Solved

weird asp files on my root folder

Posted on 2013-12-12
4
356 Views
Last Modified: 2013-12-16
Greetings all,
my google ranking dropped tremindously latekym when i contacted my host (west host) they expected i was hacked.
i noticed the following files on my root folder.
dbhot.asp
global.asa
hccs.asp
koh.asp
aspadmin_A.asp

that have alot of weird code , and i am sure i did not put them there.

can anyone investigate if these are bad code, or legit codes. ?
check attached global.asa (renamed to .txt) so i can upload it

Thank you
global.txt
0
Comment
Question by:Da_Ch0sen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 300 total points
ID: 39714868
You have probably been hacked.  The "global.asa" you posted does a redirect if it detects that the request "HTTP_REFERER" was from Baidu.com which is the Chinese search engine like Google.
0
 
LVL 33

Assisted Solution

by:Big Monty
Big Monty earned 200 total points
ID: 39714962
besides doing a redirect, it looks like it's also calling a web service and fetching content to be displayed on the screen, most likely malware.

I would delete these files and then do a thorough security check of your site. Look for other files don't belong, as well as any openings that hackers may enter to do sql injection
0
 
LVL 1

Author Comment

by:Da_Ch0sen
ID: 39719084
how can i run a malware scan ?
shouldnt my host do that ? or me ?


thanks
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39719140
Good question.  You should definitely tell your host about this and see what they will do.  You can't do scan on the hosting computer.  I don't know of any AV at the moment that would be able to scan those files anyway.  They will pick up some javascript in your browser that is malware but I don't know that they would recognize anything in ASP files that was bad.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
laptop estate analysis 5 86
.php tree directory? 5 89
HP Pavillion Power Issue 5 36
Unexpected End of File 11 58
SASS allows you to treat your CSS code in a more OOP way. Let's have a look on how you can structure your code in order for it to be easily maintained and reused.
Before we dive into the marketing strategies involved with creating an effective homepage, it’s crucial that EE members know what a homepage is. In essence, a homepage is the introductory, or default page, of a website that typically highlights the …
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question