Strange maybe infected files Joomla

[komir]

Hi, today in the root of my page, I got a lot of folders named strange, like "kdgsh" or " aadest" ...
Inside all of them is an index.php file
I sent those files to Virustotal, but nothing was found.
I downloaded them and posted them here, if someone can look to see what that is.
!!!I DON'T KNOW IF THEY ARE POSSIBLY INFECTED, SO WORK WITH CAUTION!!!
For additional security, files are locked with a password.

joomla

The page is working normally; there are no problems. I searched them with online tools, but nothing was found

[toivo]

If something or someone has tampered with the website, possibly starting with the web server, the website has been hacked. The best plan of attack is to do a full software audit using an online service, for example Phil Taylor's mySites.guru, where the first audit is free. Phil also fixes hacked sites for a fixed fee.

[komir]

Here are contents of two php files

Code: Select all

 redacted 

Code: Select all

 redacted 

[toivo]

Please post the results from the Forum Post Assistant (FPA) by following the instructions at https://forumpostassistant.github.io/docs/ so that our volunteer Joomla experts can review the configuration.

Do you have a full backup of the website from the time before the website was compromised, including the filesystem and the database schema?

Please note that attaching malicious code to forum topics is agains the forum rules:

Do not post any malicious code, scripts, exploits or URLs to the forum, including hacks, cracks and phishing.

[helpwithjoomla]

I've seen this before. Oddly named directories or files are likely signs of hacking. You may want to engage a company like Sucuri to review and clean your site.