Today I received an email from Lunarpages that my site was guilty of "Windows shared account high usage and Malware found". They cited 3 files in my httpdocs folder ("Win.Trojan.Parite-8 FOUND") that don't have 8-bit ASCII file names and one asp file ("Win.Trojan.Ace-14 FOUND"). I Googled those virus/malware names and couldn't find anything.
When I went to Plesk and looked at the File Manager, I found a few interesting things. First, those three files were in my httpdocs folder, as well as many folders that I had not created that were dated March 7, 2016. Looking around further, I could tell that my site was hacked, and, one file indicated that it was hacked and/or "reported" by "chinafans".
Looking back at some emails, I recognized that the March 7 to 9, 2016 timeframe was when my account was transferred by Lunarpages to a new server. Admittedly I have not really looked at my folders since the transfer, other than at the time to identify a FTP issue and just recently to identify an issue with enabling "directory listing", so, I cannot say how long those folders/files have been there.
So, my concern is that my site was compromised at the time that my site was transferred to the new server. Searching the Lunarpages forums I cannot find any posts related to this matter. Has anybody else seen this issue? Have you looked closely at your httpdocs folder recently to verify if this has happened to your site?