Does your wordpress site hack? We are helping a you to this problem, so we would set out the steps we take to remove malware warnings and viruses.
The hacker has a malicious intent, so whatever they are doing it will leave traces and links to files or websites. The hacked will also try to cover their tracks, and in the end sometimes the only thing you can do is set fire to your server.
You have to address this problem before your virus/malware problem will really go away. This can sometimes mean your host is infected or it might just mean your password is insecure.
Start Again
Follow the following steps to remove the malware warning.
Make sure you have a backup of everything. Save a copy of your wp-config.phpfile somewhere obvious.
Download a fresh copy of WordPress from wordpress.org.
Delete EVERY file in your www/web main directory.
Unzip and FTP WordPress to your website/blog. Do not try to upgrade or reinstall from the admin section of wordpress, this method is incomplete.
Download a fresh copy of your theme, and FTP that into your themes folder. If you have modified your theme in any significant way, this will not work. The only way to make sure you have got the problem licked is to install a fresh copy of your theme, or go through your theme line by line to make sure there is nothing that is causing the issue.
Add your wp-config.php file back into the root of your directory.
You should be able to log back in to your wp-admin section.
Change your password
Install WordPress Firewall 2
Install WordPress exploit scanner and run. This will tell you if there is a problem with your database.
Use Sucuri’s scanner to see if you are virus free. If you had removed all your files, and carried out a clean install, you should be virus free.
Notify Google you are clean using the Google Webmaster tools.
How Long Does it Take for the Warning to Go Away?
From us sending in the request to the Malware warning being removed took less than 8 hours.