site hacked and new super user - Joomla! Forum - community, help and support

my website hacked since summer (i assume) antiviruses started block website in mid november. thoroughly cleaned checksum , file compare in beginning of december. monitoring website suspicious activity during december. fine, few days ago noticed same before malicious post activity malicious uploaded hashed php scripts, added in december (based on ftp date-stamp), have complete copies of website late december , there no such files @ time.
i had no choice , added following code htaccess:

code: select all

<files *.php>
    order deny,allow
    deny all
    allow 127.0.0.1
</files>

<files index.php>
    order allow,deny
    allow all
</files>

also noticed newly added superuser.

joomlas.jpg

joomlas2.jpg

file , folder permissions fine, set 444.

what version of joomla using?