Build a Website

Hello, I am getting errors on our website and need to be fixed. Please provide me detail diagnostic and how you will fixed it. The site ahead contains malware erros: 1) Attackers currently on [login to view URL] might attempt to install dangerous programs on your computer that steal or delete your information (for example, photos, passwords, messages, and credit cards). Our host notified us; I do see a malicious file: wp-admin/[login to view URL] Here are the logs from someone accessing it. [login to view URL] - - [08/Jan/2015:08:35:01 -0600] "POST /wp-admin/[login to view URL] HTTP/1.1" 200 20 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3" [login to view URL] - - [08/Jan/2015:08:35:03 -0600] "POST /wp-admin/[login to view URL] HTTP/1.1" 200 8276 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3" [login to view URL] - - [08/Jan/2015:19:05:22 -0600] "POST /wp-admin/[login to view URL] HTTP/1.1" 200 8275 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22" [login to view URL] - - [08/Jan/2015:19:05:22 -0600] "POST /wp-admin/[login to view URL] HTTP/1.1" 200 2944 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22" [login to view URL] - - [08/Jan/2015:19:05:22 -0600] "POST /wp-admin/[login to view URL] HTTP/1.1" 200 13311 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22" [login to view URL] - - [08/Jan/2015:19:05:22 -0600] "GET /wp-admin/[login to view URL] HTTP/1.1" 200 385 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22" [login to view URL] - - [08/Jan/2015:19:05:25 -0600] "POST /wp-admin/[login to view URL] HTTP/1.1" 200 8234 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22" I am unable to locate exactly how the file came to be using access logs and see nothing in FTP or cPanel logs. I would recommend changing related passwords as well as doing a reinstall of WP to ensure all malicious files are removed.