I’m a¬†victim myself and my site was blocked and listed by Google as ¬†“Malware found in WordPress”. This is caused by some security loopholes of timthumb.php. This file is used for creating thumbnails and is widely used in¬†lot¬†of WordPress sites. Below are the few steps which I have done to resolve the issue myself. Hopefully can be of some help to the rest who are having the same issue. Good Luck!

1. First of all, I updated my WordPress theme. Luckily, my theme is a paid version and the author actually provide an update of the same theme without using timthumb.php. I have also removed all files from the cache folder under wp-content.

2. Go to this website:¬†http://sitecheck.sucuri.net/scanner. It provide a free site check service for malware. You can simply enter your URL and and scan your site. By default, it will prompt you some messages such as “Malware caused by javascript…” as you have yet to clear the malware.

3. Locate the file “index.php” under your main blog directory. Open it with any HTML or text editor and locate a line of javascript as follow: ”

“. Remove the whole line of script and update the file back to your blog.

4. Try to re-scan your URL again. All the malware messages should be resolved and your site should not be blocked and listed by Google for any malware.

%d bloggers like this: