Tried to edit but couldn't do it from my iPhone. The only reference I found was http://webmasters.stackexchange.com/questions/2308/what-is-sfgdataq-that-i-see-a ppended-to-some-requests-to-my-application.
I really hope someone can enlighten us of this extra code since now I see them almost in every source code of the website I open from a machine behind a firewall. Could this be part of windows, fairfox or firewall program?
However as this is all way over the heads of us volunteers I'm afraid you'd probably be better off asking these sorts of questions on a web page designer forum or a browser support one perhaps.
By the way, if this is about SiteAdvisor please let me know and I will move it in the hope someone from that department can help.
It is possible that the inserted js code is something to do with McAfee but it needs one of the higher-level technical experts to confirm this. I only surmise that it might be McAfee-related because of an exchange I found in this thread from a games forum :
It looks to me that this particular issue (at least in the Firefox example cited above) is caused by a network security appliance that either your corporate network (if you're accessing from work) or your ISP is using. I'd urge you to reach out to someone responsible for network technical support to let them know that one of their network appliances is making invalid HTML changes to webpages.
It is also possible, according to what the poster is saying, that a browser add-on might be responsible for the extra js code, or - most likely - that it might have been inserted by your ISP :
It's common for ISP to use tricks like this to minimize website loading time over low-bandwidth connections, like wireless.
Thanks for the reply.
I'm interested in this code, since it was appended to all my js calls whenever I opened my site using my laptop that was working behind a very tight firewall. However, as you mentioned in your answer to other thread, yes, this malware was caused by redirecting to co.cr site. I just wanted to make sure that the cleaning by sucuri.net totally removed the threat.
Thanks for your help.
The site that being blocked by google was cleaned by sucuri.net but it got infected again. Sucuri then found out that I had a WP2.8.6 in one of my folders on the server and the theft had used that old WP as their gateway to put a file, css.js in my root directory. After I had removed the old WP, sucuri removed the js file as well as all the lines contained the call to that js file and my site was declared to be free of malware by almost all the AV companies including McAfee Siteadvisor. However, McAfee Siteadvisor still said that my other infected sites were okay even though these sites contained the css.js as well as the call to this js file in the index files on these infected sites. Sucuri picked out those sites and declared them as infected site until I removed both the css.js file and the call to it.
This was the reason I brought this topic here, since I expected the SiteAdvisor would pick up the css.js and the call to it as malwares.
BTW, Google has unblocked my site www.atanone.net again, after sucuri.net and I requested separately to unblock it.
Should we leave this here or what?
Thanks for the update Aris.
The site that being blocked by google was cleaned by sucuri.net but it got infected again. Sucuri then found out that I had a WP2.8.6 in one of my folders on the server and those thieves had used that old WP as their gateway to put a file, css.js in my root directory.
There was a typo in my answered above and I have corrected it.
Sorry, I don't know where to post and I don't mind if this thread has to be moved.