It sounds like you may have already pursued some steps to resolving the malware issue, but I’d recommend carefully following this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.
Is the blank page you’re seeing a 500-server error?
Internal server errors (error 500) are often caused by plugin or theme function conflicts, so if you have access to your admin panel, try deactivating all plugins. If you don’t have access to your admin panel, try manually resetting your plugins (no Dashboard access required). If that resolves the issue, reactivate each one individually until you find the cause.
If that does not resolve the issue, try switching to the default theme for your version of WordPress to rule-out a theme-specific issue. If you don’t have access to your admin panel, access your server via SFTP or FTP, or a file manager in your hosting account’s control panel, navigate to /wp-content/themes/ and rename the directory of your currently active theme. This will force the default theme to activate and hopefully rule-out a theme-specific issue.
If that does not resolve the issue, it’s possible that a .htaccess rule could be the source of the problem. To check for this, access your server via SFTP or FTP, or a file manager in your hosting account’s control panel, and rename the .htaccess file. If you can’t find a .htaccess file, make sure that you have set your SFTP or FTP client to view invisible files.
If you weren’t able to resolve the issue by either resetting your plugins and theme or renaming your .htaccess file, we may be able to help, but we’ll need a more detailed error message. Internal server errors are usually described in more detail in the server error log. If you have access to your server error log, generate the error again, note the date and time, then immediately check your server error log for any errors that occurred during that time period. If you don’t have access to your server error log, ask your hosting provider to look for you.
