Steps to restore your websites.
1. Immediately take your site offline or enable maintenance mode.
2. Change the passwords for administrator users to ensure they contain at least 8 alphanumeric characters, incorporating a combination of uppercase letters, numbers, and symbols.
3. Thoroughly check if any new administrator users have been added to the web application without your consent.
4. Update all installed web applications, including Wordpress, Joomla, Drupal, etc., along with their third-party themes, plugins, components, etc., to the latest versions.
5. Repeat the above steps for all add-on domains and subdomains associated with the same account.
6. Change the passwords for your control panel and FTP accounts to create strong passwords, each comprising at least 8 alphanumeric characters along with special symbols.
7. Delete files and folders that are no longer in use.
8. Use an updated scanning program to scan your computer for any malicious code that may have been introduced by hackers. Make sure to scan all content, not just text files, as harmful content can often be hidden within images.
9. Restore clean files and revisit step No. 2.
10. Bring the website back online.
For the list of suspicious pages from Google, please refer to Google at:
http://support.google.com/webmasters/bin/answer.py?hl=en&answer=163633