If your website is responsible for generating ransomware popups—we don't know if your website is responsible for those things—then it indicates that your website has been hacked.
Looking at the FPA report, it's plain to see that the site has not been maintained very well.
The site looks like it was migrated from J! 2.5; there are a lot of J! 2.5 extensions have not been removed. In general, J! 2.5 extensions should be uninstalled from J! 3.x websites; most of them do not work at all
with J! 3.x
and some old extensions may be vulnerable to attack.
There are several outdated extensions here (I'm not going to list them all, there are too many of them): for example JCE
2.6.9 (the current version is 2.6.18), RS Firewall 2.11.6 (current version is 2.11.
(they're no longer in business)
The J! 2.5 extensions that you are using should be uninstalled or you should ask the authors of those extensions to confirm if they operate with J! 3.7.x
, in particular BlueStork
(admin template), Atomic
, and JM News Pro
2.1.6, and Coolshow module
I don't know anything about the extensions JU Image Caption
or JU Login
. I can't find anything about them using Google
Looks like you have a bit of housekeeping to do!