How to clean infected wordpress site – WordPress remove malware

Today in this article , we will learn how to clean infected wordpress site . Once infected, these kind of malware is very stubborn to remove and can ruin your repuation and search engine ranking if not cleaned at the earliest.

In this particular case, we will use on of my friend’s wordpress based website which was recently infected by wp-vcd malware. The infected website will be redirected either automatically or upon clicking anywhere on the webpage to some spammy and shady websites. In some cases it also opens a browser fake notification and tricks the user to click on certain buttons . This is really bad for your websites and one should clean infected wordpress site immediately to avoid further damage.

WP-VCD is an ugly malware which silently creates multiple files on your wordpress site and even modifies your core files. Be with me till the end of this video and you will learn how to remove wordpress malware from an infected website.

First thing first, if you do not have the copy of wordpress core file, then you must download it on your local computer before we start the wp virus removal process.
In this video we will use Cpanel defaul file manager, but you are free to use anything you want.

1. Now navigate to wp-includes folder
2. To sort the files by date, click on “last modified column”
3. At this point, you will see some files like wp-feed, wp-tmp and wp-vcd, these are the files that injects malicious codes into our wordpress site.
4. Delete these 3 files
5. Rename post.php file located inside the wp-includes folder
6. Uploaded a fresh copy of post.php from your local computer

WP-VCD wordpress malware also injects codes into our theme files , so now we need to clean them as well.
7. Navigate to wp-content , then themes folder. In this folder you will see all the themes that you have uploaded. Both active and inactive themes. Remember this particular
malware infects all the themes and not just the one that is currently active.
8. Now move to your currently active theme folder and look for functions. php
9. Once you have located the functions.php file, click on edit and remove the section as shown in this video.
10. Do the same to other themes as well.

Your website is now clean . And lastly I would recommend my viewers to use anti malware plugin to tighten your security. These malwares often orginate from themes and plugins which are downloaded from unoffocial websites, so always download wordpress plugins or theme from reliable and known sources.

One Reply to “How to clean infected wordpress site – WordPress remove malware”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.