In my case, I don’t know how the infection began, but it is possible that it was to a poor admin password. When you install Joomla for the first time, it asks for an administrator username and pass, and lot of people just type admin in both cases. Any simple script that uses brute force methods to enter the administrator can try using that easy passwords and enter really easily.
So these are my suggestions...
1- Never user easy to guess passwords, even in testing sites, or provisory installations;
2- If you ever need to see the changes on a site but your ISP (company used to login to Internet) has a cache so your ISP cache is not cleaned, you can always surf anonymously using tools like... anonymouse.org so you can see how the rest of the world is seeing your site;
3- if you want to check if there are other files infected on your server, and you have root access, you can use PUTTY and enter via SSH to your server (Linux) and type this line...
find /home -type f -iname "*.php" -print0 | xargs -0 egrep 'gzuncompress\(base64_decode'
This will check on every file to see if the hacked code is still there.
If you need anything else you are always free to post questions here or contacting me...
