I have a client website [url removed, login to view] that has been hacked. When the website is directly entered into the address bar of a browser, it loads fine. If you do a Google search for the website and click on the link to the website from the search results, you're forwarded to different spam websites. I believe, based on my investigation so far that this method is being used.
[url removed, login to view]
I need someone to confirm that this is the problem and the solution. If it is, I need to have the site backed up, then I need the "base64_decoded" code removed from the site and the [url removed, login to view] file updated to prevent this vulnerability from being exploited again.