Malicious or unwanted software: To help ensure the safety and security of our users, we’ve disapproved your ad because it contains malicious software (malware) or because your landing page is known to host or distribute malware in violation of our policies. We strongly encourage you to investigate this issue immediately in order to protect yourself as well as your customers. To run your ad, follow these instructions to check your computer for malware, remove all malicious code from your ad and site, and submit your site and ads for review: https://support.google.com/adspolicy/answer/6020954#311″
Google certainly won’t tell you the exact issue or malicious external links, files path they found in the that message. You have to contact with Google to get the details.
Wait for Google ads support to write you back! They will provide you some external links or files path may be…But don’t be so happy! You won’t be able to find out those links or files in your website so easily by scanning file system or database. Most of plugins, custom script are not able to identify those links.
That’s don’t mean that those links are not identifiable! Only security experts who working for wordpress security can identify the root of issue.
Just try yourself to find out and if you can’t, tell us! We will do it for you 🙂 (But that cost! sorry about that 🙁 )
Take a look below, we gathered some sample for you that may help you to figure it out! List of known malicious script and the injected / infected areas here. That may help you to recognize a malicious script and most common area of injection/ infection.
|Script||Injected in||Infected files/Backdoor||Date of Detection|
|script src=”https:// db.allyouwant.online/main.js”>||End of every post||Every .js files on there server is infected||08.09.18|
|script src=”//go.oclasrv.com/apu.php?zoneid=1694479||wp-temp.php file||wp-temp.php file||01.11.18|
|script src=”//fortpush.com/ntfc.php?p=1694481||wp-temp.php file||wp-temp.php file||01.11.18|