Get rid of those nasty malicious scripts!

WP Malware Removal is a malware scanner plugin for WordPress. I created this plugin to help WordPress admins clean infections off their sites.

Testimonial:

My website was redirecting one day due to malware. I found them online and they responded immediately. My website was restored normally in just one hour, fantastic! They are the experts in this area, totally trustworthy!

—Morris

In 2008 I had a scary incident: my own site got hacked. Read how I removed malware here. I didn’t come to know of it until I saw a notice in Google Search Console (then known as Google Webmaster’s tools). My site wouldn’t show up in search engines. But somehow it did open fine. And then I get a mail from one of my site visitors that my website is hacked. How? The attackers didn’t seem to have left any clue. I resubmitted my site to Google for review which was instantly declined. This left me pulling my hair; and I had no intention of going bald. I was just 26 and not even married.

Certainly there was more to it than meets the eye. I wrote to HostGator, They said they did run a scan and have cleaned up what they found. But my site was still infected. And now with HostGator saying that they had removed the infected files, I had no clue what data and files they had deleted, what had I lost and where to look for further help.

This was getting confusing, scary and frustrating.

I put on my software engineer hat and began examining. I opened up my site and all looked well. But then I noticed the status bar seemed to fetch some external weird looking URL.

What was it? I opened up the source code. Something didn’t look right. There was a strange snippet of JavaScript in the footer. But there was no clue as to what was inserting that script.

I looked up my WordPress theme files and found nothing there. I reviewed each plugin file one by one and found nothing there. You can see how painful this process was. Finally I discovered a core WordPress file that seemed to have that strange piece of code. It didn’t seem to do much but it was cryptic. There was something going on. An obfuscated piece of script was fetching an external url and triggering the download of a malicious java applet on my system. Yikes!!! I closed up my browser, cleaned up the entire cache, temporary files and everything else I could.
This was getting suicidal.

Imagine my website might have infected so many visitor’s computers. And HostGator telling me that everything was clean. They didn’t even tell me what was infected and how did the infection got in in the first place.

Don’t you want to know how your website got infected? Can you be certain that the backdoor is closed and the website will not get infected again? Do you want to keep seeing the website getting infected again and again and you having to pay someone to clean it up?

This incident inspired me to create my own WordPress Malware Removal plugin to help me address 3 key areas required for a long-term, permanent solution:

  1. Identification: What files or data is infected?
  2. Root Cause Analysis: How did the infection get in?
  3. Solution: How to clean up the infection?

While the plugin is free and can point out the infected files, it can be a little challenging to come up with a permanent long-term fix. After any security incidence it is critical and imperative to do a root cause analysis to find a permanent solution. To that end, expert human intervention and skill is required. If not the site will get infected again… and again… and again… Till you have money to spend on a fix or eventually give-up and leave things be.

Ongoing Development of WordPress Malware Removal Plugin

wp malware removal

I keep adding new signatures and malware definitions as they are discovered. Also my server server definitions to thousands of sites, thousands of times a day (quite a server load for my tiny web-hosting). I thus ask anyone who can, to contribute and share my load and help me continue to develop this product. This not only pays for the charges that you incur on my server but also helps others benefit from an excellent free solution to address new threats, vulnerabilities, malware and the likes. Please make a donation to keep it going.

And do not hesitate to write back to me if you need help. I do offer WordPress Malware Removal Service. You can download the free plugin here. Most of the times I do it for free and this helps me learn and discover new malware signatures. If there’s an overhead, I do charge a fee but would inform you upfront of what’s involved and how bad the damage is.

Comments on this entry are closed.

  • prem March 15, 2019, 12:02 am

    Hi,
    I have my wp infected by some redirecting malware. I just installed your plugin and started the scan. There was no movement in the progress meter for 3 hours. But the word ‘scanning’ is blinking. Do I miss any thing?. Your help in this regard is much appreciated.

    • Shiv March 21, 2019, 9:56 am

      @Prem: Your site has the JavaScript redirect malware which was caused by a database infection. I believe the issue is resolved after I worked on your site. If you still need help, just reply back. Thanks 🙂

  • Tsz Leung Law April 10, 2019, 10:56 am

    This is Morris you just helped you like 1 hour ago, I don’t know what to say but thank you so much for your good job!!!!! you are such a life saver for me… !

    • Shiv April 10, 2019, 10:57 am

      @morris: my pleasure. Glad I could help.

  • Marko May 22, 2019, 6:35 am

    Hello,

    your Plug-in was scanning. Then it was interrupted.
    Now the Plug-In inst working/starting any more?!

    Can You help me Please 🙂