since a few days I'm experiencing a problem on some sites that are all on the same webserver, actually credential and settings of the paypal module are changed wihtout any reason. I tried everything, I installed av and antimalware on the server, I updated magento from 1.7 to 1.9 but nothing changed.
It's possible that your website or server has been compromised by a hacker who has changed your PayPal module credentials and settings. Here are some steps you can take to address this issue:
Change your passwords: Change the passwords for your website's CMS, hosting control panel, FTP, and any other administrative accounts you have. Ensure that you use strong, unique passwords for each account.
Scan for malware: Run a malware scan on your website and server to identify any malicious files or code. Remove any malware that is detected.
Check server logs: Check the server logs to see if there are any suspicious IP addresses or activity that could indicate a security breach.
Update software: Make sure that all software on your website and server is up to date, including your CMS, extensions, and server software.
Contact PayPal support: Inform PayPal about the unauthorized changes to your account and ask for their assistance in securing your account.
Consult a security expert: If you're not able to resolve the issue on your own, it may be worth consulting with a security expert who can help you identify and fix any security vulnerabilities on your website and server.