🚀 Is building a website too difficult? Let me guide you step by step—Learn about the 「Naibabiji WordPress Website Building Coaching Service」 →
🔍 Click Here to Search This Site
Experience and Tips Sharing

Case Study: Virus Cleanup for Google Ads Rejection Due to „Violation of Infected Website“

📅 January 17, 2024
👤 Lee
⏱️ Reading Time: 1 minute
🔄 Last Updated: January 17, 2024
Image 14
D5444837c371d14eaec5efc62dbb1cc

Recently, Naiba encountered several cases of website infections. The cause was a friend„s website being flagged by Google Ads as ineligible: “Disapproved (for violating Hacked Site and 1 other policy)„. After an online virus scan found nothing, Google provided more detailed virus information.

The infected malicious link was:
1558.necklovehaml.live

Then, upon checking the server, malicious code files were found inserted into the website directory. At the time of writing this article, Naiba has already resolved 3 websites infected with the same virus, so I'm specifically documenting this. If you happen to encounter this situation, you can follow my troubleshooting approach.

Website Infection Symptoms

If your website is unfortunately infected with this type of virus, the desktop version usually shows no abnormalities. Daily activities like posting articles or products on the website won't be affected. However, if your customers access your website via mobile, they will be redirected to an advertisement page.

How to Determine if Your Website is Infected with This Virus

Based on Naiba's experience with this virus, the simplest way to determine if your website has been compromised is: first, your own administrator account password has been changed, preventing you from logging into the Admin Dashboard normally. After you recover your administrator password and log into the Admin Dashboard, check the user list in your website's backend to see if two additional administrator accounts named 'crander' and 'wp_update-ikECGaKR' have appeared.

网站用户多出来的黑客账号

If these two accounts appear (or any unfamiliar administrator accounts appear), then it's 100% certain your website has been hacked or infected with a virus.

Access the server to view your website's index.php file, and you can see the inserted malicious code.

index.php插入的恶意代码

At the same time, check various directories of the website, and you can see virus files that were not originally there.

插入的网站病毒文件

Some unfamiliar folders will also appear, containing virus files as well.

病毒生成的文件夹

How to Clean the Virus Files

Since we have already identified the virus and virus files, cleaning them is relatively simple.

Manually delete the infected virus files and overwrite the existing files with clean WordPress files.

If you cannot handle this virus yourself, Naiba offers a paid cleanup service. If needed, you canContact Me

🚀 Still feeling confused after reading the tutorial? Let me guide you step-by-step instead.

「Naibabiji WordPress Website Building Coaching」 — From selecting a domain and purchasing hosting to installing themes and publishing posts, I「ll guide you through every step, helping you avoid detours and reach your goals directly.

👉 Learn about Website Building Coaching Service
🔒

Comments are closed

The comment function for this article is closed. If you have any questions, please feel free to contact us through other channels.

×
二维码

Scan to Follow