My website is meditationmag.com. It runs on a self-hosted Wordpress installation, on GoDaddy hosting.
Today I noticed that when I click on various things from my mobile device (like my email optin form to download my "free PDF," or even just clicking on some articles / menu options), it redirects to [login to view URL] (a malware ads site). I googled it and found that apparently plugins and theme files sometimes come with bits of code injected to redirect users to this site.
I believe that the malicious code will either be found in the theme files, or in one of two specific plugins.
I found this solution on quora, but I don't have time to execute it right now. Please let me know how much you'd charge to fix my site:
------- (found this solution on Quora) -------
Most likely this ad is hardcoded into one of the php files. You would need to find it and remove the piece of code that displays this ad.
If you do not have your site locally, download it to your computer.
You would need a GREP (I would recommend windows grep application if you are using windows or if you’re a Mac user there’s a paid app called visual grep. You can also get a free command line grep tool) tool to search across multiple files (I would search within the theme files first and if you do not find this piece of text there, then try plugins as well.)
Remove the piece of code that is displaying the ad.
Sometimes ads are not hardcoded. For example they can be saved in the database so you would need to find a piece of code that is retrieving and displaying the ad from the database. In some other cases ads are retrieved from other servers.
*** I'm seeing a bunch of proposals that range into many hundreds of dollars. I am a web developer myself and I know that for someone who has done this before (fixed an onclkds wordpress malware injection), it will probably take less than an hour to fix. Please don't insult my intelligence with these offers. I could do this myself but I'd rather have someone save me the time if it will be a reasonable price.