[email protected] hack cleanup

  • Answered
I've been using file manager in my C-Panel to go through and clean out the index files that were put in by the Tiger [email protected] hack. I understand that this was a deface hack but I have 2 questions/issues,

1.) When I access the index page in my browser My AVG pops up with a warning of a JS/Downloader threat. Anyone else getting this.

2.) I noticed in my includes folder a folder for KCAPTCHA which looks like something from a .RU site and has the same create date as the Tiger hack pages.. Is this what was making my guestbook entries and my contact page entries with all that jibberish?

note: I had to remove my guestbook because of this.
Hello TomMiller, I reviewed your site and files, and I cannot duplicate the issue that you're indicating. Make sure you clear your browser cache - it's possible that the information is stuck. In regards to the KCAPTCHA thing, you can re-add the guestbook, though I would recommend something else that uses CAPTCHA or RE-CAPTCHA because they provide security for people making entries in the guest book. It is possible that you were hacked more than once, so I would highly recommend cycling passwords and re-publishing the Builder site. That should bring you a clean site. Here's more information on Captcha: Using Captcha If you have any further questions, please contact technical support or leave a comment at the bottom of the page. Regards, Arnel C.