October 9, 2012 at 7:11 pm
#828713
Inactive
I’m a bit surprised they got into the database. Usually it’s just a few files on your server.
The first thing I always do is make a backup of all the files so that I can inspect them.
Then I go to my whm and change the cpanel login details for the site.
From there I delete all the site files and upload a clean version of the WP files (not the db).
After reviewing all the files and cleaning them I write them over 1 by 1. (important files only).
In this case I would create a new login and password for cpanel and make a backup of the db for inspection. You can do this from your whm link.