Malware Virus are one of the scariest things you could get as a webmaster (there are others worse than this), it stops visitors from coming into your website as Google blocks them and visitors drop and the rest drops too. One of my websites was hit badly last time that Google suspended my adwords account and had a Malware Virus warning to those who tried to load our website.


malware virus


At first, this malware virus infected certain pages so I went ahead and checked and it seemed clean. I also installed sucuri scanner which did the malware viruses scan and declared our website clean. I requested for a review and the approved, our website went back to normal. After a few weeks, the worse happened, the malware virus infected the homepage which resulted to our website being branded as an attack site and stopped users from entering our website.


I never knew how to resolve this before, and after countless hours of researching and reading many different support forums and blog posts about it, I tried the following solution:


wordpress malware virus


Solution to Malware Virus on WordPress Clean up


  1. I installed all types of malware virus scan plugins in WordPress (there are a lot of free virus and malware remover)
    • Sucuri Malware Scanner (I reinstalled and made sure to update it)
    • Malware Finder
    • Get Off Malicious Scripts (Anti-Malware) **The best malware spyware removal tool
  2. Sucuri Malware Scanner and Malware Finder cleared the website and declared the website malware free but Get Off Malicious Scripts found a lot of malware virus. (make sure to remove all the file exceptions, as some hide from other file names)
  3. It detected TimThumb.php which I forgot to update (there’s a loophole), and found a lot of decode base eval etc. that was embedded on our codes. It was able to clean it up automatically and renamed the malware virus infected files with a _bad which allowed me to clean it very easily.
  4. I thought it was over but Google cleared but my server memory was always overloading. I was clueless and didn’t know what to do. I had nowhere to go to for help as I’ve searched all the forums thoroughly. I found one forum that he hired an expert to fix his website, I went and contacted him.
  5. His name is Michael Vendemar (michael(at), he charged $65 / hour and really did a great job of cleaning the last few remaining malware to the website and fixed up the website.
  6. He found the remaining malware hidden as a .jpg file, and it went thru via the TDO miniforms that we left behind before. Also, the overload was caused by the 404 that was requested from timthumb and the solution was to have a static 404.php page.


I was very happy that we’ve finally fixed our website nicely. I was really worried as to how far the malware virus had hit us. Now our website is malware virus free and is using only 1/4 of the memory that it used to take before.


Did anyone have any problem with Malware Virus? What was your experience?

Tell us what you think!