Get Off Those Maliciously Loaded Scripts!
Download this free Anti-Malware Plugin for WordPress.

can you send me this hear.php file too?

Thanks for those files, I have added both of these to my definition updates.

If the same infections are coming back then either your server is still infected (it may be another site on the sever) or there is a backdoor that is being overlooked. Check your servers raw access_log files to see what scripts are being accessed at the time of the infections (see the infection times in the Anti-Malware Quarantine.

It may not show up under the account that you are logging into my site as because it was registered to a different email address so it is under a different account.

You can click on the green checkbox by the registration and update info in the upper-right of the Anti-Malware Settings page in your wp-admin and then re-register that site to the correct email address.

!. You are only finding Potential Threat (which are not fixed because they may not be malicious at all) because you have not downloaded the latest definition updates. Download the definition updates and the my plugin will find and fix any Known Threats.

2. If your site is blacklisted then you will need to manually request a review to get your site off the blacklist.

Ouch! Excuse me but I pride myself on the work I have put into this plugin, and you might see that it is working for thousands of other contented users. The fact that I offer this great work for free (or more accurately: for voluntary donations) does not mean that you should expect it to be junk.

Now, if you are having an issue with a repeated infection then perhaps you would like to ask for more help rather than just writing my plugin off as “straight up doesn’t work”. It sounds to me like it is working when you scan and clean the site, but then you are getting re-infected again and again. There could be other vulnerabilities on this site or other sites on the same server that are letting the hacks in after the cleaning. If you want to tell me which site your are having trouble with and maybe provide some details about the problem, or screenshots, or your wp-admin login (you can email me directly if you want), then I can provide more help.

Also, You should understand that there are many hosting providers that offer cheap shared hosting solutions that are fundamentally insecure and at some point it does not matter how many great security plugins you have (or how much you pay for them) because nothing can stop the spread of some malware on a typical shared hosting account once it’s made it onto the server. Sometimes the only solution is to move your hosting to a more secure host.

Anyway, if your interested in receiving any help on this please consider contacting me again with some details that I might be able to shed some light on for you.

This is normal, and you can click on the “Skipped Files” link to see the list of files that were skipped. You will notice that most of them are binary file types that do not execute PHP code and some others may be empty files. You can hover over each file on the list to see why it was skipped.

I hope this explanation helps, and please let me know if you have any more questions.

There are no “falsely registered” keys, and you should not try and register a key that you have on one site to another site. Each site gets it’s own key and each key should be registered to the site that it was generated for (not any other sites).

However, you can register all your sites to the same email address so that they are all on the same account, as I see that you have two URLs registered to this account. If you have registered any keys to another email address then simply login to http://gotmls.net/members with the password that was sent to that email and then transfer that registration to your main email account.

That message is not coming from my plugin. There must be something else that is interfering. Can you send me a screenshot so I can see what it might be?