It's also important to change your password and admin username if someone will help you with your site and needs your admin and password username to login to do the job. After all the work is finished, IMMEDIATELY change your password and admin username. Even if the person is trustworthy, someone in their business may not be. Better to be safe than sorry!
Since scare tactics appear to be at least start thinking about the issue, or what compels some people to take fix wordpress malware scanner a little more seriously, allow me to shoot a couple of scare tactics your way.
If you're one of the proactive ones, I might find it somewhat harder to crack your password. But if you're one of the ones, learn the facts here now I might just get you.
Yes, you want to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More, if at all possible. If you make changes and additions to your website, definitely. If you this hyperlink make changes multiple times every day, or have a community of people which are in there all the time, you could try this out a daily backup should be a minimum.
Now we're getting into things specific to WordPress. You must rename it to config.php and modify the document config-sample.php, when you install WordPress. You need to set up the database facts there.
Do your homework and some searching, but if you are pressed for time and need to get this try the WordPress safety plugin that I use. It is a relief to know that my site (and business!) are secure.