While circumstances may vary, in most cases with our malware removal service, we fix hacked websites by following these steps:
1) Perform a full backup of the website in its current state
2) Put the website in maintenance mode to prevent visitors and search engines to be exposed to hacked contents
3) Scan the website and review the files to establish the root cause of the hack
4) Use a combination of automated and manual methods to remove the malware and other malicious files
5) Perform a post cleanup deep scan to ensure all hacked contents have been removed
6) Submit a request through Google Search Console for review to remove the browser warning messages.
7) Submit a request for delisting from Internet blacklists
8) Close backdoors, perform updates and upgrades, and make other changes as necessary to harden the website against future attacks
9) Monitor the website over the next 30-days to ensure the hack does not reoccur
