Thanks for the previous information, I had the same issue as the website was running still Joomla 2.5.24 (!).
In my case the infected files were:
What I did to solve was:
1. Updating Joomla and PHP version
2. Because index.php changes from one version of Joomla to the other, the hack - which was constantly reverting index.php back to one with injected php code, cause the site to malfunction - with a 500 server error. If I replaced index.php with the default one for the fresh version of Joomla, it worked - but few minutes later the original faulty index.php - containing a part about logo_s.png, came back.
3. Deleting those .png files was not enough - they came back. What worked was setting read only permissions to system/media/images after having deleted them, and read only permissions for .htaccess and index.php.
I hope this works for you too!