I got an email from Google first on 27th Sept '13 that they have detected malware on my website. I contacted my webhost Hostmonter who sent me a list of infected files and told me to delete them and ask google to re-scan. I did as told and within 24 hours, Google had removed the warning and my website was free of Malware.
But again on 4th Oct '13, I got an email from Google saying that Malware was detected on my website. My webhost have temp suspended my website and again given me the list of files to be deleted.
But my question is this can happen to me every week. I have already upgraded my website to the latest Wordpress version and changed the password.
What can I do to plug the hole...?