mahdy772 0 Posted July 3, 2023 Share Posted July 3, 2023 @Marcos hi i read all the old topic that is about JS/Agent.PIV But i could not solve my problem. i got JS/Agent.PIV Error from ESET. i clean all the suspicious Js from my Site, But still ESET show me the JS/Agent.PIV Error. Here is Sucuri Report and quttera Report that show, my website is clean from malware and... . How do I know which files on my website still have problems? quttera Report: https://quttera.com/detailed_report/aradahan.com Sucuri Report:https://sitecheck.sucuri.net/results/aradahan.com Link to comment Share on other sites More sharing options...
Administrators Marcos 5,088 Posted July 3, 2023 Administrators Share Posted July 3, 2023 I'm not getting any Js/Agent.PIV trojan detection on your website. Is it still detected when browsing the site? Link to comment Share on other sites More sharing options...
mahdy772 0 Posted July 3, 2023 Author Share Posted July 3, 2023 yes Marcos still ESET show my JS/Agent.PIV Error. i do not what should i do? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,088 Posted July 3, 2023 Administrators Share Posted July 3, 2023 Please provide logs collected with ESET Log Collector then. Link to comment Share on other sites More sharing options...
mahdy772 0 Posted July 3, 2023 Author Share Posted July 3, 2023 should i sent it here ?? or give a personal way to send you? Link to comment Share on other sites More sharing options...
LesRMed 23 Posted July 3, 2023 Share Posted July 3, 2023 You can post the logs here. Attachments are only viewable by ESET staff. Link to comment Share on other sites More sharing options...
mahdy772 0 Posted July 10, 2023 Author Share Posted July 10, 2023 @Marcos hi marcos Unfortunately, I did not reach an agreement with my company to be able to send you the logs. I'm sorry about that. i want to notice that, does your personal ESET or other systems show JS/Agent.PIV trigger when open aradahan.com ??? i got confused and do not know how to solve this problem in my website!! Couldn't it be an False positives ? Because all the infected js were cleaned by the hosting and the scans don't show anything. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,088 Posted July 10, 2023 Administrators Share Posted July 10, 2023 The detection is correct. Searching for "function (I, h)" might help you locate the malicious JS. Link to comment Share on other sites More sharing options...
mahdy772 0 Posted July 10, 2023 Author Share Posted July 10, 2023 Thanks for your reply Marcos I searched the whole site carefully but I didn't find any file or line of code with "function (I, h)". Can you guide me more, where should I look? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,088 Posted July 10, 2023 Administrators Share Posted July 10, 2023 10 minutes ago, mahdy772 said: Can you guide me more, where should I look? Unfortunately not. The code may be obfuscated, runtime injected, stored in CMS database instead of a file, etc. Link to comment Share on other sites More sharing options...
Recommended Posts