My company website (Silver Stripe based) has been infected with a trojan JS:Agent-QD [Trj]. I am now downloading the site to my computer. All of the .js files get quarantined by Avast.
What to do? How to get rid of this?
I'd start with a clean slate - hopefuly you haven't had to "hack the core" (i.e. cms and sapphire). Take the last known good backup (preferably from source control) and start with that. Thing is if someone has written files to your server then all the php could easily be infected too.