Hello
@Dauphinbleu
I would recommend that you contact your hosting provider and ask for their help because to remove malware from a site you need admin rights. Also, you should look at your site source code to find out what was exploited and what malicious files are used in this attack.
Did you scan your site to see if there's actual malware on the site or if that warning message is because of the content of the site? Do you see that message on all the pages of your site, or only on specific ones.
Also, it would be a good idea to check the Google Search Console > Security Issues section as there you may find additional details. More details here:
Social engineering (phishing and deceptive sites) | Documentation | Google Developers
Scanners:
VirusTotal
www.virustotal.com
SiteCheck is a website security scanner that checks any link or URL for malware, viruses, blacklist status, or malicious code. Check your website safety for free with Sucuri.
sitecheck.sucuri.net
Free website reputation checker tool lets you scan a website with multiple website reputation/blocklist services to check if the website is safe and legit or malicious. Check the online reputation of a website to better detect potentially malicious and scam websites.
www.urlvoid.com
Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses
opentip.kaspersky.com
Hello
@Jack and
@SecureKongo,
Thanks for the reply. I first knew about it because when I opened my website, it got redirected to a suspicious link, and I couldn't access my website. I also couldn't access the WordPress dashboard. I have contacted my hosting provider and asked them to do a full account scan. Two viruses were found, and I followed the guidance to remove the virus. They also helped restore my account using backup before the occurrence, but the problem persisted.
My hosting provider also suggested replacing the default WordPress files which I had also done. I also removed some files and folders with suspicious names. When I opened my website again, I could access the homepage. I could also access the WordPress dashboard. But whenever I clicked on any post, it got redirected again.
I also scanned my website using Quttera Online Website Malware Scanner. There were many files detected as infected by a trojan. I have removed the script that was pointed out as malicious. This is the script that I removed from many js files :
Another full account scan has been done by my hosting account provider, and the result shows that the viruses have been successfully removed. But the posts on my website are still inaccessible.
I tried to check the database and found this script on some rows:
I have deleted all of those scripts I could find. But now, every time I try to click on any post on my websites, I still get this notification
Before asking for the full account scan, I checked on the google search console, and the result was clean. I checked on Sucuri before, and there was malware found on the website. But the last scan showed no malware found, though the site is still blacklisted.
This is the current result from virustotal scanner :
and this one from urlvoid
Here's the last external monitoring scan report from Quttera
I tried to find the redirected link in the database and Cpanel files, but I couldn't find anything. I would very much appreciate it if someone could help me fix this issue.