Serhii Dolhopolov 0 Posted February 22 Share Posted February 22 Hello, our site https://wenter.pl/ is blocked by ESET with js/agent.PHC error. How could we approach this? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted February 22 Administrators Share Posted February 22 The detection is correct, however, I was unable to reproduce it. Link to comment Share on other sites More sharing options...
Serhii Dolhopolov 0 Posted February 22 Author Share Posted February 22 after instalation the clear new wordpress, problem the same Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted February 22 Administrators Share Posted February 22 Please provide logs collected with ESET Log Collector. Link to comment Share on other sites More sharing options...
Serhii Dolhopolov 0 Posted February 22 Author Share Posted February 22 i found malicious code in plugin js file and remove it Link to comment Share on other sites More sharing options...
Serhii Dolhopolov 0 Posted February 22 Author Share Posted February 22 ees_logs.zip Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted February 22 Administrators Share Posted February 22 9 minutes ago, Serhii Dolhopolov said: i found malicious code in plugin js file and remove it I gather then that the issue has been resolved and you are no longer getting threat detection alerts after removing the malicious JS code. Link to comment Share on other sites More sharing options...
Serhii Dolhopolov 0 Posted February 22 Author Share Posted February 22 website still blocked, but messages gone Link to comment Share on other sites More sharing options...
Serhii Dolhopolov 0 Posted February 22 Author Share Posted February 22 12 minutes ago, Serhii Dolhopolov said: i found malicious code in plugin js file and remove it i also uninstall this plugin Link to comment Share on other sites More sharing options...
itman 1,746 Posted February 22 Share Posted February 22 (edited) 2 hours ago, Marcos said: I gather then that the issue has been resolved and you are no longer getting threat detection alerts after removing the malicious JS code. The domain is still blacklisted by Eset; Time;URL;Status;Detection;Application;User;IP address;Hash 2/22/2024 9:37:44 AM;https://wenter.pl;Blocked;Internal blacklist;C:\Program Files\Mozilla Firefox\firefox.exe;xxxxxxxx;195.78.67.36;48025B59ABE1DACBB8D4B5E3269302C6DC3B92E0 Edited February 22 by itman Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,257 Posted February 22 Administrators Solution Share Posted February 22 Now it's been removed from blacklist. Should there be still malware somewhere, it will be detected but I didn't encounter any while browsing the website. Link to comment Share on other sites More sharing options...
Serhii Dolhopolov 0 Posted February 23 Author Share Posted February 23 ok, thanx while scanning for malware on our hosting, was detected some maliscious files. All of them was deleted or healed Link to comment Share on other sites More sharing options...
Recommended Posts