Malcure Malware Shield — Removal, Repair, Monitor

Description

Is your website acting strangely? Seeing ‘Deceptive Site Ahead’ warnings, Japanese SEO hack, or random redirects? Time to fix and monitor your site with Malcure Malware Shield.

Malcure Malware Shield scans for infections, runs silent scheduled scans, and sends alerts before threats spread — turning one-time cleanup into always-on protection.

Malcure scans files, databases, and user accounts to find malware casual scanners miss — backdoors hidden in images, injections in your database, rogue, hidden admin accounts buried in your tables that don’t show up in the admin area. Then it watches your site with scheduled scans and alerts, so one-time cleanup becomes always-on protection.

Detection runs against 50,000+ signatures with real-time threat intelligence — the same definitions for every user, free or paid. You see every infection with exact file paths and line numbers.

Activate Scan Know Monitor

What Our Users Say

Quotes are verbatim from WordPress.org support reviews, except for bracketed edits (for example, competitor names removed).

Best by far, better than [competitor name removed] and other giants

“You can see it is a bunch of geeks that created this, with skill and visual creativity at that. I spent hours trying to find a plugin like this. So many options and such bad results until now. Great job guys. You deserve it. Simple and effective. (Disclaimer to other potential readers: there are many types of hacks/malware out there, every scenario is different, but start with the Malcure scan and see how it goes. 9/10 you won’t be disappointed, my guess)” — @dalingzaf

The ONLY plugin that scans every file-type…

“I am a web developer and have tried many malware removal plugins, including popular ones [competitor names removed]. However, none of them detected some unusual files that were actually malware causing regular attacks. Some of these files were in JPG format.” — @devzeeshanx

Best Malware Removal Plugin in just few minutes

“Most security plugins that are free only scan the code, but Malcure Malware Removal Plugin scans the wordpress database and the code files in few minutes. Accurately shows which Database table row is infected and it helps resolve the hacking attempt instantly. Saves a lot of time for the developers. Thank You Team Malcure” — @s3630

It’s not just a “teaser”

“This plugin really found the malware, and removed it. Really for free. Thanks guys, I’m going to donate now!” — @halucska

What Malcure Does

Detection

  • File Scan: Core files, themes, plugins, images, uploads — backdoors, shells, obfuscated code, and malware hidden inside image files and archives.
  • Database Scan: Finds malicious injections, recurring malware, and SEO injection links that other non-thorough scanners never see.
  • User Scan: Detects rogue admin accounts and compromised metadata, including application passwords that bypass your login page.
  • DeepScan™: Scans every file-type without skipping within resource-limits and hidden files where malware hides.
  • Checksum Verification: Compares your core, plugin, and theme files against official repository checksums. Tampered files are flagged by severity.
  • SEO Hack Detection: Catches Japanese Keyword Hack, Pharma Hack, and other SEO hacks in page titles and database records.
  • Vulnerability Scanner: Checks installed plugins and themes against a real-time vulnerability database.
  • Checksum Intelligence: Checksum-based verification reduces false alarms compared to heuristic-only scanners.
  • 50,000+ Signatures: Detects known variants — C99, R57, RootShell, and many more — plus unknown threats via behavioral analysis.

Monitoring & Alerts

  • Scheduled Scans: Set a cadence — daily, weekly, or monthly. Runs silently in the background.
  • Weekly Security Pulse Email: A verdict-first security-critical weekly summary — gives you a heads-up — “All Clear”, “Please Review”, or “Needs Immediate Attention” — delivered to your inbox. Covers scan results, failed logins, privileged activity, file edits, and updates.
  • Scheduled Scan Results Email: Email report of scheduled scans — clean or infected. Know immediately when a scheduled scan finishes. Gives you early heads-up if malware found and before it spreads and affects SEO or gets the site blacklisted.
  • Configurable Recipients: Choose who gets notified. Licensee, Registrant and additional CC recipients. Send a test Pulse to verify your mail configuration.
  • Event Log: 100-day forensic record of every security event for root-cause analysis.
  • Session Inspector: See who’s logged in — IP, user-agent, login time, and session expiration.

Hardening & Firewall

  • Block Path Traversal: Stops attackers from accessing sensitive system files.
  • Block PHP Uploads: Prevents malicious scripts from being uploaded.
  • Stop User Enumeration: Blocks bots from fishing for usernames.
  • REST API Protection: Prevents user data leakage via the WP REST API.
  • Attack Counter: See how many attacks the firewall has blocked, right on your dashboard.

Incident Response

  • Session Nuke: Force-logout every user instantly to kick out intruders.
  • Salt Shuffler: One-click rotation of security keys (salts) to invalidate all browser cookies.

Real-Time Threat Intelligence

  • Zero-Day: Threat definitions served in real time via the Malcure Cloud. No days-long delay.
  • Google Search Console: Connect directly to fetch security warnings and blacklist status.
  • Privacy: Scans send file checksums and your site’s domain to Malcure servers. No sensitive user data is transmitted. Use of the API is subject to our Terms of Use and Privacy Policy.
  • Lightweight: Runs only on demand or on schedule. No persistent background processes. No bloat.

Dashboard & Experience

  • Dashboard Widget: At-a-glance malware status, attack count, and quick-scan CTA on the WP dashboard.
  • Admin Skins: Classic and Dark skins to match your workflow.
  • Scan Completion Audio Preferences: Configure sound-notifications for scans.
  • Diagnostics Page: Environment diagnostics for troubleshooting.

Who This Plugin Is For

  • Agencies and developers who need fast triage across multiple sites.
  • WooCommerce, membership, and lead-gen sites where downtime and SEO damage are expensive.
  • Site owners who want clear results — what was flagged, exactly where.

How It Works (Scan Review Clean Monitor)

  1. Scan — Open Malcure Scanner in your Admin Dashboard. Run a scan to check files, database, users, and more.
  2. Review — Every finding comes with an exact location: file path, line number, or database record. Decide what to repair, delete, or keep.
  3. Clean & Recover — Shows every infection so you can clean it yourself. Advanced Edition adds repair tools, file operations, whitelisting, and WP-CLI automation.
  4. Monitor — Set up scheduled scans. Get email alerts the moment a threat is found.

Is It Free?

We believe in 100% transparency.

  • Free Forever: Professional-grade Detection (Knowledge). You see every infected file and database row (exact file path & line number), so you can clean it yourself for free.
  • Free Forever: Real-time Threat Intelligence, Scheduled Scans, Weekly Security Pulse email, and Firewall & Hardening.
  • Pro Upgrade: File Repairs, Deletions, Whitelisting, Advanced Scan Filters, WP-CLI Automation, Auto-Definition Updates, Bulk Client-Servicing Features & Premium Support (Expertise).

You are never forced to pay to find a hack.

Advanced Edition

For when detection is not enough — you need to remediate.

  • 1-Click Repairs: Repair infected files from the official source via Malcure Cloud.
  • Delete Files: Remove infected or irreparable files directly.
  • File & DB Whitelisting: Suppress alarms on specific files and database records.
  • WP-CLI Integration: Full command-line control — async scans, definitions sync, checksum refresh, reporting.
  • Automatic Definition Updates: Hourly cron keeps definitions current without manual intervention.
  • Advanced Scan Filters: Include or exclude directories, custom regex signatures for database and files.
  • File Inspector: Inspect files inline instead of having to go via s/ftp or ssh or file-managers.
  • Copy Scan Results: Copy results to clipboard for client reporting.
  • PHP Config & Diagnostics: View full PHP configuration in diagnostics.
  • Factory Reset: One-click plugin reset.
  • Premium Support: Direct access to our security analysts.

Get Malcure Advanced Edition

Expert Malware Removal Service

In over your head? Our security analysts will clean your site for you — 100% removal guarantee, same-day service, blacklist removal, and 15-day post-cleanup cover.

Book Expert Malware Removal

Troubleshooting

Some files are detected by Malcure Malware Shield as “suspicious”. What gives?

Malcure’s DeepScan checks each file for malware. However some files aren’t pure malware but may contain code that is suspicious and could potentially do nasty things. You should carefully review and analyse them to see if they indeed do anything nasty.

I can’t get Malcure Malware Shield to work. It hangs / doesn’t complete the scan / breaks for some reason.

If you think that the plugin is broken, please report it here.

Malcure Malware Shield (or for that matter other plugins) may break on malware affected / broken websites. Malcure Advanced Edition integrates with WP CLI and allows you to complete the scan from WP CLI even when the site is blocked by the webhost or when you are unable to login to the website.

My site is infected however Malcure Malware Shield doesn’t detect the infection.

Malware keeps evolving. If you come across malware that Malcure Malware Shield is not able to identify, you may please report it here.

The scan gets stuck midway. What should I do?

In case of such an event, please file a support request with us and we’ll be more than happy to troubleshoot the issue.

Please visit this page.

I cleaned my site but it got infected again. What should I do?

Malware cleanup is a waste of time and effort unless you find the root cause behind the malware infection and monitor for recurrence. How was someone able to infect your website? Have you plugged in that security hole?

Please read Why Do Websites Get Hacked.

Google Safe Browsing site status (or some other scanner) still shows my site as infected. What should I do?

First make sure you purge your site cache. Second, Google (and other scanners) cache the results for some time. You’ll need to force or refresh the scan. You can also file a request with us to get your site off any blacklists.

I found a suspicious file, what now?

If Malcure flags it, it’s likely malicious. You can inspect the file content using our built-in inspector. If you’re unsure, consider our Expert Malware Removal Service.

Screenshots

Installation

  1. Upload the wp-malware-removal folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in Admin Dashboard.
  3. Go to the Malcure menu to start your first scan.

FAQ

My site is hacked. What should I do?

Option 1: If you are tech-savvy, you can use this plugin, analyse the results and remove malware yourself.

Option 2: You can file a service request with us. Don’t delay—malware spreads fast! Our service includes malware cleanup and blacklist removal by our security analysts. Please click here to file a support request.

How to remove malware from website?

Please see How to use Malcure Malware Shield Plugin for website Malware Removal and 10-Step Guide to Removing Malware from Your Site. Follow these steps for a permanent fix to secure your site and recover lost traffic.

Why should I use Malcure Malware Shield?

Several reasons:

a) Malcure Malware Shield scans all: database, vulnerabilities, files, even images and archives so deep hidden malware is also easily detected.

b) Checks all core, theme and plugin files for integrity.

c) Scans over 50,000+ known malware including variants like C99, R57, RootShell, dolohan, Crystal Shell, Matamu, Cybershell, W4cking, Sniper, Predator, Jackal, Phantasma, GFS, Dive, Dx, obfuscated code and many more known and unknown variants.

d) Hybrid scan ensures unknown threats are also identified.

In short, Malcure Malware Shield scans broadly and deeply across files, database, and users. It’s fast, simple to use and extremely thorough. With improved security, your site remains trustworthy, boosting SEO rankings, user confidence, and conversions.

What support options are available for Malcure Malware Shield users?

Providing excellent support is extremely important to us. You can report the issue at Malcure forums and our dedicated web-security specialist will ensure that the matter is resolved to your satisfaction.

What makes Malcure Malware Shield different from other security plugins?

Malcure Malware Shield is a local website Shield with comprehensive file and database scanning capabilities. Malcure Malware Shield does its job very well. If you have feedback, please do not hesitate to share with us.

Also Malcure Malware Shield scans every file regardless of whether it’s an image, archive etc. Modern malware hides in unsuspicious, genuine looking files and Malcure Malware Shield makes sure those are not missed. Try Malcure Malware Shield to experience exceptional thoroughness and speed in removing website malware and ongoing security.

Will Malcure Malware Shield impact the performance of my website?

Malcure Malware Shield only runs when you want it to or when it is scheduled to utilizing minimal resources. At all other times it sleeps silently. The firewall triggers extremely quickly and is optimized for performance.

Where can I find the Malcure Terms of Use and Privacy Policy?

These are available on our website: Terms of Use and Privacy Policy

Will this slow down my website?

No. Malcure is engineered to be lightweight. We don’t run heavy background processes that eat up your server CPU like other “bloated” security plugins. Malcure runs only when you trigger a scan or schedule one.

Can I clean my hacked site for free?

Yes. The free version identifies every single infection (file path & line number). You can use this report to manually clean your site. The premium Malcure Advanced Edition adds 1-click repairs and deletion of irreparable files.

How is this different from other plugins?

Malcure is focused on simplicity and performance. We don’t have days of delay on detection signatures—you get updated signatures instantly for free. We also scan your database for hacks and other CMS surfaces that other scanners may miss.

Does it match “False Positives” like other scanners?

Malcure Malware Shield uses intelligent checksum verification against the official core/plugin/theme files. This drastically reduces false alarms. We focus on being precise so you don’t get false alerts and anxiety.

Why do I need to register?

Registration connects your site to the Malcure API enabling real-time threat intelligence. It’s free and ensures you get the best protection.

Does this plugin remove malware automatically?

The free version detects malware with high precision and shows every infection with exact file paths and line numbers — but does not repair or delete files. The Advanced Edition adds 1-click repairs, file deletions, whitelisting, and advanced file operations.

What data is sent to the Malcure API?

To perform scans, the plugin sends file checksums and your site’s domain to Malcure servers. No sensitive user data or file contents are transmitted unless you explicitly use the “Inspect File” feature.

What’s the difference between Free and Advanced?

Free scans files, database, and users against 50,000+ signatures, verifies core/plugins/themes integrity, includes scheduled scans, Weekly Security Pulse email, firewall/hardening, session management, and event logging. Real-time threat intelligence is identical in both tiers.

Advanced Edition adds file repairs, file deletions, file and database whitelisting, advanced scan filters, WP-CLI automation, automatic definition updates, bulk copy for client reporting, and premium support.

How should I interpret results like “infected” vs “suspicious”?

“Infected” generally means that Malcure has high confidence the code matches malicious patterns.

“Suspicious” can indicate risky/obfuscated behavior or something that warrants review (for example, heavily minified code or unusual PHP patterns). If you’re unsure, use Inspect (Advanced) or contact support.

Reviews

April 30, 2026
fantastic. it lasts long, needs 3-4 scan turns, but it cleans malware. But the first scan is longest, every other gets faster. Tried 5 different plugins, this is the only one that hepled me out and identified malware. Sent them unidentified malware I found myself and they updated their definitions within 4 hours! After days of trouble, within 3 days it seems I got rid of malware on 6 sites. great
April 23, 2026
Thanks a lot for your work which we are allowed to use for free. Works very good, don’t know if it really, really finds ALL malware – but who knows?!
February 15, 2026
good database scangood file scangood problems explication: it’s possible to resolve a lot of problem using file editor and MySQL editing
January 3, 2026
Super Anti-Malware is easy to set up and works reliably. Fast scans, clear reports, and effective threat removal without slowing down the site. Highly recommended!
Read all 72 reviews

Contributors & Developers

“Malcure Malware Shield — Removal, Repair, Monitor” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

19.9.6

  • Bugfix: Compatibility with PHP 5.6.
  • Bugfix: User Scan resolves actual capabilities.

19.9.5

  • Bugfix: Fixed scanner not auto-updating definitions before scans.
  • Feature: Email notification preferences.

19.9.4.1

  • Bugfix: Fixed fatal javascript error.

19.9.4

  • Feature: User Account Audit results in scans.
  • Feature: SaaS-Served File Whitelist.
  • Improvement: Enhanced Event Logging.
  • Improvement: First-run UX performance optimisation.
  • Bugfix: Some UI elements were not styled correctly under certain conditions.
  • Bugfix: Cleaned results would not reflect in Stateful scanner.

19.9.3

  • Improvement: Stateful scanner now self-heals its monitor cron if WordPress cron is lost (e.g. after a server reboot).

19.9.2

  • Hardening: Strengthens scan input validation and database-query sanitisation for safer scans.
  • Stability: Improves runtime handling and diagnostics reliability during scans.

19.9.1

  • Bugfix: Smaller files were being ignored during monitoring / scheduled scans.
  • Improvement: Improved wp malcure sync --mcforce feedback and live definitions refresh behavior.
  • Stability: More reliable definitions updates across admin and WP-CLI workflows.
  • UX: Clearer manual definitions update errors in the admin UI.
  • Feature: Added WP-CLI definitions export and import commands for moving definitions between environments.
  • Feature: Added wp malcure refresh-checksums for on-demand official core, plugin, and theme checksum refresh.
  • Feature: Added wp malcure start-async-scan, cancel-async-scan, and status-async-scan, with text and JSON status output.
  • Improvement: CLI commands are properly documented.

19.9

  • Feature: Malware definitions are now checked hourly for faster threat-intelligence updates.
  • Stability: Reduced unnecessary SaaS requests with smarter local freshness checks before contacting the API.
  • Improvement: Admin and WP-CLI now use the same definitions-check flow and record the last successful definitions check for more consistent refresh behavior.
  • Improvement: Diagnostics now flag MySQL settings that can interrupt large definition updates and database scans.

19.8

  • Bugfix: Scheduled scanning wouldn’t ignore whitelisted items.
  • Several UI fixes.

19.7

  • Major Bugfix: In certain conditions unknown files inside core directories were never reported.
  • Bugfix: Fixed styles for Monitoring UI.

19.6

  • Fixed issues not clearing when initializing scan.
  • Fixed low confidence issues being saved.
  • Fixed database issues not being saved.
  • Fixed compatibility testing transients.
  • Minor UI improvements.
  • Updated readme with respect to recent features, functionality and updates.

19.5

  • New: Clearer admin UI labeling.
  • Bugfix: Styles not loading on Scan Scheduler page.
  • Stability: Several other stability fixes.

19.4

  • Major Bugfix: Fatal error during auto-upgrade.
  • Updated readme.

19.3

  • Major Bugfix: The very initial database record was never scanned.
  • Feature: New DB-record inspection + (Advanced Edition) DB-record whitelisting.
  • Improvement: Smart Checksum Refresh — Updates only modified components during upgrades for faster performance.
  • Major: Checksum system overhaul: more robust payload handling, better core vs non-core validation, and automatic checksum refresh after WP/plugin/theme upgrades.

19.2

  • Feature: Major performance optimization for checksums.
  • Feature: Enhanced SaaS API integration with signature verification.
  • Feature: Compatibility check for plugin version.
  • UX: Improved license validation and error messages.
  • UX: Better handling of database vs file infections in UI.

19.1

  • Feature: Introducing enhanced cleanup operations.

19.0

  • Bugfix: Enhanced detection of suspicious empty files in core directories.