Probably good places to start looking would be to take a look at the apache/httpd logs for any abnormal error messages. Also look through the general system logs for anything suspicious. You should definitely download and run rootkit hunter and chkrootkit on the system, as there are a bunch of things listening as services that shouldn't be (like init for example), which makes a rootkit likely. If that's the case, then you may need to use a cd-based distro like knoppix-std or FIRE to do any further analysis.
You may have some luck looking those processes up by their process ID number in /proc/
