Where are you receiving the message?

The first step, of course, will be removing the infected code, and securing the server to close whatever vulnerability is allowing the attacker to compromise the site.

__________________
The best way to learn anything, is to question everything.