Great post of how the security company ‘Sucuri’ approach infected websites and handle the huge scale of cleanups they perform within a single day (>400).
- Establish a Baseline of the Environment
- Identify Known Compromised Files
- Identify Anomalies and Signs of Compromise
- Check for Integrity Issues with Known Goods
- Remove from Blacklists
Source: How Does Sucuri Clean Hacked Websites? – Sucuri Blog