How to Remove Mikkiload Virus from WordPress

Not sure how to remove the mikkiload virus/malware from your WordPress blog? I know these types of virus attacks on websites make us panic – but there is nothing to be panic about. Removing viruses like mikkiload is easy from our WordPress blog and it just takes a few hours to completely remove them and make our website virus-free again.

So if your website gets attacked by the mikkiload virus, then here in this guide, we’re sharing some easy steps through which you can completely remove the virus from your website.

Note: This guide is specially curated to remove the mikkiload virus from the WordPress blog, if your website got attacked by some other type of virus, then you can reach us at [email protected] and we’ll help you in removing the virus from your blog completely.

Before getting started, you need to make sure you’ve access to your MySQL database and the access to WP-Admin console. Also, please make sure you’re aware of how MySQL database work and how to work with WordPress and raw SQL database.

Suggestion: If you’re not sure how the MySQL database works or don’t have any technical knowledge, I highly suggest you hiring some technical guy for the same. You can also hire us to solve the mikkiload virus issue from your WordPress blog.

But before continuing further, let’s know how the mikkiload virus spreads to your WordPress blog…

What is Mikkiload Virus and How it Spread?

Mikkiload is a type of trojan virus that affects the system as well as websites hosted on WordPress. It mainly hijacks the MySQL database and attaches itself to various WordPress posts, widgets, and plugins.

The virus is commonly spread by using some malicious plugins on our websites – and most of the time, when people ask me to solve this issue on their blogs, I find out they’re using some poorly coded older version plugins on their blogs and some cracked plugins or themes as well.

But it doesn’t mean this virus only spread from cracked plugins, or themes. The last three websites which I encounter this issue with the Swift Performance plugin (free version) on their website and I found some mikkiload files written on the coding of the plugin (maybe due to some unknown vulnerabilities).

Can I Use WordPress Security Plugins to Remove this Virus?

When a friend of mine first came up with this virus attack to me, I tried removing the virus using Wordfence and Sucuri plugin – but they’re of no use to me (I tried the free version of their plugin). Wordfence has shown some changes in the core integrity of the plugin’s files but can’t fully mitigate this issue. Thus it leaves us with the only option to manually remove the virus from our blog.

Also, I don’t know if they’ve updated their database to mitigate this type of issue on Wordfence blogs – but you can surely give it a try. If nothing works, you can try the methods which I shared below to remove the virus from your blog.

Step by Step Guide to Remove Mikkiload Virus from WordPress

So the wait is over!

Here I’m sharing the step-by-step guide to remove Mikkiload Virus from the WordPress blog. You can use the steps which I shared below to completely remove the virus/malware.

But removing this virus from your WordPress can be tricky, especially when you’re working directly with the MySQL database. So please follow the steps carefully.

Remove Mikkiload Virus/Malware from Widgets

As I told you earlier that this virus attaches itself to the WordPress posts, widgets, and plugins. So, we first remove the virus from the widgets area – it hardly takes a minute or two to remove this virus from your widgets.

First of all, you need to go to WP Admin > Widgets and then open the widgets one by one to find out any “Custom HTML” or “Text” widgets” (Mikkiload mostly targets the widgets which actually take some text input in widgets).

remove mikkiload from wordpress widgets
Remove Mikkiload from WordPress Widgets

Once you find out any “Custom HTML” or “Text” widget, the next thing you’ve to do is, open the sidebar widget and scroll to the end of widget content (as shown in the image below).

mikkiload virus in wordpress widgets
Mikkiload Virus in WordPress Widgets

You can see in the image above, it shows some "script src=" at the end of the widget’s content. So you’ve to remove those HTML codes from your widgets one-by-one.

But before removing and making any changes to your website, I highly recommend you to first take a backup of your WordPress blog using the Updraft Plus or the All-in-One WP Migration Plugin.

The code is successfully removed from the widgets area of your WordPress website. Now, we have to remove the code from WordPress posts with the help of the MySQL database in your cPanel account.

Remove Mikkiload Virus/Malware from WordPress Posts

This method can be tricky, so I highly recommend you to hire some experts for removing viruses from the WordPress posts. And if you’ve technical skills or knowledge and knows how to do it, then you can use the steps I’m sharing below to remove viruses from your WordPress posts.

You can also try removing the virus using a few plugins like “Search and Replace” – but when I tried RegEx code to remove the virus from the database of my WordPress, it couldn’t work for me, so it again left me with the option to manually remove the virus!

phpmyadmin login
phpMyAdmin Login

To remove this virus from your posts, you need to open your control panel and then click on the “phpMyAdmin” option showing in the cPanel.

find the table named "wp_posts" in sql
Find the table named “wp_posts” in SQL

Once you’re inside the database of your blog, click on the database you’re working with and then click on the “wp_posts” table (as shown in the image above).

This table saves all the posts and pages which are published or saved as a draft on your WordPress blog. Once you’re inside the wp_posts table, run the query I shared below to find the posts or pages which are affected by the mikkiload virus.

Query;

SELECT post_title,post_content from wp_posts WHERE post_content like '%mikkiload%'

This command will show the list of post names and the contents which are affected by the mikkiload virus. You simply have to open the post_content of every post one-by-one and slowly scroll to the end of the content.

mikkiload, mikkiload virus, mikkiload virus wordpress, remove mikkiload virus
Mikkiload Virus in Post Content

At the end of the post_content, you will again find the HTML script starting with the "script src=" attribute. You simply have to remove the “script” attribute and its content from every post which you find affected in the database.

It will successfully remove the mikkiload virus from your posts. Now the only thing left is, to remove the virus from plugins and theme files.

Remove Mikkiload Virus/Malware from Plugins and Themes

The last thing which you need to do is, take a complete backup of the WordPress files (i.e., wp-admin, wp-content, wp-includes folder, and all the files inside the public_html folder) and download them as a zip file in your system.

Pro Tips: If you’re using a server with SSH access, then you don’t need to download the files and folders to your system. In case of this, simply log in as the root using the terminal.

Once your file is downloaded, unzip it and then run the command I’m sharing below to find the specific content in files and folders. You can also run this command directly in the terminal of your server.

grep -r "mikkiload" /home/username/public_html/ (change the “username” with the username of your cPanel)

This command will recursively check the files and folder inside the “public_html” folder where your website data is stored and share the filename where the virus attached itself.

You simply have to remove the plugins or themes which are affected by the mikkiload virus – this may also change the look or overall functionalities of your website.

Frequently Asked Questions

How to Be Sure, If the Theme or Plugin I’m Using is Not Malicious?

You can use a few websites like VirusTotal.com to check the plugin and themes for virus and malware issues. It scans your files with hundreds of antivirus and shares the results with you.

Apart from this, you can use software like Immunify on your cPanel/WHM to protect your website from these kinds of attacks. And I highly disagree with using nulled or malicious plugins/themes on your website.

Can Virus or Malware Attacks Degrade My Website Ranking?

Yes, if your website got attacked by a virus or malware, and somehow if Google detects it, It will definitely decrease your website ranking or you’ll lose all your traffic from Google.

You can also check the Google Safe Browsing Diagnostic page to find hacking issues on your website. To protect your website from attacks like this, always use Antivirus on your server along with some WordPress security plugins.

Wrapping Up

In this guide today, I shared the steps which I personally tried to remove the mikkiload virus from one of my friend’s WordPress blog. With the help of this method, I totally cleaned three sites that belong to him. You can also give it a try and I’m definitely sure it will works for your blog too.

Also, every virus/malware has different types of attacks on websites and I’m not sure if this method works to fix another type of virus attack on your blog – but in this case, you can connect with us on [email protected] and we’ll try our best to remove the virus from your website completely.

If you’ve any queries, you can simply use the comment form below to reach me. You can also send your queries to the email I shared above for a quick response.

TheWPX is a blog where we cover topics related to Blogging, WordPress, SEO, and Affiliate Marketing.
All the information which is published on our website is collected through independent research and tests. The data is being verified through consultation with reliable sources.
Also, We constantly update the content on our website, keeping it fresh and relevant to our readers at all times.

Leave a Comment

Sunny Kumar

Sunny Kumar, Founder of TheWPX

Hola Amigos! I'm Sunny Kumar, Founder of TheWPX. A blog where I share my experience which I have gathered from my last 5 year journey in blogging with all the new bloggers struggling to make their first income.

Copy link
Powered by Social Snap