I have 2 sites both running joomla 3.82 and google sent this message -
Hacked content detected on http://www.***.co.uk/
To webmaster of http://www.***.co.uk/,
Google has detected that your site has been hacked by a third party who created malicious, unexpected or harmful content on some of your pages. This issue affects your site’s reputation by showing the hacked content on your site or in search results. We recommend you remove the hacked content from your site as soon as possible. Once removed, our system will automatically reflect these changes as we update our index.
Following are some example URLs. Review them to gain a better sense of where this hacked content appears, and how it may have been placed on your website. The list is not exhaustive.
http://www.***.co.uk/NTQxay0xNzc3LTQxay ... FrczQ=.gov
http://www.***.co.uk/NXc3LTIxMzI3L3c3Lz ... 4cA==.tech
I can see that numerous .php files have been uploaded to the root, one of them shows - welcome to shell - and shows sites files.
Is there a way I can fix this please?