I had the same issue. my google page was showing japanese.
What I did: This malware it is saved in the directory by default public_html. I’ve noticed that it leaves subdomains alone. when i tried delete index.php and .htaccess it was renewing that files with malicious code. at my ftp i created diffirent folder and on my admin page i changet deafult folder from public_html to the name of the folder i’ve jus created. I restore the backup page to the new folder. After that i deleted public_html and changed admin pass.
For now it’s working fine