General advice if you found yourself in a situation like this:
Update your Q2A, your plugins, and themes to latest version. it might also be a good idea to remove all older files(except config.php and uploaded image and other static files) and upload latest version of each, since there might be extra infected files on your site which won't be over-written. also check config.php itself for codes which is not a part of source.
as an extra measure change your admin passwords, both for Q2A and Hosting panel.