Title: Malware Removal
Last modified: August 20, 2016

---

# Malware Removal

 *  [clagare](https://wordpress.org/support/users/clagare/)
 * (@clagare)
 * [13 years, 11 months ago](https://wordpress.org/support/topic/malware-removal/)
 * I need malware remove from the site: blog.bronxlabschool.org please. I have no
   idea how to do this? Can WordPress do this?
 * See below from a Sucuri Scan.
 *     ```
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-content/themes/TheCorporation/js/DD_belatedPNG_0.0.8a-min.js
   
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-includes/js/l10n.js?ver=20101110
   
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-includes/js/jquery/jquery.js?ver=1.6.1
   
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-content/themes/TheCorporation/epanel/shortcodes/js/et_shortcodes_frontend.js?ver=1.6
   
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-content/themes/TheCorporation/js/jquery.cycle.all.min.js
   
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-content/themes/TheCorporation/js/jquery.easing.1.3.js
   
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-content/themes/TheCorporation/js/superfish.js
   
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-content/themes/TheCorporation/epanel/page_templates/js/prettyphoto/jquery.prettyPhoto.js?ver=3.0.3
   
       Malware found on javascript file: http://blog.bronxlabschool.org/wp-content/themes/TheCorporation/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1
   
       Suspicious conditional redirect on: http://blog.bronxlabschool.org
       ```
   

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [cjchamberland](https://wordpress.org/support/users/cjchamberland/)
 * (@cjchamberland)
 * [13 years, 11 months ago](https://wordpress.org/support/topic/malware-removal/#post-2866444)
 * 1) First, do you have a “clean” back-up of your site, if so, just restore it 
   from that.
 * 2) If #1 doesn’t apply, do the following, check all .htaccess files, index.php
   files and any include files or theme files you may be using.
 * 3) Remove any code that you find in your “legitimate” files that matches any 
   of the following (Note – this isn’t an all exhaustive list, it’s the most common
   issues I’ve seen):
    a. “eval(base64_decode(…..” b. “edoced_46esab…” c. “getMama…”
   d. “115,99,114,105,112,116….” e. “document.write(‘<iframe…..”
 * 4) Look for any php files in any image, css, upload, download, etc directories
   that would not normally have a php file in them. Check the file contents for 
   base64 strings and thing that point to it being a php shell such as “FilesMan”,“
   c999sh”. If you find files like this, DELETE THEM.
 * 5) Once you’ve cleaned your site – UPGRADE it if you are not running the latest
   version to remove any possible publicly available vulnerabilities.
 * 6) Also I would recommend checking permissions; files should be at 644 and directories
   at 755 (this depends on your hosting company/server – this is the most common
   setting).
 * 7) Once you have completed all those steps, go to [http://www.google.com/webmasters](http://www.google.com/webmasters)
   and if you don’t already have an account create one (Obviously if you have one–
   skip this step).
 * 8) Once you’ve created your account, add your site, then on the left hand side,
   click on “Health”, “Malware” . If they have you flagged, and you have cleaned
   your site, submit it for re-evaluation. This usually will take between 48-72 
   hours before you are cleared.
 * Hope this helps!
 *  [jennygirlie87](https://wordpress.org/support/users/jennygirlie87/)
 * (@jennygirlie87)
 * [13 years, 1 month ago](https://wordpress.org/support/topic/malware-removal/#post-2866736)
 * I’m glad I found this topic! Thanks for the how to, it’s really helpful! I also
   found some other tutorials on the web which helped me a lot.
 * [http://blog.sucuri.net/2012/07/website-malware-removal-wordpress-tips-tricks.html](http://blog.sucuri.net/2012/07/website-malware-removal-wordpress-tips-tricks.html)
   
   [http://jeremysarber.com/how-to-remove-malware-from-wordpress-and-keep-your-site-protected/](http://jeremysarber.com/how-to-remove-malware-from-wordpress-and-keep-your-site-protected/)
   [http://blog.securepress.org/how-to-remove-malware-from-wordpress/](http://blog.securepress.org/how-to-remove-malware-from-wordpress/)
 * I went through all of them and finally I think I’ve got rid of the stupid malware
   and my blog works again. Now just waiting for Google to check it!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Malware Removal’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 3 participants
 * Last reply from: [jennygirlie87](https://wordpress.org/support/users/jennygirlie87/)
 * Last activity: [13 years, 1 month ago](https://wordpress.org/support/topic/malware-removal/#post-2866736)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics