So around January 11th, 2018 I visted my website and was presented with:
I then spent the next day Googling all sorts of things. Besides how to fix it, also why or how it happened.
I found out I’d have to register my site with Google and request a review once I resolved the problem. Through various links and searches, I found that a script was the culprit.
Logging in via FTP and looking around my shared hosting directories I found that this wasn’t just limited to my site, although this was the first site that I received this MALWARE error. PHP files had been updated to load this script with the visitor unaware it was even happening.
The other sites hadn’t been kept up to date and have since become abandoned by their owners for one reason or another. Some were just banner pages that simply pointed their visitors to Facebook or somewhere else. Others had fully blown installations with hopes of a bright future employing all sort of bells and whistles that third-party plugins provide, although left untouched with no updates applied.
So the sites that were beyond an easy quick fix, I simply deleted them. I put HTML Pages in their place. I decided I would only leave those installations that were being maintained on the server. Why have a full-blown CMS run a simple one-page site? The files that had been altered could have been anywhere and my goal was to repair mine and prevent it from just happening again.
So, the sites I myself maintain and monitor have been fixed, updated and protected. If yours was one of those that I replaced with simple HTML, now you know why.