First of all you should disable the following files. Or your DC will suspend your server.
This dvmessages.php seems to be infected and its a part of Joomla plugin. Check the access log for the ip's that accessed the php file and block it. Would be better to suspend the account and reactivate only after updating the Joomla/plugin. Update DC that you have disabled the files, blocked ip's and disabled the website and will enable it only after updating the outdated plugins.
You may check similar files like dvmessages.php using the following command.
Check the output and review the files to see if any is infected.
If you are not sure about this, I would recommend you to hire an administrator who know about this.
For executing the script, just create a file named scan.sh and copy paste the script contents.
Provide execute permission using the following.
Run it using
Make sure to add the particular pattern you found in dvmessages.php so the script will scan that pattern as well.