link to "sex academy" at the top of every page!

Hello!

I discovered last night, to my dismay, that every page of my website had a tiny link in the upper left reading “whoriental sex academy” with a link (that I did NOT click!).

Here’s what I did.

1. Scanned my laptop (no issues found)

2. Changed WP password

3. Downloaded a security plugin and scanned.

4. Deleted the recommended files:
* File appears to be malicious: wp-content/plugins/updraftplus/includes/Google/Verifier/kses.php
* File appears to be malicious: wp-content/themes/weaver-ii-pro/functions.php
* File appears to be malicious: wp-includes/images/smilies/about.php

5. This removed the link but killed my site (of course) so I restored from a two-week old back up (which is fine; I only added one page and it will be easy to recreate).

6. Updated WP and all my plugins.

7. Downloaded yet another security plugin after doing more research. I chose Sucuri as it had the highest ratings and most downloads.

8. Now I’m at the tab on the Securi plugin where I need to update my security keys etc. and feel I’m in over my head. My site is up and (for the moment) uncompromised.

– Should I notify my web host?
– Should I follow the Post-Hack recommendations of Sucuri?
– A friend suggested I update the database pw from the host side, and then update my config file. Does the plug in do that?

As you can see I am not totally useless but not totally savvy either and know just enough to cause some real damage. Advice on moving forward appreciated!

Site is http://radiusensemble.org/

Thanks in advance!