Our website has been infected with malware and shows warnings to visitors when they come to the site. The malware needs to be removed. Also the version of WordPress is fairly old (3.0.1) and uses about 30 plugins. We want to work with the developer to remove unnecessary plugins while keeping the core functionalities of the website. We want to update wordpress to the latest version and all plugins. The domain name is crimevictimsfirst.org. It's hosted on GoDaddy.
We have a Google Webmaster Tools listing 8 infected URLs but it might only be on a few pages.
1. remove the malware on the the site
2. change passwords to database, ftp and users
3. work with site owners to remove plugins but assure core functions of the site still remain interacted
4. upgrade to latest version of wordpress and remaining plugins