Title: Cannot perform scan due to injected code causing error message Last modified: April 16, 2020 --- # Cannot perform scan due to injected code causing error message * Resolved [lukasbieri](https://wordpress.org/support/users/lukasbieri/) * (@lukasbieri) * [6 years, 1 month ago](https://wordpress.org/support/topic/cannot-perform-scan-due-to-injected-code-causing-error-message/) * Somehow malicious code got injected on my website. In the header, there is a javascript that redirects visitors to a site that spreads malware (added spaces after every dot to disable URL: [https://ws](https://ws). stivenfernando. com/ stm?v=l6. 0. 0). * I tried to run a CleanTalk Malware scan, but the scan gets interrupted at 0%, and I get the following error message (for obvious reasons I replaced the malicious URL with a placeholder): * Unexpected error: `≤script type='text/javascript' async=true scr='themaliciousurl' >{"comment":"allow_url_fopen is disabled"}` * I cannot get the scan to work, and I don’t know how to remove the malicious code, nor do I know how the injection happened in the first place. I tried to update WordPress to the most current version and updated all plugins, but the code injection persists. * Thank you for your support and best regards! * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fcannot-perform-scan-due-to-injected-code-causing-error-message%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 5 replies - 1 through 5 (of 5 total) * Plugin Author [alexandergull](https://wordpress.org/support/users/alexandergull/) * (@alexandergull) * [6 years, 1 month ago](https://wordpress.org/support/topic/cannot-perform-scan-due-to-injected-code-causing-error-message/#post-12684178) * Hello [@lukasbieri](https://wordpress.org/support/users/lukasbieri/) * Please, put [this ](https://drive.google.com/open?id=1wIOVjMh2P1Nd1b_mKVpMCqbDIZQ-k364) file to root/wp-content/mu-plugins and start scan again. If this catalog does not exist, create it. * Please, let us know about any results. * Be well, * [janumich](https://wordpress.org/support/users/janumich/) * (@janumich) * [6 years, 1 month ago](https://wordpress.org/support/topic/cannot-perform-scan-due-to-injected-code-causing-error-message/#post-12684937) * I also had a problem with the malicious code //ws.stivenfernando.com/fanta.js?/. I don’t have CleanTalk. Please help * Plugin Author [alexandergull](https://wordpress.org/support/users/alexandergull/) * (@alexandergull) * [6 years, 1 month ago](https://wordpress.org/support/topic/cannot-perform-scan-due-to-injected-code-causing-error-message/#post-12685051) * Hello [@janumich](https://wordpress.org/support/users/janumich/) * Please, create your own topic to find the answer. Cross-writing is not allowed on this forum. * Be well, - This reply was modified 6 years, 1 month ago by [alexandergull](https://wordpress.org/support/users/alexandergull/). * Thread Starter [lukasbieri](https://wordpress.org/support/users/lukasbieri/) * (@lukasbieri) * [6 years, 1 month ago](https://wordpress.org/support/topic/cannot-perform-scan-due-to-injected-code-causing-error-message/#post-12689477) * Hello [@alexandergull](https://wordpress.org/support/users/alexandergull/) * Thank you for the suggestion. It seems that the malicious code now also spread to the login page (lukas-bieri.ch/wp-login). The Code inserts the malicious URL after my WordPress login URL, so I get a 404 error message whenever I try to log in. I therefore cannot log in to the backend anymore, so I cannot verify if your suggestion works. * Any help would be very much appreciated, thank you so much in advance! * Best Lukas * [SergeM](https://wordpress.org/support/users/serge00/) * (@serge00) * [6 years, 1 month ago](https://wordpress.org/support/topic/cannot-perform-scan-due-to-injected-code-causing-error-message/#post-12689940) * Maybe these recommendations will help you, [@lukasbieri](https://wordpress.org/support/users/lukasbieri/): [https://wordpress.org/support/topic/hacked-138/#post-12676948](https://wordpress.org/support/topic/hacked-138/#post-12676948) Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Cannot perform scan due to injected code causing error message’ is closed to new replies. * ![](https://ps.w.org/security-malware-firewall/assets/icon-256x256.gif?rev=3518712) * [Security Plugin, Firewall, Malware Auto Removal & Login Security](https://wordpress.org/plugins/security-malware-firewall/) * [Frequently Asked Questions](https://wordpress.org/plugins/security-malware-firewall/#faq) * [Support Threads](https://wordpress.org/support/plugin/security-malware-firewall/) * [Active Topics](https://wordpress.org/support/plugin/security-malware-firewall/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/security-malware-firewall/unresolved/) * [Reviews](https://wordpress.org/support/plugin/security-malware-firewall/reviews/) * 5 replies * 4 participants * Last reply from: [SergeM](https://wordpress.org/support/users/serge00/) * Last activity: [6 years, 1 month ago](https://wordpress.org/support/topic/cannot-perform-scan-due-to-injected-code-causing-error-message/#post-12689940) * Status: resolved