Received message from GoDaddy: Your site has been flagged for malware.
I have received an e-mail from GoDaddy saying my hosting account (WordPress site) has been flagged for malware. It then lists some files, such as: php.backdoor.file_get_contents.005 - html/blog/hnwuc.php
I also have a security issues warning in Google's Search Console, which says my site is hacked with URL injection, and displays some URLs.
GoDaddy called me a while back, basically warning me that unless I add a security option this kind of thing could happen.
I do not wish to purchase GoDaddy's security at the moment, and my question to GoDaddy is, can I manually remove these malware files (or any other spam) from my site? If I can't do it through GoDaddy, then can I clean my site using Google or WordPress on my own?
* Please note that I offer free advice on this forum. I DO NOT PROVIDE ANSWERS VIA PM. If you would like personalized help, you can see my pricing on my services page. Otherwise, please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. Thanks! *