same problem
step 1 :- check u r database options file , that has changed to malicious name
rename it
step 2:- goto theme header.php check for <!DOCTYPE html> if there any code before <!DOCTYPE html> delete and also check any malicious code in that file and remove safely
step 3 :- delete mu-plugin folder in file manager plugin section
step 4:- scan in word-fence remove all infected files
step 5 :- scan entire cpanel {or u r control panel} to check other domains infected or not in same file manager system
