It's also important to change admin username and your password if someone will help you with your site and needs your password and admin username to login to do the work. Admin username and your password changes after all the work is finished. Someone in their business may not be even if the person is trustworthy. Better to be safe than sorry!
I was helped by it although my first step is. I had a fantastic old style pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me) And I did what I should have done before I started my site. And here is where I would like you to start as well. Learn how to protect yourself before you get hacked. The thing about fix wordpress malware and why so many of us recommend because it is so easy to learn, it is. That is also a detriment to the health of our websites. We have to learn how see this site to add a security fence.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, that hides the files out of public view.
There is a section of config-sample.php that's headed"Authentication Unique Keys." There are four definitions which appear within the block. A hyperlink is within that section of code. You need to enter that link into your browser, copy the contents which you return, and then replace the keys you have with the unique, pseudo-random keys provided by the site. This makes it harder for attackers to automatically create a"logged-in" cookie for your website.
Now we're getting into matters specific to WordPress. Whenever you install WordPress, you have to edit the document config-sample.php and rename it to config.php. You need to set up the database information there.
These are some. Thing is they don't require view publisher site much time to do. These are easy options, which can be done.