Hello.
I'm running a windows server 2008 R2, i installed WAMP on it one day later my server gets hacked. He created a new account on my VDS.
I logged into his account and found a index.php file and i think that's the expliot.
This is what he had opened when i logged into the account he created on my Virtual machine.