Quote:
Originally Posted by qxm
Just checked one of my old tgps (the only one that still had comus installed)......... yeap.... had to put a 302 htaccess redirect to one of my other sites... every thumb redirect was causing my antivirus to go on full alert...
|
Yes but check your other HTML and PHP files too on that Server, even if they're on other domains. Take a look at the Java Script code that got inserted in your hacked pages, and search your entire Server for files that might contain that piece of string too
i.e.
grep -R "function Sym1" * > list_of_infected_files
Oh, and at first you might wanna try blocking the IP that calls for the script that put's that malicious Java Script code into your files
iptables -A INPUT -s 122.70.145.151 -j DROP