Hi, I already done this kind of job in the past... bad news is that there aren't any efficient plugin to prevent this, you need to understand how the attacker managed to do it. This usually means analyzing the logs.
I can remove the malware for 35 USD, but unless I got lucky seen how the attack was done, I will need more budget for analyzing the logs, if you have them, or do a little security audit. Otherwise there will be a new security problem within days...