Hello community! Well it finally happened to one of my clients...their site was hacked to the tune of going from 185-ish pages of their own to over 9000 pages with hacked domain endings (like myclient.com/clomid-canada) and other pharmaceutical types that I'm sure you've seen before.
I've fixed all security issues, used Webmaster tools to fetch the new pages and they all look great. I resubmitted the site, now with SSL and malware detection, etc...and Google has accepted the changes. My problem is that pre-hack, my client's SEO was fantastic--page 1 of Google results for their most wanted keywords--and has been consistent for 3 years (probably why it was selected for the hack?).
When I do a site:domainhere.com google check, google is still showing the hacked domains. When you click them, they thankfully are all 404 errors. But obviously the problem is that organic SEO is way down.
I know it will take time to come back, but how do I remove all of those 404 error pages from Google search results? Is it just "time," or do I need to be proactive? I've submitted a new site map. Do I need to use Webmaster tools and manually remove all of the bad URLs? If yes, what choice do I make? Google gives me 3 reasons for removal. Please see attached screen shot.
I imagine if I need to remove URL's there's a way to download a spreadsheet and then I'd manually have to go through the near 9000-ish URL's and not submit those I don't want removed?
Arghhhh!! I hope this makes sense, and I tremendously appreciate any feedback anyone might offer. Thank you in advance!!