If you’re infected with this malware and you can’t find where the heck is it in your WordPress blog, then you can thank me as I found a very useful script to scan all your WP files and detect where are these malwares in your blog. You can’t find it anywhere in your theme files, if you scan your site and view the source code, you can’t locate it.
This malware is really annoying as it will make your site blacklisted in Google, and you’ll be really annoyed because even if you update your theme or update your WordPress files, it will never be gone. Google Webmastertools can easily detect it, but they will not show where it’s located exaclty. Just like the screenshot below.
The same case with Sucuri.net. They can detect the malware, but they won’t show you where it’s located exactly. Too bad, this is invisible to the human eyes. I tried to view my source code and opened all my WordPress core files and themes and I really really really can’t locate it! Damn!
But thanks to this script called rrnuVaccine by walkeralencar. All you need to do is upload it in your public_html folder and run it. It will detect your site for all rr.nu malwares!
That’s it! I hope this post will be useful for those who wants to get red of the rr.nu malware.