Cacher is the code snippet organizer for pro developers

1. Search if there is a JS infection on your server, the -l switch will list only the file names
find . -name "*.js" | xargs grep -E "\/\*[a-z0-9]{32}\*\/" -l | sort

2. Add a new line character before the pattern, this is very important, sed can only delete lines from files upwards.
find . -name "*.js" -exec sed -i "s/\/\*[a-z0-9]\{32\}\*\//\n&/g" '{}' \;

3. Finally delete the malware code from all infected JS files:
find . -name "*.js" -exec sed -i "/[a-z0-9]\{32\}/,/[a-z0-9]\{32\}/d" '{}' \;

Before you try this please test it on one file, i have a CentOS server installed.

I have found three backdoors installed with the help of access_logs and blocked the IPs in our firewall.
/wp-content/plugins/yith-woocommerce-ajax-search/widgets/class44a.php
/wp-content/languages/admin-network-hu_HU182a1.php
/wp-cont.php