{"id":955,"date":"2022-05-06T14:56:51","date_gmt":"2022-05-06T14:56:51","guid":{"rendered":"https:\/\/blog.hostinger.io\/support\/2022\/05\/06\/6197555-how-to-use-the-malware-scanner-at-hostinger\/"},"modified":"2026-03-16T12:12:08","modified_gmt":"2026-03-16T12:12:08","slug":"6197555-how-to-use-the-malware-scanner-at-hostinger","status":"publish","type":"post","link":"https:\/\/www.hostinger.com\/support\/6197555-how-to-use-the-malware-scanner-at-hostinger\/","title":{"rendered":"How to Use the Malware Scanner at Hostinger"},"content":{"rendered":"<h2 id=\"h_d8f3daae27\">What is malware?<\/h2><p class=\"no-margin\">Malware, short for malicious software, is a type of software designed to harm applications, computers, or networks. It often alters system files or creates new ones, which can result in the following issues on your website:<\/p><ul>\n<li>\n<p class=\"no-margin\">Slowing down or making your website unresponsive due to excessive use of server resources.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Redirecting your website (or specific pages) to other, often illegal, sites.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Causing various website errors.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Stealing sensitive information from your site, such as passwords or user data.<\/p>\n<\/li>\n<\/ul><p class=\"no-margin\">Malware is typically used for illegal purposes. To learn more, check out this video:<\/p><div class=\"intercom-h2b-video\">\n<p><iframe loading=\"lazy\" title=\"What is malware? Types and prevention (Simple guide)\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/70TRH13Jng0?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<\/div><p class=\"no-margin\">To provide more security insights for your website, our web and cloud hosting plans include a Malware Scanner&mdash;an automated tool integrated into the control panel that scans your site for harmful or compromised files.<\/p><h2 id=\"h_0ddab77c3d\">How to analyze a website for malware<\/h2><p class=\"no-margin\">The Malware Scanner runs automatically, keeping you informed about your website&rsquo;s security status and allowing you to take action if needed. To get started, navigate to <b><a class=\"intercom-content-link\" href=\"https:\/\/hpanel.hostinger.com\/websites\" target=\"_blank\" rel=\"noopener\">Websites<\/a> &rarr; Dashboard<\/b>, find <b>Malware Scanner<\/b> in the left sidebar, and click on it.<\/p><ul>\n<li>\n<p class=\"no-margin\">If no malware is detected, this section will display the time since the last scan:<\/p>\n<\/li>\n<\/ul><div class=\"intercom-container intercom-align-center\"><img decoding=\"async\" src=\"\/support\/wp-content\/uploads\/sites\/55\/2022\/05\/6a104875-f43e-4d3e-81ba-01f0e429c8d2.jpg\" alt=\"The Malware Scanner showing that no malware is found\" width=\"550\"><\/div><ul>\n<li>\n<p class=\"no-margin\">If the Malware Scanner detects suspicious files, it will show the number of cases found and a summary of the following information:<\/p>\n<div class=\"intercom-container\"><img decoding=\"async\" src=\"\/support\/wp-content\/uploads\/sites\/55\/2022\/05\/87bee44f-e124-463c-8413-2ce32a0b7117.jpg\"><\/div>\n<\/li>\n<\/ul><ol>\n<li>\n<p class=\"no-margin\"><b>Discovered malware<\/b> &ndash; The total number of harmful or compromised files found during the last scan.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><b>Actions taken <\/b>&ndash; If an <a class=\"intercom-content-link\" href=\"#h_b97f7b3837\" target=\"_blank\" rel=\"noopener\">assisted cleanup<\/a> was performed, this section shows how many files were either removed or cleaned.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><b>Malware timeline <\/b>&ndash; A record of all malware detections from the past 30 days.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><b>Show details <\/b>&ndash; This expands a section displaying a list of compromised and malicious files and their locations.<\/p>\n<\/li>\n<\/ol><h2 id=\"h_79e595a71a\">What to do if malware is detected<\/h2><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">If your website is infected, follow these steps to clean and secure your site:<\/p><h3 class=\"text-text-100 mt-3 -mb-1 text-[1.125rem] font-bold\">Step 1 &mdash; Update vulnerabilities (WordPress sites)<\/h3><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">If your website is built on WordPress, update all located vulnerabilities immediately. This includes:<\/p><ul class=\"[li_&amp;]:mb-0 [li_&amp;]:mt-1.5 [li_&amp;]:gap-1.5 [&amp;:not(:last-child)_ul]:pb-1 [&amp;:not(:last-child)_ol]:pb-1 list-disc flex flex-col gap-2 pl-8 mb-3\">\n<li class=\"whitespace-normal break-words pl-2\">Updating WordPress core to the latest version<\/li>\n<li class=\"whitespace-normal break-words pl-2\">Updating all plugins to their latest versions<\/li>\n<li class=\"whitespace-normal break-words pl-2\">Updating your theme to the latest version<\/li>\n<\/ul><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">Outdated software is a common entry point for malware, so keeping everything up to date is crucial for security.<\/p><h3 class=\"text-text-100 mt-3 -mb-1 text-[1.125rem] font-bold\">Step 2 &mdash; Change all passwords<\/h3><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">Change the following passwords immediately to prevent unauthorized access:<\/p><ul class=\"[li_&amp;]:mb-0 [li_&amp;]:mt-1.5 [li_&amp;]:gap-1.5 [&amp;:not(:last-child)_ul]:pb-1 [&amp;:not(:last-child)_ol]:pb-1 list-disc flex flex-col gap-2 pl-8 mb-3\">\n<li class=\"whitespace-normal break-words pl-2\"><strong>SSH\/FTP passwords<\/strong> &ndash; Update your file transfer protocol credentials<\/li>\n<li class=\"whitespace-normal break-words pl-2\"><strong>Admin login passwords<\/strong> &ndash; Change your WordPress admin password (or CMS admin password)<\/li>\n<li class=\"whitespace-normal break-words pl-2\"><strong>Database passwords<\/strong> &ndash; Consider updating your database credentials as well<\/li>\n<\/ul><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">Use strong, unique passwords for each account to maximize security.<\/p><h3 class=\"text-text-100 mt-3 -mb-1 text-[1.125rem] font-bold\">Step 3 &mdash; Clean up the malware<\/h3><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">You have several options for removing the malware:<\/p><h4 class=\"text-text-100 mt-2 -mb-1 text-base font-bold\">Manual cleanup<\/h4><ul class=\"[li_&amp;]:mb-0 [li_&amp;]:mt-1.5 [li_&amp;]:gap-1.5 [&amp;:not(:last-child)_ul]:pb-1 [&amp;:not(:last-child)_ol]:pb-1 list-disc flex flex-col gap-2 pl-8 mb-3\">\n<li class=\"whitespace-normal break-words pl-2\">For WordPress websites, follow this guide: <a class=\"underline underline underline-offset-2 decoration-1 decoration-current\/40 hover:decoration-current focus:decoration-current\" href=\"\/support\/1583339-how-to-fix-a-wordpress-site-with-malware\">How to fix a WordPress site with malware<\/a>.<\/li>\n<li class=\"whitespace-normal break-words pl-2\">For other website types, check your CMS official documentation or help forums; for further assistance, you can consider a freelance service such as <a class=\"underline underline underline-offset-2 decoration-1 decoration-current\/40 hover:decoration-current focus:decoration-current\" href=\"\/support\/5375833-fiverr-services-at-hostinger\">Fiverr<\/a>.<\/li>\n<\/ul><h4 class=\"text-text-100 mt-2 -mb-1 text-base font-bold\">Restore from backup<\/h4><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\"><a class=\"underline underline underline-offset-2 decoration-1 decoration-current\/40 hover:decoration-current focus:decoration-current\" href=\"\/support\/4283700-how-to-restore-backups-at-hostinger\">Restore your website<\/a> &ndash; choose a backup date previous to the malware infection, then apply security <a class=\"underline underline underline-offset-2 decoration-1 decoration-current\/40 hover:decoration-current focus:decoration-current\" href=\"#h_a9abb8f341\">measures<\/a> to prevent reinfection.<\/p><h4 class=\"text-text-100 mt-2 -mb-1 text-base font-bold\">Site cleanup service (WordPress only)<\/h4><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">If your website is built on WordPress and the domain is <a class=\"underline underline underline-offset-2 decoration-1 decoration-current\/40 hover:decoration-current focus:decoration-current\" href=\"\/support\/1863967-how-to-point-a-domain-to-hostinger\">pointed to Hostinger<\/a>, we can assist with professional cleanup for <strong>$95<\/strong>.<\/p><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">This service includes:<\/p><ul class=\"[li_&amp;]:mb-0 [li_&amp;]:mt-1.5 [li_&amp;]:gap-1.5 [&amp;:not(:last-child)_ul]:pb-1 [&amp;:not(:last-child)_ol]:pb-1 list-disc flex flex-col gap-2 pl-8 mb-3\">\n<li class=\"whitespace-normal break-words pl-2\">Removal of all detected malware files<\/li>\n<li class=\"whitespace-normal break-words pl-2\">MySQL injection cleanup<\/li>\n<li class=\"whitespace-normal break-words pl-2\">Stopping any malicious scripts running on your website<\/li>\n<li class=\"whitespace-normal break-words pl-2\">Comprehensive site security review<\/li>\n<\/ul><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">To request the service, click the <strong>Request site cleanup<\/strong> button in the Malware Scanner section:<\/p><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\"><img decoding=\"async\" src=\"\/support\/wp-content\/uploads\/sites\/55\/2022\/05\/ac878cd5-0342-43ed-8255-a4a5f88f6119.jpg\"><\/p><p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">Review the information about the cleanup process, click <strong>Continue<\/strong>, and proceed with the payment. You&rsquo;ll receive an email notification once the cleanup is complete.<\/p><div class=\"intercom-interblocks-callout\" style=\"background-color: #feedaf80;border-color: #fbc91633\"><strong>NOTE:<\/strong> The site cleanup service costs $95 and is only available for WordPress websites with domains pointed to Hostinger.<\/div><h3 id=\"h_a9abb8f341\">How to protect against malware<\/h3><p class=\"no-margin\">After removing the malware, it&rsquo;s important to take steps to prevent future infections. We recommend the following:<\/p><ul>\n<li>\n<p class=\"no-margin\">Keep your website&rsquo;s theme and plugins updated to the latest versions.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Use the latest PHP version available.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Only use licensed themes, plugins, or extensions, and uninstall any unlicensed ones.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Change the admin user passwords to strong, unique ones.<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Update your antivirus software on your local device and run regular scans.<\/p>\n<\/li>\n<\/ul><div class=\"intercom-interblocks-callout\" style=\"background-color: #e3e7fa80;border-color: #334bfa33\">\n<p class=\"no-margin\">These security practices are recommended at all times, not just after an infection &#128274;<\/p>\n<\/div><p class=\"no-margin\"><b>Additional resources<\/b><\/p><ul>\n<li>\n<p class=\"no-margin\"><a class=\"intercom-content-link\" href=\"\/support\/1583390-what-to-do-if-your-account-or-site-has-been-hacked#h_596b371c84\" target=\"_blank\" rel=\"noopener\">How to protect your account and websites<\/a><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><a class=\"intercom-content-link\" href=\"https:\/\/www.hostinger.com\/tutorials\/website-security-audit\" target=\"_blank\" rel=\"noopener\">How to do a website security audit<\/a><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><a class=\"intercom-content-link\" href=\"https:\/\/www.hostinger.com\/tutorials\/how-to-secure-wordpress\" target=\"_blank\" rel=\"noopener\">How to improve WordPress security<\/a><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><a class=\"intercom-content-link\" href=\"https:\/\/www.hostinger.com\/tutorials\/wordpress-malware-removal\" target=\"_blank\" rel=\"noopener\">How to remove WordPress malware<\/a><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><a class=\"intercom-content-link\" href=\"https:\/\/www.hostinger.com\/tutorials\/wordpress-malware-scanner-plugins\" target=\"_blank\" rel=\"noopener\">WordPress malware scanner plugins and how to use them<\/a><\/p>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Detecting and cleaning up malware on your websites<\/p>\n","protected":false},"author":581,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"include_on_kodee":true,"footnotes":""},"categories":[273],"tags":[],"class_list":["post-955","post","type-post","status-publish","format-standard","hentry","category-website-security"],"hreflangs":[{"locale":"en-US","link":"https:\/\/www.hostinger.com\/support\/6197555-how-to-use-the-malware-scanner-at-hostinger\/","default":1},{"locale":"es-ES","link":"https:\/\/www.hostinger.com\/es\/support\/6197555-como-utilizar-el-escaner-de-malware-en-hostinger\/","default":0},{"locale":"fr-FR","link":"https:\/\/www.hostinger.com\/fr\/support\/6197555-comment-utiliser-le-scanner-de-logiciels-malveillants-chez-hostinger\/","default":0},{"locale":"id-ID","link":"https:\/\/www.hostinger.com\/id\/support\/6197555-cara-menggunakan-pemindai-malware-di-hostinger\/","default":0},{"locale":"pt-PT","link":"https:\/\/www.hostinger.com\/br\/support\/6197555-como-usar-o-scanner-de-malware-da-hostinger\/","default":0}],"include_on_kodee":true,"_links":{"self":[{"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/posts\/955","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/users\/581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/comments?post=955"}],"version-history":[{"count":4,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/posts\/955\/revisions"}],"predecessor-version":[{"id":7026,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/posts\/955\/revisions\/7026"}],"wp:attachment":[{"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/media?parent=955"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/categories?post=955"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/tags?post=955"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}