My company's website was recently hacked. I need an expert to come eradicate the malicious code and install a few means of keeping us protected in the long run.
I am the unofficial webmaster of our site. I have a computer science background, but never really went into that career. I have a fair bit of coding knowledge, but mostly in offline software.
After Google blocked our site due to malicious code, I downloaded the entire site onto my desktop.
Windows Defender detected the following: JS/Quidvetis.A, PHP/Small.B, PHP/Shell.G, and JS/BlacoleRef.DD
When I opened the file with Notepad++, I could immediately identify the bad code in the infected files.
Furthermore, all the infected files had nearly identical modification date/time.
So, I went through every file in my site and deleted the bad code. They were all either .html, .php, or htaccess files.
It took me many hours but every file on the server looked clean to me.
I told Google through Webmaster Tools that the site had been scrubbed clean. The site is now currently up.
However, I now notice that there are new files cropping up with the same malicious code. They have re-sprouted in files that I have already cleaned.
I understand my "manually deleting the bad code" method was very naive. However, I thought I'd give it a try once before calling in an expert.
Now that the method has failed, I would like someone to take a look.
I hope that it's a one day job or perhaps a two-half-days job to fix.