Had your wordpress website hacked?
The hacker has a malicious intent, so whatever they are doing it will leave traces and links to files or websites. The hacked will also try to cover their tracks, and in the end sometimes the only thing you can do is set fire to your server.
The hacker will have created, or forced, a way into your system that will be different to the traces they leave. You have to address this problem before your virus/malware problem will really go away. This can sometimes mean your host is infected or it might just mean your password is insecure.
Follow the following steps to remove the malware warning.
Make sure you have a backup of everything. Save a copy of your wp-config.php file somewhere obvious.
Download a fresh copy of WordPress from wordpress.org.
Delete EVERY file in your www/web main directory.
Unzip and FTP WordPress to your website/blog. Do not try to upgrade or reinstall from the admin section of wordpress, this method is incomplete.
Download a fresh copy of your theme, and FTP that into your themes folder. If you have modified your theme in any significant way, this will not work. The only way to make sure you have got the problem licked is to install a fresh copy of your theme, or go through your theme line by line to make sure there is nothing that is causing the issue.
Add your wp-config.php file back into the root of your directory.
You should be able to log back in to your wp-admin section.
Change your password.
Install WordPress Firewall 2.
Install WordPress exploit scanner and run. This will tell you if there is a problem with your database.
Use Sucuri’s scanner to see if you are virus free. If you had removed all your files, and carried out a clean install, you should be virus free.
Notify Google you are clean using the Google Webmaster tools.