Table of Contents - Jump to a Section
Updated for 2019
In 2009, SuperAffiliate.com was hit with a “malware” and after a couple of cleanups – I wanted to document how to fix malware on WordPress in case this happens to you.
How to Cleanup Malware on WordPress
Here are the steps that I took (thanks to Hostgator‘s help!)
Step One – I replaced all my old WordPress files with brand new WordPress files! That actually did 1/2 the trick. The other half – you will need to remove the virus from your computer.
What are malicious iframes and what causes them?
Over the years hackers found it hard to trick people into visiting suspicious sites so they're now targeting legit sites and using them to infect unknowing customers. In most cases an FTP account's password is obtained through key logging malware, then legit website files are modified to distribute the malware and gather more passwords. If your PC has been infected with one of these trojans, your bank account, email accounts, and FTP accounts may no longer be secure.
* What to do if you find malicious iframes
Step Two. Download antivirus and fully scan your PC for malicious files. If you are looking for the one click solution, then I recommend this anti-virus software.
Step Three: Search Your Cpanel Files for Any “Weird” Looking Files. I found a file named autorun in my c drive. I opened it up using Hostgator's Cpanel, and voila' found the culprit. The malware struck again a year later, and I found a file named index.html … Since I use WordPress, I saw index.php still intact. I removed the extra index and voila' found the culprit!
Optional Steps to Remove Malware
3. Update all passwords that may have been obtained. Do not use old passwords, generate new ones.
4. Remove older versions of the files or contact support for assistance removing the malicious iframes.
How to Prevent Your Computer from Future Malware and Virus Attacks
– Ensure you use the latest browser version, and make sure you do an update on your computer every week! With the latest malware attacks, my computer updates weekly now. Also, please don't download emails with attachments. If it sounds to good to be true or doesn't sound like something that belongs to you, then there is a 100% chance it's suspicious sites..
Items Mentioned in This Blog Post
Hosting – 24 Hours a Day Support Make This My Top Recommendation for Hosting. I use it! And $3.95 Per Month Hosting! WOW!