I just noticed the same as freestate on my 2
website hostings hosted here on windows.
EVERY directory even those outside the root had a default.asp, cfm, htm, html and php file and an index.asp, cfm, htm, html and php file.
I just finished removing them all.
This is the third time in 3 weeks that those hackers can get away with it, time for eukhost to sort them out or for me to find another host.
This is the first time any of my
website hostings have been hacked in 7 years online.