How to Remove Malware

Last updated: July 22 2021

If your site is currently affected by redirect malware, you may consider checking theme files, particularly functions.php and template-config.php.
functions.php may have some “good” code left, so make sure you’ll delete malicious lines only. template-config.php is completely malicious.

This type of malware gets triggered when users click on a page, so it’s not automated, opening a new tab which will be redirected to malicious sites.
The original tab remains intact, so chances are high that users will not report it.

You may have a look at our latest cleanup tutorial, if you’re researching on how to clean coolgiftforyou malware:

How to Clean malware

Malicious URLs:

Malicious domains ( first batch ):,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Malicious domains ( second batch ):,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Malicious IPs: ( Fast Content Delivery LTD ), ( WebLine LTD ),
Malicious ASNs: AS35029, AS209813.