Have you read How to recover your Hacked WordPress Site (Part-2) yet?
Stage 6: Getting back to (almost) business as usual.
The new Mindset: As mentioned above, before you are done with this clean-up process you will need to look at security in a whole new light. Or at the very least, you had best respect the fact that your ability to keep hackers at bay rests on your ability to maintain a proper pro-security mindset. So along those lines, let’s discuss a few quick topics pertaining to Security that you can mull over now that the immediate emergency is over.
Have you read How to recover your Hacked WordPress Site (Part-1) yet?
Stage 3: Let the Sanitizing begin.
Once you’ve identified the “vector” or angle that the hackers used to compromise your website, you can now get to work plugging the holes. Wordfence keeps a massive Archive collection of every known WordPress Theme and Plugin. For those legitimate configuration files that might have simply been compromised along the way, you can re-download a known-good version of the file from the Wordfence archives. Delete the ones that don’t belong on your website. Just keep fixing those files which are infected, and deleting those that don’t belong until your site is once again clean. If your hacker wasn’t aware of your attempt to take back your Account and Website, they will probably begin to realize it soon. Keep moving!