Hey thank you for answering!
It was extremely helpful to read that.
I found some of the malicious code they're referring to (like base and decode64) and modifications to the htaccess file. It's in oh so many files and so messed up that I can't even start to correct it, specially because I'm not an expert on PHP.
So I'm going to write to one of the authors of what I read to ask for an estimate on how much that would cost. If there's anyone you would recommend yourself, just let me know.
Thanks again for your help!