Cleaning up an infected Joomla web site
You can scan your website using Sucuri Site Check.
Cleaning the infections and securing your site
Clean the infections
If you have a backup of Website files prior to detection of virus infection, then download the backup from the server and replace the infected one.
Change your ftp, cpanel, joomla, database passwords. Make sure you use strong passwords. You can generate strong passwords here.
Change your Joomla administration credentials
Enter Joomla backend and use user manager to change your username and password.
Change your user database credentials
Enter the cpanel of your website. This should be given by the hoster. In databases, delete the old user and create a new one.
Now open configuration.php and change these lines
var $user = 'new_username'; var $password = 'new_password';
Set proper folder permissions
Change your folder permissions. You can use fileZilla to do so.
- Right click on you public folder and set 644. Check "Recurse into subdirectories" and select "Apply to files only".
- Wait for the process to finish and then right click on your public folder again and set 755. This time check "Recurse into subdirectories" and select "Apply to folders only".
Check out this article for more.
Upgrade Joomla to its latest version