1-First thing you Must do . is Make sure you check your Computer from any Viresus, Spyware, adware
use AVira , AVG, Malwarebytes..
i prefer Avira to check my files for viruses and Malwarbytes to check for adware.
when all clean .
2- Change Passwords to your Site account, ftp, emails..
3- when done .. Log in to your ftp , clean every thing, Because you might have the virus Layin somewhere in the files .
4- Upload fresh Files of xoops.
5-Make sure No Folder Chmod 777 but folders inside Xoops_data and config folder inside xoops_lib
Make sure your mainfile.php chmod to 444
6-Make sure the Modules and third party Programs u use are up to date and no known bugs been reported.
7- Change your admin password at your XOOPS site.
8- The last thing is make sure if you have enabled uploading to your site to disable it as it could be the Hole to where u got hacked..