The Exploit Scanner plugin can help detect damage so that it can be cleaned up. Other things you should do:
- Change passwords for all users, especially Administrators and Editors.
- If you upload files to your site via FTP, change your FTP password.
- Re-install the latest version of WordPress.
- Make sure all of your plugins and themes are up-to-date.
- Update your security keys.
- See FAQ My Site Was Hacked.
– Just cleaning out files isn’t enough. When you’re done, you may want to implement some (if not all) of the recommended security measures.
]]>