URGENT:my server hacked by a hacker! plz help me

[4402734]

Hello,
Some one hacked my server and inserted a file in one of the hosts . this file called "fantic.php" that hacker can view entire hosts`s files and can edit writable files on server and can view files`s contents...
i tried to enable "open_basedir protection" and this action, disabled the "fantic.php" file operation on other hosts, but i saw this hacker activate on my server again, when i traced , i saw that she/he is using http://serversharedip/~hostuser/ link to public access "fantic.php" file and at this way, open_basedir dosn`t work and so this hacker can have access to other hosts.
i tried to enable "mod_userdir Protection" , and anything was ok, but after restarting apache, automatrically "mod_userdir Protection" disabled and didn`t work. i tried to enable it again, but , it didn`t enable ....
now i don`t know what to do, please, help me!

I do apologize because of my bad english

Thanks
Abolfazl

[AndyReed]

Some one hacked my server and inserted a file in one of the hosts . this file called "fantic.php" that hacker can view entire hosts`s files and can edit writable files on server and can view files`s contents...

The first thing you need to do is cleaning up your server. Remove all the scripts the hacker downloaded and installed on your server. Second, secure your server. Search these forums as there are many threads discussing server security. If you don't know, hire a sys admin to take care of this problem for you.

[jsnape]

Looks like that one is a renamed php shell script, and is uploaded to a few abandoned photo galleries.