has my account been compromised?

[james.lmx76]

Today i checked up on my cpanel file manager, and found some files which MIGHT be of a serious nature. I have had added:
.smileys
.htaccess
.wysiwygPro_preview_eacf331f0ffc35d4b482f1d15a887d3b.php

to my web root, the last obscurely named one is a php file containing:

<?php
if ($_GET['randomId'] != "BG72o2OYrJsHXsGsTMo2p2G16DM1MStCNjhJxRp1QWHAOOAtppA2Vu208GvMCjjp") {
    echo "Access Denied";
    exit();
}


// display the HTML code:
echo stripslashes($_POST['wproPreviewHTML']);


?>

should i delete these file? Do they pose a threat?
i have never had any of these files on my account and they are all supposed to be unix hidden files (.prefix) which is odd because ive never had any hidden files before.
Maybe its just my imagination telling me a hacker has placed bots and smileys on my account as hidden files, maybe thats unlikely because i have barely anything their, besides files i shared with the public :/

 

[descalzo]

1. What is in .htaccess? It is a standard file (access, URL rewriting). It is only bad if someone put something bad in it. Systems often just put a blank one in by default that you can edit.

2. .wysiwygPro_preview... seems to be generated by cPanel's HTML editor. Only worry if you never used the editor. Similarly with the .smileys directory. Generated by the HTML editor.

 

[james.lmx76]

Oh ok, thank you, yes i have used the HTML editor, but dont do it regularly, last time i checked htaccess didnt have any contents.