If your site has been infected, it is generally because some vulnerability has allowed a hacker to take control of your site. The hacker may change the content of the site or steal your data or the only want to attack any computer that views your site. This malware include Virus, Worms, spyware and trojan horses.
When you realize your site has been infected by malware or has been hacked, you should act quickly as possible to minimize the damage. But first you make prepare to your site, so you will get report and possible action to overcome security thread.
1. Register to Google web master tools
By using the Web Master Tools your site will always be monitored for possible malware
2. Always backup Your site and Database
Backup is an anticipation to return to the state before the infection, this action must be taken if the cleaning is not possible.
What you should DO
1. Take your site down immediately, this important step to minimize the risk or damage, you can do that with change the .htaccess (deny from all, allow from your ip)
2. Contact your web hosting. They may taking some action steps to address the problem
3. Change all your password to the site (FTP, Admin account etc)
4. Scan your personal computer that usually access FTP or admin account with a up-to-date scanning program to identify virus or malicious code, remove them if necessary.
5. Clean up your site. Check for your site that identified by virus scanners or the malware details tools or the best options is replacing entirely with the last known good backup.
Preventing Malware Infection
1. Always protect your computer with updated Anti Virus Software or Firewall.
2. Always monitoring your site Health on web mastertools.
3. Choose good passwords