There are a few things to look for that can indicate a potential malware infection:
Unexpected deny rules on your .htaccess file.
Files on your website's root folder that you did not create either manually or via a custom script/cron job.
Files such as index.php containing large amounts of unreadable code.
Your WordPress admin page does not load the style properly.
Your website is redirected to another site which you don’t recognize
Our Malware Scanner has identified and removed compromised or infected files
At Hostinger, on our Shared Hosting and Cloud Hosting plans, we have an automatic Malware Scanner that will help identify and remove malicious files on your account.
If you want to clean up your website manually, you can use security plugins such as WordFence or Anti-Malware Security. Here's a step-by-step tutorial on how to clean up an infected WordPress site using the WordFence plugin: WordPress Malware Removal Guide.
If your website presents issues after cleanup, you can consider restoring it from a backup. Please note that this would revert any changes you made after the backup date.
However, keep in mind that only removing the infected files may not be enough to contain the infection. It is very important that you tackle the reason why the infection occurred in the first place. In order to eliminate any vulnerabilities and keep your websites safe, please do the following steps:
Use strong passwords: unique, with more than 8 characters using letters, numbers, and special characters
Keep WordPress, themes, and plugins updated to the latest stable version
Avoid plugins and themes from unknown or third-party providers
Protect your website's contact/registration/login forms with reCAPTCHA
Scan your local device with an antivirus software such as Malwarebytes
Learn more: Keeping your WordPress website safe 💡