how to get rid of these files !

[zoohayr]

Hello,

I know I was hacked, but I don't know how to get rid of it! I noticed that my results from my website in google redirects to links from advertising pages. I scanned the site with malware built into the host's cpanel. this software has to detect files like ".6fjklecce.ico". when i delete these files but when i scan the next day i find they are returned !

[gws]

I would have my site audited by https://mysites.guru/ the first audit is free. Phil is a true joomla expert. I have no affiliation with the site.

[abernyte]

Or follow viewtopic.php?f=714&t=946026 to the letter.

[zoohayr]

Hello and thank you friends for your help. I prefer to go for the mysites.guru platform! because I have modifications in the joomla template and in the source files too. in the meantime I would like to know if the code in the attached file is far from being hackers' code? this is a file that I found in a plugin offered for free by its author.

[toivo]

Where did you download the plugin from? What is the plugin supposed to do? Does it provide some sort of a scroll effect?

The code itself, when put through a beautifier, looks obscure but possibly harmless.

[PhilTaylor-Prazgod]

files named ".6fjklecce.ico" are hackers files. Your site is hacked.

[JAVesey]

...I have modifications in the joomla template and in the source files too...

Have modified Joomla core files?

Modified core files may well get overwritten during an update. I note that you haven’t said which Joomla version you’re running; have you been keeping your installation up to date?