Possible malware - need help

**worke** · 4 March 2020, 5:24 am

Hello,

something really strange happened to my site. Any assistance will highly appreciated.

I`m talking about the site roulettetrip . com

When I visit the site on the top left corner it shows me a message If I want to allow/disallow notifications. After that when I click somewhere on the site it redirects me to some sh** pages. It is only on my site, so the problem is not because of my browsers.

Any idea how to identify the source of this problem? I have not installed any additional plugins last 3-4 months, and Have no idea where this come from

**PromoteCasino** · 4 March 2020, 5:44 am

Have a look on this site https://sitecheck.sucuri.net it showed up as malware it may help in identifying the cause.

But it is not nice. Best of luck

**PromoteCasino** · 4 March 2020, 5:54 am

Just seen this plugin it may be able to help search for Anti-Malware Security and Brute-Force Firewall.

**Nenad** · 4 March 2020, 9:44 am

Hi,

I have tried it, and it did redirect me to some strange page in a new window. When I closed that page, after that the website worked correctly. I mean every single link I've clicked took me to the right page.
Hope this helps somehow to resolve this issue!
All the best!

**drifter8** · 4 March 2020, 11:11 am

I recommned you to install those WP plugins : " Wordfence" and " Sucuri Seciruty".

Also take a look on the link - https://gtmetrix.com/reports/roulettetrip.com/4EOD4A2D

In YSlow score you gonna see somt things.

My 2 cents,hope being helpful.

**ddm** · 4 March 2020, 2:53 pm

sanitize your database, lots of these things like to hide inside meta in images, attachments etc. removing malware which is embedded in your DB can be mega tedious / require some code to scale if you have a big site.

any code snippets u can post (pastebin) so we can work out which nasty you are infected with?

**ddm** · 4 March 2020, 2:54 pm

Originally Posted by Nenad

Hi,

I have tried it, and it did redirect me to some strange page in a new window. When I closed that page, after that the website worked correctly. I mean every single link I've clicked took me to the right page.
Hope this helps somehow to resolve this issue!
All the best!

this sounds like a hack that steals only the 1st click. clear your cookies, click the site from SERPs again, and you will no doubt be redirected to evilsite dot com

**universal4** · 4 March 2020, 11:32 pm

You should never need TWO plugins for security, find one the covers the needs you are looking for.

If you are using a lot of plugins now, consider disabling them all, trying to recreate the instance of the redirect.

If it stops happening with the plugins disabled, then re-enable them one by one and try and recreate the redirect, to pin down which plugin is causing it, if in fact it is a plugin.

As others have suggested, securi may help you figure it out, but I would consider the plugin check first, since you should be able to determine fairly fast if it is a plugin causing it.

ddm made a great point that what is happening might be restricted to first click.

Rick
Universal4

**Nenad** · 5 March 2020, 10:32 am

ddm, many thanks for the explanation.

Thread: Possible malware - need help

LinkBack

Thread Tools

Search Thread

Display

Possible malware - need help

The Following 3 Users Say Thank You to ddm For This Useful Post:

The Following 4 Users Say Thank You to universal4 For This Useful Post:

Posting Permissions