Solved

weird asp files on my root folder

Posted on 2013-12-12
4
350 Views
Last Modified: 2013-12-16
Greetings all,
my google ranking dropped tremindously latekym when i contacted my host (west host) they expected i was hacked.
i noticed the following files on my root folder.
dbhot.asp
global.asa
hccs.asp
koh.asp
aspadmin_A.asp

that have alot of weird code , and i am sure i did not put them there.

can anyone investigate if these are bad code, or legit codes. ?
check attached global.asa (renamed to .txt) so i can upload it

Thank you
global.txt
0
Comment
Question by:Da_Ch0sen
  • 2
4 Comments
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 300 total points
ID: 39714868
You have probably been hacked.  The "global.asa" you posted does a redirect if it detects that the request "HTTP_REFERER" was from Baidu.com which is the Chinese search engine like Google.
0
 
LVL 33

Assisted Solution

by:Big Monty
Big Monty earned 200 total points
ID: 39714962
besides doing a redirect, it looks like it's also calling a web service and fetching content to be displayed on the screen, most likely malware.

I would delete these files and then do a thorough security check of your site. Look for other files don't belong, as well as any openings that hackers may enter to do sql injection
0
 
LVL 1

Author Comment

by:Da_Ch0sen
ID: 39719084
how can i run a malware scan ?
shouldnt my host do that ? or me ?


thanks
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39719140
Good question.  You should definitely tell your host about this and see what they will do.  You can't do scan on the hosting computer.  I don't know of any AV at the moment that would be able to scan those files anyway.  They will pick up some javascript in your browser that is malware but I don't know that they would recognize anything in ASP files that was bad.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article covers the basics of the Sass, which is a CSS extension language. You will learn about variables, mixins, and nesting.
In this article you will learn how to create a free basic website on Bitbucket, a git service provider. Polymer creates dynamic HTML components, which allow more flexibility than static HTML. This tutorial uses Ubuntu Linux but can also be done on W…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question