There are several steps of on how to remove a WordPress Malware on your WordPress website without being a web person. Below are the list of things that you can do to remove the malware that is infecting your website.
Check what malware has infected you – You can use Google website diagnostic tool to determine what malware has infected your website. Usually, it will be automatically displayed when your site got infected. To do this, type in your address bar
http://www.google.com/safebrowsing/diagnostic?site=mydomainnamee.com/ where mydomainame.com is your website url e.g. google.com.
Contact your web hosting company – Most web hosting company offers a free website malware scan and clean up. You can asked them to run a check through in your website. When you have contacted them, they will usually asked when did it start, and if you are not sure about when did it happen, you can log in to your web control panel and check the most recent file. For most cases, the recent file contain the malware script unless you made some changes to the files after your site has been infected.
If you caught the malware at an early stage meaning within 24 to 48 hours,You may request a backup restoration for your website. Some web hosting does weekly backup so you may lose some content you did for that week but your website will be restored.
Change all your password – when you get infected, it is highly advisable to change your web hosting control panel or cPanel password immediately including your ftp accounts. You can do another change after your site has been clean up.