Well there was only a couple of us there so we had a mainly informal chat about things.
For analysis on what happened I think Anthony Ferrara does an excellent breakdown.
To check your system there are a couple of tools available:
There is quite a nice post on stack exchange on what to look for:
On a server wide level you could look at rkhunter and lynis.
However, the best advice seems to be that if your site has been compromised then your best bet is to just restore from backup from before the 15th of October. If your server has been compromised then you are best off killing it off and rebuilding it. Backdoors can be difficult to spot.