Thanks for reporting this issue. Please send me one of the infected files so that I can see why it failed to clean it and fix this issue.
You can click on the files listed on the scan results to see the contents and highlight the malicious code in those files that will be removed when you click the Automatic Fix button. After you run the Automatic Fix you can view the contents again to see that the malicious code was removed. If you keep checking those files and you find that they are in fact getting reinfected with the same threats sometime after the cleaning then you will need to look for the source of the infection or the security hole that is letting in this threat.
You should check the access_log files on your server to see what activity was taking place at the exact time of the infection (the modified timestamp of the corresponding files).
If there was nothing in your log files for that oresponding time then the infection is likely spreading from another site on the same server, possibly someone else’s site that is not even on your account. Shared hosting account are not sure and are one of the easiest ways for hacker to infect many sites with attack on a single vulnerability on your server.
Did you scan again to make sure that the site is all clean (sometimes the hacked files are timed to come back if the original exploit is still presents)?
Also, make sure you don’t have any caching enabled (cached files might still show old threats that have already been removed).
If you are sure that there are no more threats and no caching then please email me a link to the infected pages so that I can inspect them (please don’t post the link on the forum).
Can you please email me that wp-blog-header.php file as an attachment so that I can see what is going wrong?
If by “I am having the same problem.” you mean that you are also unable to save any changes to your WordPress setting in any plugin then I cannot help you. I have already established tat this probmel has nothing to do with my plugin and I do not support any othe other plugins that you have mentioned.
If you figure out why you cannot save changes to your database then you can post your solution here i=so that it might help other having the same issue but I suspect that it has something to do with your hosting or your database permissions.
Please, what does show up when you click “taking too long…” (a screenshot would be very helpful)?
There must be somthing on your site that is blocking my script, we just need a clue as to what that might be. You could also check the error_log files on your server.
It looks like your site is now clean. If you have a screenshot that shows evidence of a remaining infection, you can attach it to an email and send it directly to me.
I don’t see any more threats. What 2 treats does Sitelock say you still have?
I don’t know what you mean by “half threats”, my plugin provides an automatic fix button for any known threats that are detected.
If you have any other info or questions can you send me a screenshot so I can see what you are referring to?
It shouldn’t take more than 30 seconds to fix the selected threats. If it is still going after a couple minutes you need to click the “taking too long…” button to see the error that is preventing the page from loading.
You can also combine your registrations into one account registering them all under the same email address. If you login to http://gotmls.net/members/ using the password send to one of your emails then you can transfer that registration to one of your other registered emails.
You need to download the definition updates and then the known threats will be marked in reg and my plugin can remove the malicious code for you automatically.
I replied to you directly but I think the email you gave was not correct. This threat is in my definition updates but I can see that you have not downloaded the latest definitions. If you want my plugin to be effective against the latest threats you need to download the latest definition updates.
Thanks for providing access to your wp-admin. We established that your database is not accepting any changes, so you cannot save anything in my Plugin or any other plugin either. I advise that you take this up with your hosting provider and move to another host if they cannot fix the database connection for you.
It looks like you broke the DNS for bytemeup.com at NAMECHEAP by pointing the Name Servers at NS1.BYTEMEUP.COM and NS2.BYTEMEUP.COM, so now there is now way to lookup the A Records for that domain. Try setting the Name Servers back to the NAMECHEAP Standard DNS. Then use the NAMECHEAP to set the IP address for your A records to your new host.
Sending me the zip file won’t either of us any good. You need the whole site (DB included) UNZIPPED and configure on a webserver in order to properly clean it and get it working again. The error_log files are the key to your success. Let me say that again, another way, you need to find your error_log files. The error_log files are essential to debugging any problem with any site, it’s worth you doing the research to find you error_log files. Please do that regardless, you’ll thank me later 
Moving on, you said you have another site that is able to run the scan but there are still infected files, can you please elaborate?
You can send me the files that are still infected, directly to my email.
I know you told me that the malicious code is in your core files, that is extremely common, but that hardly ever means that you cannot login. You see, it’s not usually in the best interests of the hacker to disable or cripple your site, they can only take advantage of your infected site if it is still functioning. It was probably an accident that they broke your site at all.
You can check the error_log files on your server to see why your site is not working and fix that problem so that you can use your wp-admin again and then use my plugin to remove the rest of the threats. You could also try replacing the wp-admin and wp-includes directories with a fresh copy and manually fixing some of the core files in the root directory, but it would be more efficient to fix the exact file that is referenced in your error_log file.
