Site has been hacked – keeps re-hacking

My site was recently hacked via what seems to be code injection or file insertion on the index.php files. I initially contacted my host and they took care of it, scanned my sites (there are three on one account, all infected) and they came up clean. I changed all my passwords. I have noticed within about 30 minutes, the code reappears and my sites are re-infected. I have had to contact my host three times now and they fix it, say it’s clean, and send me on my way. Now they’re telling me I should hire a developer, but I want to try and fix it myself. I take the codes out and sure enough, they come back. Any ideas on what I can do? Thanks!