• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 432
  • Last Modified:

win32/agent.jt and .asp files being maliciously amended - help!

Hi guys,

I'm at my wits end with this - I've taken over a server which seems to have an infection on it.
I was called in because the website, written in .asp and with a SQL back-end, had started redirecting users to other sites, such as donepoker.com.

Having checked the site, the amendments had been made to the .asp files, not the database tables.

First thing I did was get Kaspersky on the system, which found 10 viruses and promptly removed them. I then installed Windows Defender, which found the win32/agent.jt trojan and removed it (it came back a day later).

I've also changed the database username/password, changed the site's folder permissions/name, deleted any user accounts that looked remotely dodgy and rebooted.

2 hours later the site was redirecting to corrupt websites again. No infection this time, just altered code in the website folder. I promptly overwrote the bad code with a backup saved in another folder, and the site is back to normal.

So basically, what the hell do I do to keep this system safe? It's using Windows Firewall (I've since asked the data centre to get the system behind their own firewall, something that had been "overlooked" apparantly).

Any ideas/suggestions would be most welcome - I feel like I've been firefighting all day.
2 Solutions
Mohamed OsamaSenior IT ConsultantCommented:
ake a lok at this post please


SQL injection attack that was done en masse a few months back, there is some sort of automated tools runnning around, so it is being abused alright.


Check the following articles which could help you fixing the injection problem:



A Symantec Certified Specialist @ your service

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now