Skip to main content
Help Center
The GoDaddy Community will undergo maintenance starting on Wednesday, July 28th at 3pm PST / 6pm EST. Learn more
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Got an email about malware, but can't locate the files in File Manager

I just received this email from GoDaddy:

Your site has been flagged for malware.

We recently completed a routine security checkup of our servers and platforms. Our scans flagged your hosting accounts as containing possible malware.

Please sign in to your hosting account and review the following content and remove or fix the files listed below:


It then lists 5 files, none of which show up in File Manager. WordFence did flag some malware a couple of weeks ago, so this doesn't surprise me, but how do I find these files in my hosting account to "remove or fix" them?

Helper VI

@amanda1 can you post the filenames?

If you find my replies helpful, give me a like or kudo 🙂
And if I solved your issue, mark it as solution 😄







I know how to navigate to where they would typically be, but they're not there, and I don't know where else to look.

I"m right now dealing with the same issue. "html" turns out to refer to the directory we're able to see when you log in to the file system. It's not the root, but it appears to be to us. I was told to look at html/css.php, and it turned out css.php is in the home directory. 


Hey Godaddy, that this question sat there unanswered over a month until another customer stumbled on it is not cool. Neither is charging extra for basic security. 

This is my problem, too, only I can't find the file (it's a thumbs file, supposedly, and I can't find that folder or any of those files in the webroot under file manager.

Hey @BKezar,


If you're having trouble locating the files indicated within the security notice, I would advise reaching out to our live support so our hosting team can help you locate the specific location of the files within your hosting plan. Since this is a public forum, no one here in the community is going to have direct access to help you locate the missing files.


CG - GoDaddy | Community Moderator
24/7 support available at

I got the emails too; one a while back, and one more recent.  I didn't have a clue about the long list of supposedly infected files, or how to find them; I had built my website a long time ago on a program that no longer works on the newer Windows.  Then they even called me, and I can't afford any of the solutions they offered me; my website is only a photo showcase.  I decided the whole thing was just to sell their security, or upgraded managed websites.

I have built a new website with Website Builder, to replace the Hosted Website they say is infected.  (I thought I was already paying for malware protection with the Hosting.)  Does anyone know if I still need the Hosting on that Domain, to Publish the new Website Builder website?  I read on another post where someone could not get their new website to publish to an already Hosted Domain.

Hey @cksdjs,


Hosting is included with Website Builder plans by default, so a separate hosting plan purchase is not necessary. If the domain is still in use on a regular hosting plan, then this is likely the cause of the error you mentioned someone else encountering cause the domain was not yet removed from the old plan to publish to the hosting space assigned to the Website Builder plan. A domain can't be used by more than one type of hosting plan at a time. 


As for the Malware issues you mentioned before, hosting plans do not come with malware prevention by default. We take measures to secure and protect our own servers and network, but protection of your content is generally your own responsibility. Many site developer's sometimes prefer utilizing third party methods or their own measures to preventing such compromises from occurring, but we also offer our own services. 


I can assure you that when our network and security teams detect a potential issue, they only offer our services as a suggestion if you're not familiar with the technical measures needed to address the situation. We even offer an article here to help instruct in some general methods to identify, remove, and prevent malware issues from occurring. 


CG - GoDaddy | Community Moderator
24/7 support available at

OK, i'm prepared to believe that I'm no expert but I've got post grad qualifications in computer science on top of a pure computer science degree followed by more than 30 years of experience.


My response is. What a croc of C%@p.


This appears to be nothing but a scam by godaddy and consequently I will be moving my domain and web hosting off godaddy as soon as i can organise the transfer.


I got a similar email and originally assumed it was an external scam


Using Google to check I get nothing


I wrote the whole web site by hand (very few files) it is ONLY HTML, CSS and images that i created plus a single call to a godaddy supplied cgi.


There are no extra files, access to my account is 2 factor, the machine i use is used for nothing but a limited set of activities and runs SE Linux.


This is godaddy at it's worst and its very unfair - to assert malware with no specific location/information without any proof AT ALL and then offer a very expensive way of progressing further


that's criminal

I have a feeling their "security" algorithm is detecting plugin supporting files improperly. If they are targeting php any form would be liable to be labeled as malware since its 2 way dataflow. The fact they can't address this is hilarious to me.

Also, do you guys have option to show hidden files, or does godaddy restrict that too Smiley LOL

I had a similar suspicion.  Our account hosts multiple domains.  We found 'malware' files (with php extensions) that don't seem to do anything in all sorts of locations-- including the web root.  The whole thing just feels like they were put there by someone with administrative access.  The real kicker is at the bottom of the email it says "Add GoDaddy Website Security to your site, so this doesn't happen again".  Hmm.... shouldn't that be included?  Seems like an underhanded marketing tactic.


I just got this message. I logged in and found the files and deleted them. I had checked my website a few weeks ago, so the files must have appeared recently. But you're right--it seems fishy.

100% agree with other comments.   My website is fine and this is a poorly constructed upselling plan

and terrible business.   Do not fall for it..     Looks like GoDaddy needs some funds...

I've gotten two of these, myself.  At first, I thought it was a phishing scheme, but all fingers point to GoDaddy (all the links and phone numbers, in other words).  I don't even use GoDaddy hosting, you dumb asses!  I hope someone busts you for these tactics. 

Thanks for the help - but the article linked does not exist?

I added their security after getting this message and it did not find anything. Go figure.

Hi @bic2412 


My name is Tony, I'm with the Security Product Group. Would you be open to forwarding me the email you received, with your customer ID so that we can investigate? 


My email is

GoDaddy Security Product Group

Hi @gazza5 


My name is Tony, I'm with the Security Product Group. Would you be open to forwarding me the email you received, with your customer ID so that we can investigate? 


My email is

GoDaddy Security Product Group
GoDaddy Security Product Group

Your "live support"  is just a sales team that suggests purchasing a securities subscription.  It's a joke and since no one can find the malware files I'm beginning to think this whole thing is a scam to get us to sign up for something we don't actually need.



and consider this - nobody from godaddy has read my comment and nobody from godaddy will read yours


the whole company is a completely automated scam

You hit the nail on the head...