just sent you a pm

Securi scan too https://sucuri.net/

When working to clean your site there are a number of things you should know, I’ll wrap it into 4 key things:
Use Live Scanners
Default WP File Structure
File Permissions
Disabling Plugins

The best program to use (free for 30 days) is:

MalawareBytes
https://www.malwarebytes.org/

Install it and run it on your server.

This will certainly remove any malaware from your server!

(I am NOT associated with this product in any way!)

What sort of malware do you have?

You really should get a professional to have a look at the site if what you have on it is important.

If you can live with losing some data, try restoring to an earlier point (restoring both, files and database).

Depends on which malware we're talking about. Is this injected via Javascript? is it a code placed in the header? You need to find the issue and then you can go from there. Is Google or Bing telling you there is potential malware on your website?

I use iThemes Security plugin and haven't had any more trouble. I had the same malware three times before I put this in.

Ouch. I feel for you. This can be super challenging, even for the most experienced devs... unfortunately...

I had this problem a couple years ago where someone hacked my site and a few of the pages were installing malware on a visitors machine. And the worst was that I'd remove the hacked code and then a couple days later it would be back. I spent a long time working at it. Also got my hosting company to help out (Dreamhost is great for this).

I think the problem was with the theme I was using - it had a vulnerability somewhere. In the end, I installed a new version of Wordpress from scratch, new theme (Thesis) and rebuilt the site, migrating the content. That worked.

If you don't want to rebuild, try figuring what pages are compromised - sitecheck.sucuri.net (previously mentioned) is good. If you know PHP, you can go from there and try to figure out which PHP files were hacked. wp_functions.php is often attacked. But the root of the problem might require some intense analysys.

Definitely contact your hosting provider. They should be able to help significantly. Some providers have code scanners that can identify hacked php files.

You can also try making sure you have the latest and greatest versions of everything installed and remove suspect plugins. You can't always trust (ever?) plugin developers to write vulnerable-free code.

Good luck!

Try to use sucuri, they will handle all process for you. otherwise it is very hectic task to clean all code and files from malware ... also strengthen security by changing all passwords .......... checkout your template or theme must not be nulled as it also attract malware and other hackers ...

There are more hijack codes and make sure to check the webmaster tools to findout more.

Install fresh files from wordpress and copy only images to the image directory.

Once my site was attacked and got several times attack in a serial way, consult to your hosting company too.

All they have to do is add one php file to a site. They can later call that file and do just about anything they want on your site.
If you have several websites within the same cPanel account, they can manage all the sites within that account. One carefully constructed file can allow a hacker to effectively run a file manager giving them complete control over your hosting account. [everything within one cPanel installation]

you can use the wordfence plugin it helps to remove it ....just go to wordpress and install plugin and run it ....it will ask for api sometimes so register at there site and so it .....