My site was removed from Google search results

Selected answers from the Dumb SEO Questions Facebook & G+ community.

• 
  Michael D. Ross: Hello all you super helpful people (I love this place!), my website was hacked. ; Pages were added with spammy content for some drug website. ; My site was removed from Google search results. ; I was able to clean it up and we are back in the position on the first page where we were before the hack but i am concerned about the hundreds of search results that come up when I Google my domain. ; I guess these are links back to those spammy pages. ; Can Google penalize me for those down the road even though they have deemed my site repaired? ; Is there any way to get rid of them. ; There are hundreds, maybe thousands. ; They are things like fake blogs and comments and they are all over the world.
• 
  E.Dieter Martin: You can submit an index removal request through Google Search Console (formerly webmaster tools). It even allows for wildcard URLs
  
• 
  Jim Munro: Hi +Michael D. Ross ;. I am sorry that you have experienced this. First thing I would do would be to change your site passwords to a ridiculously long length using a random password generator you can find on the web. 35 characters would not be too ridiculous, you can store this in a text file on your desktop and cut and paste it when you need it. Also change the password used to log onto your web host.
  
  What's happened to you is known as a pharma hack and it still exists on your site. Are you able to restore your site from a backup from say a month or two ago? Rewriting any edits you have made since then will be a lot easier than trying to clean your site piece by piece.
  
  Your site is still hacked. If you do a search for your domain using the site operator and a keyword like "cialis" you will see a number of pptx files listed in the index.
  (site:mikerosslaw.com cialis)
  
  These spam files 302 redirect to a site redito(dot)net and then 301 redirect to smartfastmd(dot)com
  
  Google WILL penalise you for this until you clean it up. You will soon get a notice of a manual penalty in the Google Search Console and see the listings that remain ranked listed on the search engine results page accompanied by the warning "This site may be hacked"
• 
  Michael D. Ross: Oh, thanks. ; I didn't know. ; I will try and figure out how to restore!
• 
  Michael D. Ross: Oh, i did change a=to a ridiculously long password
• 
  Jim Munro: Yes, that is good for the future but it is likely that these files are not new. Either way, your site remains hacked until you clean them up.
• 
  Michael D. Ross: Thanks, I just heard about that a couple of days ago. ; I was told to send around 30 at a time on a regular basis. So Google sees you are continuously trying to work on things. ; Do you know of a good way to get all the links from the search into a .csv? ; I haven't started exploring that yet. ; There must be some sort of tool.
• 
  Jim Munro: Hi Susan, thank you for liking our FB page. :)
  
  The hacked files are still active on your site. I hope someone will back me up and say that it is a waste of time doing anything else until these are cleaned up.
  
  Consider installing an extension called "Redirect Path" into Chrome and test the indexed files on the link below. They go from a Google result page to your site which then redirects them to a Pharmacy site via another.
  
  This is urgent, it is only a matter of time before your search results are accompanied by a warning or you are dropped from the index altogether. After you have cleaned up, go to the Google Search console and request a reconsideration from under the manual penalties section.
  
  Test from this link: https://www.google.com.au/search?q=site%3Awww.mikerosslaw.com+cialis&oq=site%3Awww.mikerosslaw.com+cialis&aqs=chrome..69i57j69i58.7419j0j4&sourceid=chrome&ie=UTF-8
  
  It may be that the only reason a warning is not being displayed on your search results already is because the hacker used an obscure filetype which might not be being taken account of in the algorithm. I have tagged some people who might advise you.
  
  +Federico Sasso ;+Suraj Gadage ;+Dave Elliott ;+John Mueller ;
• 
  Dave Elliott: Yeah jim is correct you need to get this sorted as quickly as possible. Itsnbank holiday here but when im in front of a real computer ill dig out some tools for you to try and find the offending scripts or files.
• 
  Dave Elliott: most of the tools i have are paid for thing however. https://sitecheck.sucuri.net// has prooved useful in the past
• 
  Michael D. Ross: Thanks, I decided to go with paid professionals. ; It seemed too serious and complicated to do myself
• 
  Michael D. Ross: +Jim Munro +Dave Elliott ; I see what you are talking about. ; This looks scary to me. ; I tried the Securi scan and it found nothing. ; I tried to pay Wordfence and they found nothing. ; But they must not be looking very hard because even though I have no idea what PHPMyAdmin is, I opened it and did a search for Tricor and found thousands of results in there. ; I feel like I should delete them but I hate to monkey around in a place I am completely unfamiliar with.
• 
  Dave Elliott: I wouldn't feel comfortable advising you on that i'm afraid.
• 
  Michael D. Ross: +Dave Elliott I understand. ; I guess I will keep searching for a professional that can see the hack.
• 
  Jim Munro: Sucuri's basic package is $200/YR but they will clean your site and keep it clean for the rest of the year. You could find cheaper from other sources but you'd have to sift through them without the certainty of the positive result you can confidently expect from Sucuri.
• 
  Michael D. Ross: +Jim Munro Thanks Jim, it's just like when you hire a lawyer, when you have a real problem and need professional help, that is no time to price shop! ;