Kirby James

Forum Replies Created

Viewing 1 post (of 1 total)
  • Author
  • in reply to: MySQL Database Contains Malware Signature after Clean #2433

    Kirby James


    My site seems to get hacked at roughly weekly intervals. Mostly existing links are replaced by links to advertising sites. Anti-Malware successfully ‘removes’ the malware such that the pages are now delivered with their correct links.

    Before using Anti-Malware I downloaded the WordPress site to my Windows desktop. I wrote a script to then search for malware. This I categorised as ‘probable malware’ (e.g.  ’clksite’, ‘adfly’ and ‘remarketing’) or possible malware ( e.g. ’eval(‘ and ‘<script’).

    Before the first infection my scan showed 1 (probable) and 7 (possible) items of malware in the SQL dump of the mysql database.

    After the first infection my script picked up 715 items of probable malware and 721 of possible malware in the database. After running Anti-Malware, and  quarantining and deleting the malware these figures dropped to 185 (probable) and 191 (possible).

    After each subsequent infection the counts jumped and dropped a little after running Anti-Malware. Upon re-checking with Anti-Malware – no malware was reported.

    I’m puzzled as to why I still detect malware in the database – is there any way of removing it?

    Many Thanks






Viewing 1 post (of 1 total)