In my opinion, the best way to ensure your that is fix malware problem is through using a WordPress backup plugin. This is a relatively inexpensive, easy and elegant to use way to make sure that your site is available to you in case of a disaster.
A simple way to maintain WordPress safe is to use a few tools. To begin with, don't allow people run a web host security scan to list the files in your folders and automatically backup your their website whole web hosting account.
Move your wp-config.php file up one directory from the WordPress root. WordPress will look for it there if it cannot be found in the main directory. Additionally, nobody will be able to read the file unless they have FTP or SSH access.
Now we are getting into things. You must rename it to config.php and alter the document config-sample.php, when you install WordPress. You will need to deploy the database facts there.
These are only some of the things I do to protect my content blogs. Great thing is find more info they don't require much time to do. These are also simple options, which can be carried out.