How to Remove Mikkiload Virus from WordPress

Not sure how to remove the mikkiload virus/malware from your WordPress blog? I know these types of virus attacks on websites make us panic – but there is nothing to panic about. Removing viruses like mikkiload is easy from our WordPress blog and it just takes a few hours to completely remove them and make our website virus-free again.

So if your website gets attacked by the mikkiload virus, then here in this guide, we’re sharing some easy steps through which you can completely remove the virus from your website.


This guide is specifically curated to remove the mikkiload virus from WordPress blogs. If your website has been attacked by a different type of virus, please reach out to us at [email protected], and we will assist you in completely removing the virus from your blog.

Before getting started, you need to make sure you’ve access to your MySQL database and the access to WP-Admin console. Also, please make sure you’re aware of how MySQL databases work and how to work with WordPress and raw SQL databases.


If you’re not sure how the MySQL database works or lack technical knowledge, I highly suggest hiring a technical expert for assistance. You can also hire us to resolve the MikkiLoad virus issue on your WordPress blog.

But before continuing further, let’s know how the mikkiload virus spreads to your WordPress blog…

What is Mikkiload Virus and How it Spread?

Mikkiload is a kind of trojan virus that can mess up both your computer system and your WordPress websites. It mainly takes over the MySQL database and sticks itself to your WordPress posts, widgets, and plugins.

This virus usually spreads when you use some harmful plugins on your website. Most times, when people ask me to fix this problem on their blogs, I discover that they’re using some old plugins that aren’t coded well or some pirated plugins or themes.

But it’s not just the cracked plugins or themes that are the problem. In the last three websites I looked at, I found out that even the free version of the Swift Performance plugin had some mikkiload files hidden in its code (probably because of some weaknesses that we don’t know about yet).

Can I Use WordPress Security Plugins to Remove this Virus?

When my friend told me about this virus problem, I tried to get rid of it using Wordfence and Sucuri plugins, but the free versions didn’t help me much. Wordfence showed some issues with the plugin files but it couldn’t completely solve the problem. So, we have to clean the virus from the blog by ourselves.

And I am not sure if Wordfence has updated their system to handle this kind of virus, but you can still try it. If that doesn’t work, you can use the steps I am going to share with you to remove the virus from your blog.

Step-by-Step Guide to Remove Mikkiload Virus from WordPress

So the wait is over!

Here I’m sharing the step-by-step guide to remove Mikkiload Virus from the WordPress blog. You can use the steps which I shared below to completely remove the virus/malware.

However, removing this virus from your WordPress can be tricky, especially when you’re working directly with the MySQL database. So please follow the steps carefully.

Remove Mikkiload Virus/Malware from Widgets

As I told you earlier, this virus attaches itself to WordPress posts, widgets, and plugins. So, we first remove the virus from the widgets area—it hardly takes a minute or two to remove this virus from your widgets.

First, you need to go to WP Admin > Widgets and then open each widget to find any “Custom HTML” or “Text” widgets (Mikkiload mostly targets widgets that actually take some text input).

remove mikkiload from wordpress widgets
Remove Mikkiload from WordPress Widgets

Once you find any “Custom HTML” or “Text” widget, the next thing you have to do is open the sidebar widget and scroll to the end of the widget content (as shown in the image below).

mikkiload virus in wordpress widgets
Mikkiload Virus in WordPress Widgets

In the image above, you can see “script src=” at the end of the widget’s content. You’ll need to remove those HTML codes from your widgets one by one.

But before removing and making any changes to your website, I highly recommend you to first take a backup of your WordPress blog using the Updraft Plus or the All-in-One WP Migration Plugin.

The code has been successfully removed from the widgets area of your WordPress website. Now, we need to remove the code from WordPress posts using the MySQL database in your cPanel account.

Remove Mikkiload Virus/Malware from WordPress Posts

This method can be tricky, so I highly recommend hiring some experts to remove viruses from your WordPress posts. However, if you have technical skills or knowledge and know how to do it, you can use the steps I’m sharing below to remove viruses from your WordPress posts.

You can also try removing the virus using plugins such as “Search and Replace.” However, when I attempted to use RegEx code to remove the virus from my WordPress database, it didn’t work for me, so I was left with the option to manually remove the virus.

phpmyadmin login
phpMyAdmin Login

To remove this virus from your posts, you need to open your control panel and then click on the “phpMyAdmin” option showing in the cPanel.

find the table named "tmp0376b4_posts" in sql
Find the table named “tmp0376b4_posts” in SQL

Once you’re inside the database of your blog, click on the database you’re working with, and then click on the “tmp0376b4_posts” table (as shown in the image above).

This table stores all the posts and pages that are published or saved as drafts on your WordPress blog. Once you’re inside the tmp0376b4_posts table, run the query I shared below to find the posts or pages affected by the mikkiload virus.


SELECT post_title, post_content FROM tmp0376b4_posts WHERE post_content LIKE '%mikkiload%'

This command will display a list of post titles and contents affected by the mikkiload virus. You simply have to open the post_content of each post one by one and slowly scroll to the end of the content.

Mikkiload Virus in Post Content

At the end of the post_content, you will again find the HTML script starting with the “script src=” attribute. You simply have to remove the “script” attribute and its contents from every affected post in the database.

This will successfully remove the mikkiload virus from your posts. Now, the only thing left is to remove the virus from plugins and theme files.

Remove Mikkiload Virus/Malware from Plugins and Themes

The last thing which you need to do is, take a complete backup of the WordPress files (i.e., wp-admin, wp-content, wp-includes folder, and all the files inside the public_html folder) and download them as a zip file in your system.

Pro Tips: If you’re using a server with SSH access, you don’t need to download the files and folders to your system. In this case, simply log in as the root user using the terminal.

Once your file is downloaded, unzip it and then run the command I’m sharing below to find the specific content in files and folders. You can also run this command directly in the terminal of your server.

grep -r "mikkiload" /home/username/public_html/ // (replace "username" with your cPanel username)

This command will recursively check the files and folders inside the “public_html” folder where your website data is stored and display the filenames where the virus has attached itself.

You simply have to remove the plugins or themes that are affected by the mikkiload virus – this may also change the look or overall functionality of your website.

Frequently Asked Questions (FAQs)

How to Be Sure, If the Theme or Plugin I’m Using is Not Malicious?

You can use websites like to check plugins and themes for viruses and malware. It scans your files with hundreds of antiviruses and shares the results with you.

Additionally, you can use software like Imunify on your cPanel/WHM to protect your website from these kinds of attacks. I strongly advise against using nulled or malicious plugins/themes on your website.

Can Virus or Malware Attacks Degrade My Website Ranking?

Yes, if your website is attacked by a virus or malware, and Google detects it, your website ranking will definitely decrease, or you’ll lose all your traffic from Google.

You can also check the Google Safe Browsing Diagnostic page for hacking issues on your website. To protect your website from attacks like this, always use antivirus software on your server along with some WordPress security plugins.

Wrapping Up

In today’s guide, I shared the steps that I personally tried to remove the mikkiload virus from a friend’s WordPress blog. With this method, I successfully cleaned three sites that belonged to him. You can also give it a try, and I’m confident it will work for your blog as well.

However, every virus/malware has different types of attacks on websites, and I cannot guarantee that this method will work for another type of virus attack on your blog. But in that case, you can connect with us at [email protected], and we’ll do our best to completely remove the virus from your website.

If you have any queries, feel free to use the comment form below to reach me. You can also send your questions to the email I shared above for a quicker response.

Sunny Kumar

Number of posts: 145

Hi, I'm Sunny Kumar, a passionate tech enthusiast and a blogger from New Delhi, India. With a degree in IT from IIT-D and expertise in SEO, Cloud Computing, Telecom & Networking, and CEH, I specialize in various technical fields, including SEO, WordPress Development, and PC Building. And being a proficient WordPress user, I’m dedicated to delivering quality content and a remarkable user experience.

Leave a Comment