Hello everyone, i suspect that my server has been compromised and i'm trying to find out what these files are doing exactly. It looks like it is either sending data or being used for spam.
Has anyone seen these before?
frommshead.php
[ Malware redacted ]
[10-Dec-2014 12:07:00 UTC] PHP Warning: mkdir(): File exists in /home/vetcpd/public_html/wpinstall.php on line 156
I am currently taking steps to secure the server more but i am curious what this is and how to stop it next time.