admin said:

      Yes, I love to have a look at it. I have seen similar problems with scanning a large number of files on some servers with memory and post limitations but nothing quite like what you have described.

      Reply
  • On September 16, 2012 at 3:43 pm, Philip Ferreira said:

    Donated – thank you for making this program, I will donate $5 a month as a thank you to you for doing your work.

    Reply
  • On September 16, 2012 at 2:49 pm, Nick Throlson said:

    Thanks for this great app you help my friends website who got malware injected via bluehost shared server!

    Reply
  • On September 14, 2012 at 11:05 am, Jeff said:

    Glad to donate to a good cause.

    Mahalo Eli

    Reply
  • On September 7, 2012 at 7:05 am, Dawn Xavier-Franklin said:

    Thank you, thank you, thank you! Just donated $25.

    Reply
  • On August 27, 2012 at 12:46 pm, Christian Meyer said:

    Thanks for the plugin – go ahead. I just donated $10 for your excellent job.

    Reply
  • On August 20, 2012 at 1:52 am, michael schacht said:

    If you’re thinking about using this plugin, just do it! Not only is the plugin great, but the service is even better. There’s nothing worse then pulling your hair out trying to figure out why your site is being blacklisted for malware from google. Within hours of using this plugin, I was back at the top of google and malware free. Thank you so much!

    Reply
  • On August 16, 2012 at 2:02 pm, danny said:

    just donated $10 will donate more later.thank you

    Reply
  • On August 11, 2012 at 3:45 am, hector said:

    Hello,
    I been blacklisted from google I scan my site with your plug-in. can you look at my site before i submit to google webmaster tools. thanks i will donate for sure. thank you,

    Reply
    • On August 11, 2012 at 6:33 am, Anti-Malware Admin said:

      I can see from the outside that your site still has some nasty Javascript on a few pages. If you want to give me an admin login to your site I will track it down for you.

      Reply
  • On August 7, 2012 at 3:41 am, John said:

    I first got Reported Attack Page! What is the current listing status for mysite.com?

    Site is listed as suspicious – visiting this website may harm your computer.

    Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.

    Then in webmaster tools I find “Warning
    Google has detected harmful code on your site and will display a warning to users when they attempt to visit your pages from Google search results.
    You should clean your site as soon as possible.”

    I have ran your plugin as well as making a contribution will this no make my site healthy again. Can I resubmit it to google for a review?

    Reply
    • On August 7, 2012 at 5:55 am, Anti-Malware Admin said:

      If you found and removed threats then you should resubmit to google in webmaster tools.

      Do you want me to look at your scan results? Send me your WP Admin login and I will check it for you.

      Reply
  • On August 1, 2012 at 11:27 pm, steveb said:

    Thankfully no ‘reds’ – helps with the peace of mind.

    Good plugin – easy to use, simple to understand.

    Reply
  • On July 31, 2012 at 6:07 pm, zack said:

    Thanks for the plugin… :)

    Reply
  • On July 30, 2012 at 11:22 am, T L said:

    You have saved my websites, I can’t THANK YOU enough. I will donate as I am able. Please continue this awesome work!

    Reply
    • On July 30, 2012 at 11:42 am, Anti-Malware Admin said:

      Thank you for the generous donation! If everyone donated like you did I would have a much easier time keeping it up. As it is, I will diligently continue this work on this plugin in the hope of helping more people like you. Your appreciation make it all worth while.

      Reply
  • On July 13, 2012 at 9:21 pm, Rolf Joho said:

    Thanks for this plugin. I just donated a few dollars.

    Reply
  • On July 13, 2012 at 8:55 am, Riz said:

    Thanks for the great plugin,
    i have a question, the plugin found 29 “Potential threats” in public_html, how can i find the exist infected line code & how to remove? Or if the “Potential threats” is bad for my site?

    Reply
    • On July 13, 2012 at 9:01 am, Anti-Malware Admin said:

      Read the FAQs. “Potential Threats” are usually not bad at all but if you think you have an infection they are the best place to start looking. There are lots of legitimate reasons for using “eval” so you don’t want to go removing them all automatically.

      Reply
  • On July 10, 2012 at 10:59 pm, raimund said:

    Thanks, great help – your plugin easy to handle…and helps me to save time for other important work. I always will advice other colleges to use your plugin and to help you with donation.

    Reply
  • On July 5, 2012 at 11:54 pm, Lisa said:

    Hey, thanks a lot! Just donated and wish it could be more b/c your plugin has saved me headaches I’ve read about thus far. I will recommend to my editor/webmaster to use on pure.xahir.com We are active in the blogger community, publishing reviews and once got hit with weird stuff from all the increasing traffic. (Thanks also for the reminder email, it was great!)

    Reply
  • On July 1, 2012 at 3:52 pm, Jules said:

    Thanks for the work, the plug in couldn’t solve my problems, I had to erase everything several times. :(

    but anyway I support your project for a free and powerful antimalware plugin for wordpress. Therefore I made a small donation and say a big thank you for you to keep up on this project.

    Reply
    • On July 1, 2012 at 4:22 pm, Anti-Malware Admin said:

      Thanks for your donation. Next time you get infected my plugin will be even better.

      If you ever come across any malicious code that my plugin misses please feel free to email me directly. I would like to have a look at it and update the definitions file so that it can be removed automatically.

      Aloha, Eli

      Reply
  • On June 25, 2012 at 8:50 pm, HealingHerald.org Admin said:

    Thanks so much. Please keep updating this. Love it. Donated.

    Reply
  • On June 15, 2012 at 11:46 pm, Mark Kollar said:

    hi, thanks for your plugin. donated $10. will donate more later for sure. i am testing it right now to see its effeciency. by now, its really a lifesaver. thank you for your hard work.

    Reply
    • On June 16, 2012 at 8:20 am, Anti-Malware Admin said:

      Thanks, It’s always nice to get paid for my hard work.

      I am working on an update right now that will make it even more efficient and effective. So you can look forward to an even better lifesaver and I will look forward to another donation ;-)

      Reply
  • On June 5, 2012 at 12:50 pm, Martin said:

    This… is…. AWESOME!!! I’ve just tried it for the first time and the best part seems to be that it can actually remove threats, not just tell you about the problems without any solution. We’ve had a series of sites which were hacked or something a while back and have had ongoing problems for a really long time. I’m going to run this through and see how everything goes. I’ll keep you posted with what happens. I plan to make a donation as well as this something I’ve been looking for for a long time.

    Thank you Eli. Also, if you’re interested to learn more about the threats, etc. for research purposes, feel free to drop me an email and I’ll run through all the stuff with you. Cheers!

    Reply
    • On June 5, 2012 at 2:55 pm, Anti-Malware Admin said:

      Thanks. Please do keep me posted. If you find any real threats in the “Potential” section please let me know so that I can add then to the “Known Threats” for automatic removal.

      Reply
      • On June 5, 2012 at 4:37 pm, Martin said:

        Thanks, FYI in IE after running the full scan it offers to remove the selected ‘known threats’ automatically, but when you click on it, the scan runs and then tells you the same information… endless loop. Later I tried it in chrome and it performed the stated function. I’ll keep you posted, thank you very much!

        Reply
        • On June 7, 2012 at 10:43 pm, Anti-Malware Admin said:

          Thanks for the bug report. I personally never use Internet Exploder but I’ll try and fix that IE bug in the next release.

          Reply
  • On June 3, 2012 at 10:41 pm, Vjatsheslav said:

    Hey,

    Just sent you another $50, hope this helps, cause this plugin is a real lifesaver. Also thumbs up on allowing only one email address for multiple sites.

    Please continue supporting this plugin!

    Thanks!!

    Reply
  • On May 31, 2012 at 6:57 pm, Jeremy said:

    I’m about to test it … near 12 of my sites are infected and it’s a never ending loop of injections

    Reply
    • On May 31, 2012 at 8:40 pm, Anti-Malware Admin said:

      That is exactly what happend to me and that is why I wrote this plugin. Please let me know how it works for you.

      Reply
  • On May 3, 2012 at 1:13 am, Sunil said:

    i tried your plugin… its showing virus in all the files {java scripts}

    dont know if its right

    Reply
    • On May 4, 2012 at 7:48 am, Anti-Malware Admin said:

      I could look at for you if you want to give me access but I would guess it would be accurate. Each file listed is a link and clicking the link will show you the contents of the file. When examining the file you should see “Potential threats in file: ( 1,2 )” above the file contents box. the numbers are links to the places in the files that were identified as “Potential threats”. You can examine the cone in that area of the file and determine for yourself if it looks malicious or not. Keep in mind that “Potential threats” in yellow are likely not malicious but the one in RED are “Know threats” that I feel need to be removed. Also, note that removal of the treat does not mean removal of the file. There are many necessary files that get infected with one line of malicious code. My tactic is to remove the known malicious code form the file without breaking the rest of the code in the file.

      Please let me know if this was helpful or if you feel there is something wrong with my plugin. I would be more than happy to look at it for you.

      Reply
  • On April 27, 2012 at 5:23 am, Sam Hotchkiss said:

    Great plugin!

    Reply
  • On April 23, 2012 at 11:43 pm, Will Chapman said:

    Thanks for this plugin – most timely! I’ve donated a modest $10 in support but if this clears all my sites I’ll increase that.

    Here’s my scenario. The way my webhost is setup is that I have 5 websites hanging off a single domain, waterwaywatch.org. The entire domain – that is all 5 websites – look like they may have been hacked.

    I had spotted and cleared (deleted) the offending code on one of the sites prior to finding your plugin but has returned within hours so I clearly didn’t get to the root of the infection. I have cleared that site again with your plugin and am waiting to see if it is fixed.

    Any suggestions?

    Reply
    • On May 3, 2012 at 3:58 pm, Anti-Malware Admin said:

      Thanks for working with me via email this past week to uncover this new threat. Giving me full access to your server and WP Admin was invaluable in discovering the malicious code that was causing your server to get re-infected. I have added the new threat to the definition of “known threats” so that others can benefit from this discovery too.

      I would, of course, be greatly appreciative of that increased donation you mentioned. It also helps to Rate my plugin “five stars” in the WordPress Plugin Directory:
      http://wordpress.org/extend/plugins/gotmls/faq/

      Reply
      • On May 6, 2012 at 9:05 pm, Will Chapman said:

        Eli

        Have have just topped up my donation with another $20.

        I must say that I have been most impressed with your plugin and the dedication that you showed when my sites were infected with something that was then unknown to any malware plugin or detection site I could find.

        It is very satisfying to now that the markers you found have now been incorporated into your plugin and will protect others from it.

        Again, many thanks,

        Will Chapman

        Reply
  • On April 16, 2012 at 8:14 am, SEO Agentur said:

    Thank you for this Plugin

    Reply
  • On April 9, 2012 at 1:11 am, Vjatsheslav said:

    Just donated $10, not much but still, hope it helps. My friends been telling me I have viruses on my sites, so I downloaded your plugin and it cleaned it up. Looks good so far, not sure if there are more viruses left. So far 2 of my sites were infected with the same backdoor trojan. Fixed.

    Reply

Leave a Reply to Jeff Cancel reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>