Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

site infected with JS:Agent-QD


Go to End


3 Posts   1216 Views

Avatar
baryton

Community Member, 2 Posts

19 April 2012 at 8:03pm

Hello,

My company website (Silver Stripe based) has been infected with a trojan JS:Agent-QD [Trj]. I am now downloading the site to my computer. All of the .js files get quarantined by Avast.
What to do? How to get rid of this?

would be greatful for any help. Many Thanks,

Baryton

Avatar
swaiba

Forum Moderator, 1899 Posts

19 April 2012 at 8:42pm

I'd start with a clean slate - hopefuly you haven't had to "hack the core" (i.e. cms and sapphire). Take the last known good backup (preferably from source control) and start with that. Thing is if someone has written files to your server then all the php could easily be infected too.

Avatar
baryton

Community Member, 2 Posts

19 April 2012 at 9:11pm

Thanks swaiba.
I am looking all over for some info on this trojan, no results. I am always happy to manually remove the 'spies', but there are no clues on the web... :(