Fix Hacked Joomla Website
Although Joomla can be a convenient platform to develop websites, it can be a rats nest to fix after code had been injected into your website. For this reason, it is often easiest to start over, rather than chasing after the files which are doing the damage.
In a nutshell, the procedure to fix a hacked Joomla website is shown below.
1) Back up all files and database.
2) Install a fresh Joomla package.
3) Use the original or create a new database.
4) Dump the data from the old database to the new database.
5) FTP the old template folders into the new installation. Before doing so, it is a good idea to check over all of the code and look for strange files or code blocks.
6) Reinstall the extensions you need.
The excessive file system which is used by Joomla and other content management systems is one reason why it can be better to hand code applications and websites.
If you have a high performance website that uses limited files, it is much easier to track down malicious code. With Joomla, it can be rather easy to disguise blocks of code and backdoor scripts; especially if the website owner is uncertain about secure coding practices.