Just following up. Been a week since I removed the file and it is still clean.
I’ve been having the same issue as this for the last while as well. However in my case I wasn’t able to locate a file any problematic files in the uploads. In the situation of my client I found code in the cgi folder off root and was named ‘wp-xgqdi.php’.
I’ve deleted the file, cleaned up the .htaccess files and notified Google of the resolution. I’ll post in here if my issue is resolved.
