Jump to content

Malware detected on my site through ESET antivirus JS/Agent.QGW


Go to solution Solved by Marcos,

Recommended Posts

Hi,

My website got infected with a malicious code and i scanned my JS files and eset detected this virus JS/Agent.QGW How do i remove this malicious script from the javascript files. Any help will be greatly appreciated as i dont want to loose my website content.

Link to comment
Share on other sites

Hi,

Thanks for the prompt reply. The website is actually hosted with bluehost and they suspended my account after telling me that my hosting is infected with malware so the website link is down and i dont know how useful it will be to share the url. Anyways the url is https://anayaschool.com/  but it leads to https://anayaschool.com/cgi-sys/suspendedpage.cgi

Link to comment
Share on other sites

  • Administrators

Unfortunately we cannot help as long as the website is not available and we reproduce the detection.

I'm not sure if Sucuri or another website cleaning service is able to help if a website is suspended but you can ask them.

Link to comment
Share on other sites

  • Administrators
1 hour ago, jennysmyth09 said:

I understand. I actually scanned the infected files online on virustotal and it detected the virus so if you want  i can share the file so you can take a look?

Yes, you can share the file with me. If detected, I should be able to pinpoint the malicious code.

Link to comment
Share on other sites

  • Administrators
  • Solution

The malicious JS is appended at the end of each file. Searching for "function C(V,Z)" should help you locate it.

Link to comment
Share on other sites

Thank you for your help. I really appreciate it. Just one last thing if you can guide me. Once i remove this code is there any chance that it can come back in the future. I researched online and saw that many people complained that even though they removed the malicious code it came back after some time. Is there a chance that some hidden code will remain on my site?

Link to comment
Share on other sites

  • Administrators

Cleaning a site assumes that you will also harden it against further exploitation and install the latest version of the software and plug-ins. Otherwise the site may get infected again in the future.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...