October 20, 2021 by Paul G. | Blog, Malware, Security, WordPress Solutions

Easily Remove the Favicon.ico Virus From Your WordPress Website

Shield Image

Recently, many WordPress website owners have been receiving a malicious Favicon.ico virus on their websites which has caused them to be shut down by hackers. The Favicon.ico virus is a malware that inserts itself into your website’s database and begins redirecting visitors away from your site without permission! In this blog post, we will show you how to remove the Favicon.ico Virus from your WordPress Website in less than 5 minutes!

What is Favicon.ico Malware??

Favicon.ico is a malicious virus that installs itself and changes your website’s favicon (the little image next to the site title) as well as inserts code into header, footer, or index files of all installed WordPress themes on your website.

Once Favicon.ico malware has been injected onto your web pages it will automatically inject unwanted advertisements from outside sources such as ad networks like Google Adsense, Chitika etc. which can cause serious damage to traffic revenue!

It may also redirect visitors away from your blog by sending them off to adult websites via affiliate links in an effort for hackers to profit even more at the expense of you having lost money through payments made for these fraudulent purchases.

How Did I Get A Favicon.ico Virus?

WordPress websites are not safe from this malware as it is capable of affecting all themes and plugins. The Favicon.ico virus can infect your site through one or multiple vulnerabilities in WordPress which allows hackers access to the backend of your website. Some examples may be weak passwords, outdated WordPress websites that have existing security issues with previous hacks, installing a malicious plugin, etc.

Once hacked into you will notice changes on your blog’s front end where visitors see broken links or iframe redirections popping up left right and center! You might even start seeing irregularities appearing in Google Webmaster Tools such as warnings about hacking attempts because Favicon.ico Malware causes red flags within search engine algorithms due to its spam-like behavior patterns!

How To Remove Favicon.ico Malware?

By far the easiest way to remove the Favicon.ico virus is by using a removal tool like Shield Security which can automatically detect and clean it within minutes! If you are not in need of professional website security services then follow these steps below on how to easily remove this dangerous malware manually:

Step 1  

Make sure you delete everything related to this infection because even if things seem gone chances are they aren’t really removed which means reoccurrence might happen anytime soon!

Suspicious files that contain text such as “Favicon” or “.ico”.

Some examples include:

icon.png, favicon.gif, etc.

These infected theme/plugin files may be located anywhere within your WordPress installation directory where installed themes & plugins reside e.g.:

wp-content/themes/yourtheme folder

wp-includes/plugins folder

etc.

Step 2

If you have successfully deleted all malicious files then move on to Step #4  to scan your database for potential infections. Otherwise, proceed with the rest of these steps below!

Step 3

Check if there are any suspicious queries or functions being added into WordPress core file “wp-includes/theme.php”. The malware may modify this file so be sure to compare it against a clean version found in WordPress official website at:

wordpress.org

You should see minimal differences but anything that’s out of place is most likely not present within the original theme which means something has been updated and changed by hackers that shouldn’t be there! Any extra code inserted into this file means you have a serious infection on your hands and the only way to remove it is by taking care of it manually.

Step 4

Search your entire database for suspicious code or any other signs that may cause red flags within search engine algorithms due to its spam-like behavior patterns!

You should find some results but the majority will be located in the wp_posts table where infected posts contain hidden links pointing to adult websites, malware downloads etc… Delete all these results and you are well on your way to eliminating Favicon.ico completely off your site!

This manual work is necessary if you can not access your website’s wp-admin backend, but if you can our Shield Security plugin’s scan tool can find and remove these types of infections for you. When you upgrade to ShieldPro you can set it to automatically scan and remove infected files such as the Favicon.ico malware automatically so you don’t have to worry about your site going down due to this issue!

Let us know in the comments if you’ve encountered this before and what you did to fix it!

ShieldPRO Testimonials
@wongpk's Gravatar @wongpk

Nicely layout plugin

Very easy to use security plugins. Unlike any other plugins with bunch of security term and complicated layout. Struggle with some features (might not be for me), overall good experience with the plugin.

@alex2228's Gravatar @alex2228

Супер прога, особенно про IP очень понравилось

Супер, но не хватает полного перевода)

@donquicky's Gravatar @donquicky

Great plugin

Although this plugin is free it has great functionality. Just great!

@nanibee's Gravatar @nanibee

Lovin’ it!

So far so good. Can’t complain. I hope I never have to. Thank you, all you brilliant people at Shield.

Hey there gorgeous! Do you like what you've read here? :)

If this cool feature is something you'd like, but you haven't gone PRO yet, click here to get started today. (no risk, with a 14-day satisfaction guarantee!)

You'll get all PRO features, including Malware Scanning, WP Config Protection, Plugin FileGuard, import/export, customer support, and so much more. Not only that, you'll get that warm, fuzzy feeling that comes from supporting our work and future development.

Get That Warm, Fuzzy Feeling →

Comments (1)

    Yes, I have this! Among other things… This and other stuff keeps popping up. I think the problem is that I have other domains under the same cPanel account. A couple of those are *not* WP sites, just PHP, and I knew of no way to secure them. Any suggestions?

    Fortunately Shield does in fact delete and repair problems automatically, when it can. But that I keep finding new issues means I need to get to the root of the problem. Really, really hard.

Leave a Comment

Your email address will not be published.

Click to access the login or register cheese