Sites Hacked, Odd Login Screen

I started noticing on several of my sites and my clients’ sites (over several hosting companies) started having odd wp-admin login pages. The WP logo was gone and in it’s place was the site title, and the nice box around the login form was gone. On investigation, I found an odd file in both the root and under /admin called, simply “..” that contained several lines of characters ending in an equal sign. When I deleted those files, they came back, so I emptied them and set permissions to 000.

Then I noticed a huge line of code at the top of the wp-config and all the site index.php files, plus a few more such as functions.php files and header.php files. On one site, I completely re-installed all wordpress, plugin and theme files and all that odd code seems to be gone, but that site still has the strange login screen. That site is https://connieloves.me/wp-admin

(The hosting company on that site did a couple of malware scans for me and found nothing, even when all those compromised files were still there.)

Unless I missed some infected file somewhere, the only thing I can think of is something in the database, but I have no idea even what to look for.

Any idea where I can go for help? (I have use both the WordFence and Sucuri plugins. WordFence finds the hacked files if they are in known plugins, themes or the core WP, but not everything.)

Thanks in advance.