Can anyone recommend a vendor to do a site sweep to identify where we have loopholes on our site Our site was classified by google as having suspicious activity.
Welcome to WHT.
Its very common now a days, If your site is showing red malware warning means that means your site is got hacked and you need to scan your site with some good antvirus then check the code related files which shows infected, remove infected portion from files, after that rescan it, after that submit request to google for consideration after that wait for some hours around 10-12, Google will mark your site clean and red warning gone
Often times, especially this year, a hacked website isn't the result of some vulnerability in the website at all. It's the result of a virus on a PC with FTP access to the website.
The virus steals the FTP login credentials, sends them to a server which then carries out the process of injecting he malscripts into the website. It then monitors the website to see if anyone removes the code. If their hacked code is removed, it tries to re-infect the website again maybe with a different malscript.
We've seen forums where these FTP login credentials are bought and sold. So once someone infects a website, they can then sell the FTP credentials so that others can infect the website as well.
The hackers do this to make money. They get paid an affiliate commission for every PC they install certain software on. By infecting websites that then infect PCs they get paid.
You probably won't find any viruses on the website that Google has blacklisted. However, you will find a virus on a PC with FTP access to the website.
What you have to do is use a different anti-virus from what is currently installed. The reason for this is that the virus knows how to evade detection from the currently installed anti-virus program.
Many have had good luck with AVG, Avast, Avira or Malwarebytes. If you're already using one of these, use one of the other ones listed. It has to be different than what's currently being used.
Scan and clean all PCs with FTP access to the website. Then change all FTP passwords to the website, clean the code, re-upload to the website and then request a review (not a reconsideration) from Google Webmaster Tools.
You could get an Acunetix scan done - alternatively, some DC's provide a free scan too ... if you still can't get someone to run a scan for you, we could schedule a free "informational" scan for you - depending on time constraints.