To prevent re-infection I would do the following:
1.Change all passwords (cPanel/Wordpress/FTP/database) to strong 15 character number/letter/symbol versions.
2. Update your salt keys in the wp-config.php file to log out all existing users.
3. Delete any new unknown users.
4. Install Ninja Firewall and use the file guard and file check features to keep an eye on your site files over the next week or so.
5. Install Wordfence and keep an eye on the results of the daily site scans.
6. Follow the advice in the codex to harden your Wordpress installation:
http://codex.wordpress.org/Hardening_WordPress