3 of my sites (wordpress sites), on the same host, got hacked this week. My host explained to me that there's malware on my sites and therefore they needed to put on offline. To resolve this problem I need to manually check each file for malware (they told me that). This is a real pain in the ass because I think I can't even recognize a file with malware and there are countless amounts of files. Is there any easy way of doing this? I also never made back-ups of these sites. I can kick my self in the head for not doing this, so I definitely learned a lesson here and I hope also for everyone who reads this that doesn't back-up their sites. I also recall me downloading some plugins from some website for free (which weren't for free obviously), is there a big chance that such plugin could have done this? The weird thing is that these plugins are already installed for a couple of months before this malware thing happened. Does someone have experience with this? What should/can I do? Thanks in advance.