Debug website threat detection

[Guest Fires]

Hello, my website has been detectet as site what include JS/Spy.Banker.IV trojan. We got problem with this in past but the website should be clean now. But the eset still detect it as threat. Is any possibility to get some debug log or extra verbose debug message what exact part of webpage is detected ? The error is just in the checkout page so I am not able to check it with free tools because it is require registration to access the checkout page. Thanks

[Marcos 5,259]

If the threat continues to be detected, it must still be there. Please provide the website url in an obfuscated form.

[Guest Fires]

https://emotors.cz/cs/objednavka  -    but this page require to have some product in cart. If you dont you are redirected to cart.

[Marcos 5,259]

The detection is correct. Searching for "var _0x5aa5=" will help you locate the malicious JS.

[Guest Fires]

I searched whole sourcodes, also searched the all loaded resources at that page for "var_***" and nothing found  I am totaly lost. 

[Marcos 5,259]

It could be injected into clean checkout pages at runtime.

Do you use the latest version of Prestashop? Asking because of this vulnerability:

https://build.prestashop-project.org/news/2022/major-security-vulnerability-on-prestashop-websites/

https://www.prestashop.sk/blog/clanok/zavazna-bezpecnostna-chyba-prestashopu-1.7-a-1.6

[Guest Fires]

Ok. For some reason the clean install of chrome automaticali remove the malicious script from the website without notification. If I try debug it in the firefox I was able to remove it completly from website. Thanks for the help anyway.

[Marcos 5,259]

The site is still infected. Reinstalling a browser cannot make any difference since the infection is on the web server and not on the client.