Script deep in my site - virus

Hi – there is a script on my landing page that is a virus and I need to remove it:

<script src=””></script> but I cannot find a way to access my website other than via wp-admin and that doesn’t go ‘deep’ enough.

How can I download my page, to remove the script, and then upload it again? This is rather urgent because anyone with a decent anti-virus cannot access my site – including myself.

This is the error I get when I try to get onto the website
This web page contains potentially dangerous content.

Threat: HTML/ScrInject.B.Gen virus

Access to it has been blocked. Your computer is safe.

Hello there,

Thank you for asking.

I’m not sure that this line <script src=””></script> is produced by our theme.

I’m afraid that it would be hard downloading your site’s files via WP-Admin panel. I’d suggest you to access them either via FTP or cPanel. Navigate to wp-content/themes and wp-content/plugins, then download all of the files reside there. Open those files in your preferred code editor, then find the string “<script src=””></script>” within multiple files. If you are using Notepad++, you should do this.

I hope this reply helps.

Warmest regards,

I don’t understand how the script got there in the first instance but it will be quicker if we just delete and use a different theme.

Hello there,

I’m afraid other plugins might do this. Or your site might be hacked? I’d suggest you to use iThemes Security plugin to protect your site.

Warmest regards,