Check your FTP all folders for malicious files and check your themes/templates/header.php. Other folders to check are administration/backups and forum/attachments but check all folders anyway and if possible get a scan done by your host.
Disable all infusions and panels and check all your infusions folders for malicious files. What infusions and panels do you use?
Change All Your Passwords for your site and ftp and sql and whatever else.
It is not necessary your PHP-Fusion that was hacked/exploited it could be server side or locally. Get your host to check things for you as well.
If you know when roughly the time was when your site got hacked you can look in your site access logs for around the time the site was hacked and you might be able to see who and how it was hacked. Ask your host about your site access logs if you do not know about them.
Please click the button I Consent Cookies to hide this bar and accept our cookies. If you continue to use the site with no action taken, we'll assume that you consent our cookies anyway.