Thx chilifrei64 for your reply.. I can tell you this matey. I moved my site to MSFN hosting 10 days ago, and before that my site was hosted on emaxhosting. The attack happened before I moved to MSFN hosting..To be honest I haven't noticed that my site was hacked 'cause nothing was different except that page was loading bti more slowly than before, probably because of parsing all of the links and txt which was added to my index.php files.. Now to reply at your questions: 1) make sure you update to the latest version of Joomla (1.0.11) obviously. 1.0.11 did have security holes I had the latest version of Joomla instaled (1.0.11) 2) gigCalendar did have a major security hole and so did JoomlaXplorer so update to the latest of those. I don't have this module installed.. 3) make sure you update all the rest of your extensions because that is gonna be the first thing the joomla programmers are going to blame it on. Updated.. 4) php register_globals is a major security hole and most hosting providers still have it enabled as it is the default setting for php 4.x. Joomla has known vulnerabilities with php register_globals and have no plans to fix it. Ask your host if it is possible to become current by either upgrading to php5 or turning php register_globals off. This was the main problem I had. After updating to version 1.0.11, after every login to admin console of Joomla I got a message that I should turn register_globals to off. I contacted emaxhosting and ask them kindly to help. They replied that they won't turn register_globals to OFF. So, for about a month or so my site was running with register_globals set to ON...I moved to MSFN hosting and had a warm surprise by knowing that register_globals are set to OFF.. So now, I did everything I can to protect myself although I'm aware that there are a lot of smart people and hackers who still can crack my site.. I can only hope that I won't be a target.. 5) make sure you change all your passwords for administrative access to your joomla site. Passwords are stored as md5 and can be reversed to get your password. Yup, I've changed all of my administrative passwords and those passwords contain more than 10 chars now.. Since you're a Joomla user too, please add me to MSN, so we can help each other and share some information regarding Joomla... Thx