It might just be that the page on your site is cached and not showing updated registration info.
If you clear your cache and refresh the page and it still does not show that the site is registered then can you please send me a screenshot of that page?
You still have an account with 7 sites registered to it, which one is saying that it’s not registered?
Send me a screenshot of the page you are seeing that says your site is NOT registered and I can figure it out for you 
Your problem is a common one, and I can tell you the basic steps to pin down where this repeated infection is coming from.
Understand that there are two main types of exploits that hackers could use to continually infect your site (internal and external).
An internal exploit is one where there is a vulnerability on your site and the hacker, bot, or automated script is exploiting that vulnerability to infect more files on your site. If this is the case then there will be evidence of this activity in your access_log files. Simply examine the activity recorded in your logs at the exact time that the last infection occurred and you will have your answer (infection times are saved in the Anti-Malware Quarantine). If there is no activity in any of your log files at the times of the last infections then you can assume that these infections are coming in from an outside site, not any of your sites.
The most common kind of external infection is a cross-over infection from another site that is hosted on the same server as your site. Shared hosting server are notorious for having no cross-site security and thus it is extremely easy for hackers who have taken control of one site on a typical shared hosting server to use that site to infect all of the other sites on that same server (even if they are on another user’s account). This type of infection is harder to detect without root access to the server and even harder to prevent, as you will likely not have access to restrict the activities of other users on that server. The best thing you can do in this case is to move your sites to a more secure hosting environment.
Please feel free to let me know if you have any more questions on any of this.
It looks like the site is working now. did you fix it?
I think it was hacked by exploiting a known vulnerability in the older freemius class used by your woo-product-gallery-slider plugin.
I can see that my plugin has patched this vulnerability for you but you may want to update that plugin and then scan again to see if it still has any more vulnerabilities.
What site are you needing help with?
Did you try the Complete Scan again?
The tokens are automatically generated every time the page loads but they do expire if you leave your browser on that page for too long. As the message says: Please try re-submitting the form.
If you refresh the page and try the scan again and still get the Token error then there might be something wrong with your database.
Click the “Taking too long” button to see the results, maybe there is an error message?
You should also check your browser’s Error Console for JavaScript Errors.
Also, check the error_log files on your server to see what errors are recorded there when you try and fix the threats.
I see the directory index every time I load your site. I can’t tell if it was done maliciously or it your server is just not configured correctly, but it’s definitely not working. I don’t see any obvious signs of malware but it’s hard to tell when your site is not loading right anyway.
I would suggest that you talk to Gridhost about getting your server configured correctly or move to a better hosting provider if they are not going to help you.
Yes I am familiar with the vulnerability in that plugin and it has been pulled from the WP Plugin Repository. I am working on a way to auto-fix this new threat because it cannot me done by a simple SQL Statement without corrupting your other settings.
Anyway, thanks for the response. I’m glad that you got it working.
I don’t see these scripts you are referring to. Can you tell me how to recreate this redirect that you are getting, or send me the code that you have found which my plugin has not identified as malicious so that I can add it to my definition updates.
Yes, If your server cannot start a persistent session the Brute-Force Login Protection will not work for you (and other things that require and active session may not work either).
There are many reasons that your server is not able to start a session. You need to ask you hosting provider to look into it and let you know why sessions are not working. Also ask them if mod_rewrite is installed and make sure that you can use rewrite rules in your .htaccess file.
You can simply re-register your key using the same prefilled registration form on the Anti-malware Settings page of your wp-admin, just make sure to change the email address before you submit the form and it will update the registration records on my side.
Yes, I play nice with other security plugins
There is no reason to deactivate this plugin when not in use, and I don’t recommend it.
You just need to register this new key to your email account on file. Use the registration form on the Anti-Malware Settings page in your wp-admin.
As on any WordPress site you can change your Profile information here:
http://gotmls.net/wp-admin/profile.php
