It isn’t uncommon to see people complaining about their websites being broken or down after having a malware removal service deal with malware that had been on the website. If the website wasn’t having that problem before the malware was removed, the cause of this is likely the usage of automated malware removal without careful supervision to make sure that all the added code is removed, while not removing any preexisting code.
To give an example of how things get messed up, take a website we saw after automated malware removal was done. At the top of the website’s pages was “?>”. For those not familiar with PHP coding, that is the end tag for PHP code. What probably happened is that there was code added to the beginning of a file that looks like this (with “malicious code” filling in for the actual malicious code):
<?php “malicious code” ?>
The automated malware removal then removed ‘<?php “malicious code”‘, but left the last part.
Depending on what has been damaged, fixing this can be relatively easy or rather hard.
Before making any more changes, make sure to make a backup of anything that is going to be changed. Worst case, you can revert back to where you started before trying to deal with this.
Whoever did the malware removal really should address this, but if this is an obvious issue across the website, they clearly are not too concerned about the quality of their work, so you may not want them making more changes.
If you don’t feel comfortable handling this yourself, a good web developer should be able to addressing this for you.