How to Remove Malware form WordPress Website

remove malware

remove malware

Malware is a computer program made for illegal access and damage files and data from your computer systems and mobile devices.

Initially, malware was used for experiments and pranks. The main aim of the programmers was to annoy users and see who their talent could spread.

But in the early 2000s, the hackers spread their knowledge on a professional level and they used it for criminal purposes.

The main aim of hackers is to install malware on your computer systems and mobile devices. Once installed, they can do anything with your computer systems. Malware software can affect any device like computers, laptops, smartphones, and tablets.

Hacker main aims behind spreading malware

  • Stealing data
  • Stealing passwords
  • Stealing credit card details
  • Stealing accounts information
  • Sending spam emails
  • Accessing to computer systems
  • Display unwanted advertising
  • Extort money
  • Slows down your connection
  • Display unwanted ads

Types of Malware

Malware covers all types of threats that are harmful to your computing devices like viruses, spyware, worms, Trojans, adware, etc. Each of them has its own features and behavior of attack. We will discuss one by one these types of malware


A computer virus, much like a human disease that spread from one body to another body. Viruses are very common that spread itself from one computer to another. They can damage computer files and users personal data. Viruses are small programs or scripts that are harmful to your computing devices.


A Trojan horse is a” Greek mythology ‘when Greek army offered a gift of a large wooden horse as a peace offering. The people of Troy pulled into the city. When people of Troy had fallen asleep, Greek soldiers emerged and opened the city gate and let the Greek army in. A Trojan virus hides malware in the background. But it can perform any task like deleting files, modify data and steal information.


A hacker can install spyware into your computer without your knowledge. While opening email attachment spyware can install on your devices. Spyware, viruses are used to steal user’s personal information, user web browsing activities. Spyware software can steal your email messages your login and password information and your credit card details.


Adware software automatically displays unwanted ads on your screen. When you browse any website you see some pop-up and unclose-able window ads appear on the website this is an example of Adware Malware. This software is financially supported to display advertisement. Adware is also used to collect your browsing history, to trace the user’s activities at any website.


Worms are like other viruses having the ability of self-replicated and spread itself independently. Worms transfer its copies through computer networks; it can transfer thousands of copies itself. Worms cannot alter any file on your machine, but they consume your memory and hard disk space. You can only detect worm if your computer begins to slow down.

How Malware affects Websites?

Many people have this misconception that, malware only affects computer windows and smartphone devices, they have the wrong opinion. Malware can affect anything even your website may become a victim of malware.

The world of internet is full of malware threats, every day thousands of malware are created by the hackers for different purposes. Nowadays, websites become the main target of the hackers because millions of people are using the internet.

Website owners improve their websites with more rich features like photos, videos to attract visitors and customers. The more features a website has, the more vulnerable it is to attack.

There are various ways hackers use to gain access to your websites. Hackers spread malware to a website through its server.

Malware can affect fundamental operations of your website. Hacker can steal information about your organization, your staff, and customers personal detail. They can use your items and services for criminals’ purposes.

When your website affected by the malware, then it’s time to take quick action as early as possible.

Because Google and other search engines blacklist your website. Google trace malware on your web pages through its Google safe browsing feature.

Whenever a user visit to your website a warning page comes up and warns users to visit the page at its own risk.
What happen when your website blacklisted

When your website blacklisted, then your search engine ranking and traffic decreases. It throws bad impression about you and your organization. You may lose the trust of your customers. When they find your website is unsafe they avoid to visiting your website.

How do you remove malware from website?

I will share with you, my personal experience. When I started this blog after 3 days of its launching blog affected by malware.

Google sends me an alert message via Google webmaster tool that your website is unsafe for browsing and some contents of your website are harmful.

At that time I worried about what it do to remove malware from my blog. I searched every source on the internet to recover my blog from malware but all tools were a waste of time.

I used many WordPress plugins to scan and remove malware from my blog but all in vain.

After all, one of my blogger friends tells me about ‘Anti-Malware from GOTMLS.NET WordPress plugin. He gave me details of how to use this plugin step by step to remove malware from any WordPress website.

I follow every step he told me. After using his tricks I recovered my website from malware.

In this post, I will teach you to step by step how to remove malware from any WordPress website.

First of all, got to your WordPress admin panel and click Plugins and then Add New.


In Keyword search area, type ‘anti-malware’ you can see a plugin ‘Anti-Malware Security and Brute-Force Firewall’. Now click Install Now.

Click at Activate to activate plugin.

On the left side of the WordPress admin panel, click at Anti-Malware.

You will see the main page of Anti-Malware plugin. Now on the right side, click ‘Run Complete Scan’.

Now let the plugin to scan complete website.

After 100% completion, you can see on the bottom side there are two affected files are there on the website.

Now click at any affected file.

You can see a new window comes up. Click at the blue text [1].

You can see the malware script in the file.

Right click on the highlighted text and copy it.

On the top side there is a file path that located in the CPanel public_html directory. Remember the file path because we will clean this file.


Now go to your website cpanel.

Click at File Manger.

Click at public_html.

Click at wp-content.

Clic at Plugin.

Click at wordfence.

Click at js.

Click at jquery-ui-timepicker-addon.js.

Click at edit on the top side of the page.

A small window will come up. Now click edit at the bottom side.

You can see a code editing page will appear on the screen.

Now press ctrl+f key button you can see a small search box appear on the right side of the page.

Paste the code you copied from the WordPress admin panel. Delete the highlighted text from the code editor.

After deleting highlighted text, click on Save Changes.

Your one affected file has been cleaned from malware threats. Now go back to the WordPress admin panel and select another file and repeat the process you already did.

After cleaning all files go to the anti-malware plugin and scan the website again. After 100% completion you can see there is no affected file detected.


Comment here