Received message from GoDaddy: Your site has been flagged for malware.
I have received an e-mail from GoDaddy saying my hosting account (WordPress site) has been flagged for malware. It then lists some files, such as: php.backdoor.file_get_contents.005 - html/blog/hnwuc.php
I also have a security issues warning in Google's Search Console, which says my site is hacked with URL injection, and displays some URLs.
GoDaddy called me a while back, basically warning me that unless I add a security option this kind of thing could happen.
I do not wish to purchase GoDaddy's security at the moment, and my question to GoDaddy is, can I manually remove these malware files (or any other spam) from my site? If I can't do it through GoDaddy, then can I clean my site using Google or WordPress on my own?
Yes, you absolutely can find and remove the file in question by logging in via FTP, locating it, and deleting it.
However, that being said, if you don't correct the issue that caused it in the first place, you will get another infection.
The best thing you can do is use a professional service to clean it up if you value your site. Give this article a read for more insight.
I am a GoDaddy End User - Just Like You * Please note that I DO NOT answer private messages. Please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. If you contact me via PM for help, I will give you a price quote for my personal services. Thanks! *
Once your issue is resolved, please be sure to come back and click accept for the solution