The MSSQL WebAdmin ASP.NET ENT Manager In Plesk Show Virus

Some times, some of our end clients do face problem regarding the Plesk control panel hosting who has MSSQL WebSQL. The most common problem is “The plesk control panel shows VIRUS”. Within shared web hosting or on dedicated server web hosting package, the clients who are using the MSSQL webadmin, it’s a problem related to the ASP .NET Enterprise Manager. This is has a virus / trojan on it.

When the first complaint arrived to our technical team, our technical team started working to sort out the issue as soon as possible. However, it seems that there could be some issue with the modules of the server or might be a problem related to MSSQL webadmin. The ASP .NET Enterprise Manager has got an injection in it. But after receiving few more issues with in the clients we started investigating it completely in to hard core level. Because many of us needed that issue to be resolved as soon as possible. Now we have a complete solution for such kind of issues. The problem can be sorted in few minutes, and now we know that this happens on a global platform.

After viewing MSSQL Webadmin ASP .NET Enterprise Manager on Plesk server it looked as the picture below:

MSSQL web admin shows there is trojan virus, MSSQL WebAdmin ASP.NET ENT Manager in Plesk shows Virus

Our tech admins understood the issue and they had a complete checklist for ASP.NET ENT, Plesk, for sorting out the entire issue as well. After the complete investigation they too understood that the issue was not with the mssql.domain_name link but only the the pop window of virus alert, happened after clicking on ASP .NET Enterprise Manager, usually they refer to some other website at that moment of time but the user to don’t have any kind of issue with the server. That was an high relief that the problem which occurred was not with the Web Hosting UK server, however for more security reasons we thought that, we still have a security problem if the link has been injected into ASP .NET Manager site in IIS, may be due to some other security issue with the Plesk control panel. If we think after checking few servers we came to know that the problem has happened to the web site that is recommended on MSSQL Webadmin site and nor the server.

If you want to remove this link from your server as well as from the MSSQL WebAdmin site then follow the steps below:

1. The Most important thing is to Login into your webserver, the user can login into his server via RDP as the Administrator Privlage.
2. Then hes has to go to D:\inetpub\vhosts\sqladmin\mssql\app
3. After locating the file open the navbar.aspx page in notepad
4. After opening the file you have to find the below mentioned code and you have to remove the code to solve the problem.

<!– Begin ReferralPlanet.com Referral Script –>
<a onclick=”refWindow=window.open(‘http:// www.referralplanet.com/referral/windows/referralwindow.asp?id=18‘,’referralWindow’ ,’width=350,height=520,scrollbars=yes,menubar=no,resizable=yes’); refWindow.focus(); return false;” target=_blank href=”http:// www.referralplanet.com/referral/windows/referralWindow.asp?id=17“>
<IMG alt=”Click Here To Tell A Friend” src=”images/tellafriend.gif” border=0></A>
<!– Begin ReferralPlanet.com Referral Script –>

As you see the file is huge enough so to search the above code and it can get bit difficult. Here is a small trick to find this. You just have go directly to the line number 119 and you will find the stuff.

5. As soon as you remove the above code make a note that you won’t leave before saving the file.
6 As the file gets saved you can exit. Next time you won’t get the error message.