those files ( and every other theme ) have been deleted. but I still do not see how the files could have got into the website?
if someone can guess the password then fair play, they have got some amazing brain on them to get past a special char, alpha numeric, upper and lower case of 32 digits
but from my end, ( and this being the ONLY computer that has database access ) I don't understand how they got in without hacking this computer, which they didn't?
that is my main issue.
iPage seem reluctant to indicate how they found out, how they identified the hacked files but failed to delete them and instead opted to shut us down and then say £" but if you pay us we will do it for you "
the files are fixed now ( through our own efforts not iPage's ) and we will be relocating the website to a new host ( 1&1 or Blue Host, probably? Arvixe have a poor uptime ratio of only 76% ) . But I would still LOVE to know how 'they' did it