I've got a 2-yr old multisite which recently got suspended by my hosting provider due to malware.
While I have limited access to my account, I check that there are indeed quite a handful of unfamiliar files with malware-spamming-like codings.
I've a strong cPanel password (a combo of numbers/alphas) and somehow I feel that the server breached of security is not on my side. The hacker could have access to my directories via server's root or something. Anyway, bad news for me is that my side if flagged and now with limited access.
The only backup the provider archive was on a date after the spam/malware was reported. That implies that even if they reload/flashback to the "latest" backup, malwares would still be there. Is it a norm that hosting providers only keep one copy of your sites??
What are the ways I can do now to reinstate my site to clear it from malware?
Most importantly, how can I prevent this from happening again?