Recent content by PeterCardiff

I know which website has been cracked - We were hosting the Support Ticketing Portal which allowed users to upload files/attched files eg screen-shoot. However, someone uploaded the trojan and then took control of the domain.

Thanks Peter, The subscriber/user didn't have access to SSH , so should I be alright then? I found trojans on tmp files (on root folder and var/tmp), however I cannot disable the exec permissions as I couldn't login to the Plesk webpage. At the moment I removed all files from the main domain...

Why I've got warning msg for following lines? [08:37:00] Checking '/etc/xinetd.d/ftp_psa' for enabled services [ Warning ] [08:37:00] Checking '/etc/xinetd.d/poppassd_psa' for enabled services [ Warning ]

I am sorry Peter I was typing in rush, I am looking for ideas how to fix a hacked server? Are these hidden files are correct? [08:37:14] Checking for hidden files and directories [ Warning ] [08:37:14] Warning: Hidden directory found: /dev/.mdadm [08:37:14] Warning: Hidden directory found...

Also, I do get "Apache memory usage" warnings that the server is taking too much memory over 1.2 GB where normally it was around 600Mb

See all the warning below [08:37:00] Checking '/etc/xinetd.d/ftp_psa' for enabled services [ Warning ] [08:37:00] Checking '/etc/xinetd.d/poppassd_psa' for enabled services [ Warning ] [08:37:02] Checking for enabled xinetd services [ Warning ] [08:37:02] Warning: Found...

Hi, This is my first post so hello to everyone. We've been recently hacked thru the I believed support portal which allowed people to attached the files. Soon after the server was trying to send lots of the spam close to 40k in a 2 days time- most of the where blocked as we got limit set to...