Jump to content

Website blocked by JS/Agent.RJR trojan


Go to solution Solved by Marcos,

Recommended Posts

Hi all,

I am having some issue accessing a website that we've been able to access normally recently. ESET pops up stating the JS/Agent.RJR Trojan, I am just not sure if its ESET being too precautious of if they've actually been targeted with a trojan. Is there a way someone could confirm? 

Enviroelectronics.co.uk

Thanks,

Sam

Link to comment
Share on other sites

Hi Marcos,

Thank you for your reply and input on this! I will try to reach out to them by phone to see if they're aware.

Thanks,

Sam

Link to comment
Share on other sites

Hi,

there is another site https://www.scientex.com.my which is alerted as infected by this trojan.

But it is interesting the virustotal marked this URL as Clean, include ESET engine!

I tried to check the site with Bitdefender and again, there is no alert.

Is it known what way the trojan behaves and what is the risk?

Link to comment
Share on other sites

  • Administrators
6 minutes ago, peters said:

But it is interesting the virustotal marked this URL as Clean, include ESET engine!

That's because you have checked the website against url blacklists. The website is not blacklisted but it's a JS malware which is detected there:

https://www.virustotal.com/gui/file/e183ce0a1286b64a15d02cd018674b35078f626fadca1028df2a3e9c32eb2628?nocache=1

image.png

Link to comment
Share on other sites

Am I able to send such a particular file to virustotal myself with ESET installed (site blocked)?

Link to comment
Share on other sites

5 hours ago, peters said:

Am I able to send such a particular file to virustotal myself with ESET installed (site blocked)?

It's magento malware. Most likely will not manifest until web site purchase check-out activities. Sucuri will show the code signature it's detecting: https://sitecheck.sucuri.net/results/www.scientex.com.my .

Link to comment
Share on other sites

15 hours ago, itman said:

It's magento malware. Most likely will not manifest until web site purchase check-out activities. Sucuri will show the code signature it's detecting: https://sitecheck.sucuri.net/results/www.scientex.com.my .

Thank you for your info and the link - it seems very useful.

Link to comment
Share on other sites

  • 2 weeks later...

Hi , i am getting JS/Agent.RJS trojan error on my website whenever i open it. https://homesserviceprovider.com/ Here's the URL. I have site lock implemented on my domain and it says there does not  exist ant malicious file .

Link to comment
Share on other sites

  • Administrators
56 minutes ago, zaeema kayani said:

Hi , i am getting JS/Agent.RJS trojan error on my website whenever i open it. https://homesserviceprovider.com/ Here's the URL. I have site lock implemented on my domain and it says there does not  exist ant malicious file .

The website is indeed infected:

https://sitecheck.sucuri.net/results/homesserviceprovider.com

Link to comment
Share on other sites

  • Administrators

If you are unable to remove the malware from your website yourself and harden it against further exploitation, you can contact Sucuri or another website cleaning and monitoring service.

Link to comment
Share on other sites

I have already hired one but they are still not able to do that. 
can u help me clean it? I am a developer myself can u give me hints for it  

any specific file I show see

 

Edited by zaeema kayani
Link to comment
Share on other sites

  • Administrators

We do not provide website cleaning and monitoring services. Sucuri is a professional company that provides such services for fee.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...