Hi TheRudy Thanks for all the advise and I have done all that we spoke about. I have reinstalled on a clean server, I have removed all mambo and installed joomla the latest stable version I've also dissabled "allow url fopen" just wanted to know if you could tell from my logs if the attack were successfull or not. To me they dont look successfull, I can also see by the activity on my router that everything looks better atleast.
