I have seen that one of my sites has been compromised, sometimes when entering my site and clicking in the menu bar, it will open a new window linking to ads.shorte.st and then opening an alibaba or mackeeper ad. i didn't insert those ads, how can i remove them ?
You need to check whether the malicious script comes from: - your web script. If this is wordpress site, the ads may come from theme, or plugins; there are numerous plugins out there, such as wordfence, to protect your site. Either wordpress or not, you can restore your latest backup to the current site and see if the ads are still showing or not. - your internet provider. This happened to me last year, my ISP inserts javascript which replaces every </html> tag on any sites that I visited. I wrote it on my blog last year, but it was in bahasa Indonesia so it is pointless to put a link here. In summary, a way to avoid this is using proxy to visit sites or purchase a SSL certificate for your site. While this may be not your case, I think it is worth mentioning as well. - your server. Somebody might hack into your server and put a script that affects all sites in the server. Use IP tools to check which websites are hosted on your site and see if all these websites have the same problem or not. If yes, it is likely that the server is not secured.