I’m a victim myself and my site was blocked and listed by Google as “Malware found in WordPress”. This is caused by some security loopholes of timthumb.php. This file is used for creating thumbnails and is widely used in lot of WordPress sites. Below are the few steps which I have done to resolve the issue myself. Hopefully can be of some help to the rest who are having the same issue. Good Luck!
1. First of all, I updated my WordPress theme. Luckily, my theme is a paid version and the author actually provide an update of the same theme without using timthumb.php. I have also removed all files from the cache folder under wp-content.
“. Remove the whole line of script and update the file back to your blog.
4. Try to re-scan your URL again. All the malware messages should be resolved and your site should not be blocked and listed by Google for any malware.