I had to clean up several websites for a client that was recently infected with the same virus. There is no plugin that will fix it. You have a few basic choices:
1. Manual Track down and remove/replace/repair:
- Locate & remove the original infected file with the executable payload.
- Repair altered directory security permissions set to the unsafe 777.
- Remove all infected plugins
- Remove virus injected code snippets from all pages and posts stored within your database.
- Download, install and activate a safe temporary WordPress theme (Twenty Eighteen)
- Re-install WordPress core files through admin panel
- Re-install & reconfigure your previous WordPress Theme.
2. Restore a previous backup of your website prior to infection (if available).
Or
3. Remove the entire website and re-build from scratch.
The easiest option is number 2 but only available if you have an untainted backup available.
Option number 1 can be done if you know how to manage directory permissions, and know how to identify malicious code and remove from files and databases using find & replace techniques. If you miss anything infected file, code snippet, or database entry your website will still be compromised.
Short of those to options the only same way to remove this particular virus is to wipe all website files and rebuild from scratch. You need to figure out which options are within your purview and decide from there. You can always hire someone to remove the infection, though it may be an expensive undertaking.