Carefully read https://codex.ww.wp.xz.cn/FAQ_My_site_was_hacked. It gives you very usefull tips and tricks to cleanup a hacked site.
Thanks, one of those scanning sites found some extra corrupt malware in the javascript so I removed it
It is vital that you also identify how exactly malware was able to upload itself into your web repository, else it will just happen again.
How do I go about doing that? Just changing passwords?
If you can imagine, you have removed/overwritten the damage an attacker was able to cause via some weakness in your website. Removing the damage as you have done, may not have removed the weakness that allowed the attack to take place in the first place.
Finding the cause of attacks is not easy. It may mean looking back through log files to find the attack itself, therefore giving you the file the attacker used to exploit your site.
In many cases this is usually a plugin that has a security vulnerability in it, in rare cases it is a security vulnerability in WordPress itself, and in other instances the attack will have been leveraged at the webserver itself rather than at the website code/files.
Dumb question, but who do you find your log files?
It’s not completely gone as it turns out, just seems to only display it on certain browsers.
There may be a setting in your web hosts control panel that allows you to view logs, else ask them to show you how to do that.
Yes, if you have not shut the security hole, they usually come right back and reinstall themselves.
