Useful resources to read:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://blog.sucuri.net/2012/07/website-malware-removal-wordpress-tips-tricks.html
http://pengbos.com/blog/removing-malware-from-a-wordpress-site
http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/
http://www.quora.com/How-to-remove-Malware-from-WordPress
http://webenso.com/wordpress-site-hacked-malware-removal/
http://www.gavinwray.com/2013/01/24/ive-been-hacked/
http://blog.sucuri.net/2010/04/conditional-redirects-or-the-htaccess-malware.html
http://www.wpsite.net/how-to-remove-this-site-may-be-compromised-warning/
Useful scans:
http://safeweb.norton.com/
https://www.virustotal.com/en/#url
http://sitecheck.sucuri.net/scanner/
Google Diagnostics page (user can find certain information of the malware by replacing example.com in the following URL with your own site’s URL: www.google.com/safebrowsing/diagnostic?site=example.com. this information is quite general)
http://www.unmaskparasites.com/
Plugins:
http://wordpress.org/extend/plugins/gotmls/ (Anti-Malware (Get Off Malicious Scripts) – absolutely useful to remove malware!
http://wordpress.org/extend/plugins/websitedefender-wordpress-security/ (WebsiteDefender WordPress Security)
http://wordpress.org/extend/plugins/wordfence/ (Wordfence Security)
http://wordpress.org/extend/plugins/bulletproof-security/ (BulletProof Security)