Question:

My website is hacked with "fgg.js"?

by  |  earlier

0 LIKES UnLike

how to remove this virus and secure my site. my site programing is asp3.0 and access database. please help me

 Tags:

   Report
Answer The Question I've Same Question Too

3 ANSWERS

Sort By: Date  |  Rating

  1. May be this can help you http://www.castlecops.com/p1103868-Malwa...


  2. Malicious Script "fgg.js" first you need to find out how there attacking your site.

    http://www.bloombit.com/Articles/2008/05...


  3. Firstly you can check that this is definitely the case using something like

    http://www.google.com/safebrowsing/diagn...

    (obviously replacing 'yoursite.com' with the URL of the site you want to check)

    If your site is being listed as having the script installed, likelihood is that it got there via and SQL injection or FTP access. Worst case is it got on via your hosts networks, so you might want to have a word with them

    Change your ftp password and if possible use SFTP instead to help prevent re-infection

    I'd also block any attempts at future reinfection using squid.

    # squid.conf

    acl blocked_urls dstdomain "/etc/squid/blocked_urls.squid"

    acl blocked_regex urlpath_regex "/etc/squid/blocked_regex.squid"

    # Block some URLs

    http_access deny blocked_urls

    http_access deny blocked_regex

    # blocked_urls.squid

    .bjxt.ru

    .njep.ru

    .uhwc.ru

    # blocked_regexp.squid

    /fgg\.js

    /ngg\.js

    For more details check here ->http://www.bloombit.com/Articles/2008/05...
You're reading: My website is hacked with "fgg.js"?

Question Stats

Latest activity: earlier.
This question has 3 answers.

BECOME A GUIDE

Share your knowledge and help people by answering questions.
Register Now