How To Removed My WordPress Website Malware & virus : The term malware is a retrenchment of malicious software. In simple words, we can say malware is any piece of software that was written with the determined of doing harm to data, website or devices. The following are common classes of malware, but it’s hardly meticulous: virus, Trojans, spyware, worms, ransomware, adware and botnets.

Each class of malware has its own way of infecting and harming computers and data. So, each class requires a different malware removal method. Avoiding apprehensive emails, links or websites are good online behaviours to have, but will only get you so far; attackers can sometimes attack even through genuine websites.

This article is about how to remove malware/virus from WordPress website. Here are the steps that will teach you about the malware removal process from WordPress website:

Let’s begin with the basic step:

Step 1:

Download a fresh copy of WordPress from WordPress Cms

Step 2:

In this, you will download a zip file. Excerpt all of those files to your desktop and leave them for now.

Step 3:

Next step is to login to your hosting Cpanel or FTP account. It should look like this:


In this, everything should be deleted excluding the wp-content folder and the wp-config.php file.

So now it should look something like this after removal of folders:



Next process in the third step is, to go into the wp-content folder then plugins. Write down a list of the plugins you are currently using and remove the plugins folder and also the index.php file. After cleaning these folders you will need to reinstall your plugins once again as fresh.

Now go into the themes folder and delete any theme that you are not using. Then you will need to check every file in your current theme folder for virus or other forms of malware. You can remove the entire theme’s folder if you have a fresh backup of your theme.

Now come to the uploads folder. There should be no .php files or anything that in your upload folder. You should diagnose things you have uploaded to your site anything else should be deleted.

Step 4:

In this step, you can reload your fresh WordPress files from your desktop that you have copied or transferred earlier. It’s much easier to upload these files via FTP. Make sure you don’t reload the content folder, it will rephrase what you currently have there.

Step 5:

Your WordPress site now visible and clean. It’s time to reinstall plugins and your theme if you were deleted the entire theme.

Step 6:

In the final step, change all of your passwords and make sure they must be secured.


Getting your website infected with a virus or hacked is not a fun. But you are able to recover from it easily. So stay calm and follow above steps to resolve the problem. If still found a problem then call to the right support team to fix the issue and running again your website.