I found some other options to clean malware out of a WordPress infected site. I still prefer the way I originally did it because I can see and verify the results before committing and undo it immediately if it didn’t go the way I anticipated. These other methods require restoring the database or files if you mess it up.
Stack Exchange had the most complete information on removing this from both the database and from the content of your files.
Remove Malware From A Database
To be run from phpMyAdmin under the ‘SQL’ tab
(Edit them to fit your needs.)
This one tests the content first.
Hat Tip: https://www.safalshrestha.com.np/wordpress-hacked/
Removing Malware From Files
Using grep at the command line to remove WordPress malware
Check for the existence of the malware
(Edit the name variations to fit your situation)
grep -rlF "lowerbeforwarden"
Clean files via command line grep tool. Test for the existence of the string “lowerbeforwarden” and removes it if it exists.
Replace WordPress Core Files
The best way to replace WordPress Core files is with the Admin Dashboard. Go to ‘Dashboard’, select ‘Update’, and click on “Re-install Now”.
When you aren’t in a position to login directly to the WordPress admin dashboard the procedure described here works.
Overwrite the WordPress core files excluding the wp-content folder.
Follow these basic steps:
- Download latest WordPress version from here – WordPress Releases
- FTP or SFTP upload your WordPress zip file to the root folder of your website
- Unzip it (use your FTP client or command line via SSH) and delete the wp-content folder from within the folder named wordpress. Command line example: unzip file_name.zip
- Select and move all the remaining folders and files to the root folder. If asked to overwrite then it’ll be a yes or OK.
- And there you have it. Your WordPress core files are clear of any viruses or malware.
Delete Your Cache Files
Using a plugin is the preferred method, but you can also delete the cache files within the cache folder at wp-content/cache. (at your own risk)