Malware Scanner report for cend.uem.mz

Malicious/Suspicious/Total urls checked: 6/0/15

6 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://www.cend.uem.mz/	200 OK Content-Length: 49580 Content-Type: text/html	clean
http://www.cend.uem.mz/templates/ja_xenia/scripts/ja.script.js	200 OK Content-Length: 4219 Content-Type: application/javascript	clean
http://www.google-analytics.com/urchin.js	200 OK Content-Length: 22678 Content-Type: text/javascript	clean
http://www.cend.uem.mz/index.php	200 OK Content-Length: 49589 Content-Type: text/html	clean
http://www.cend.uem.mz/index.php?option=com_content&task=view&id=69&Itemid=1	200 OK Content-Length: 53912 Content-Type: text/html	clean
http://www.cend.uem.mz/index2.php?option=com_content&task=view&id=69&pop=1&page=0&Itemid=1	200 OK Content-Length: 53103 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- document.write('<div align="center" style="margin-top: 30px; margin-bottom: 30px;">'); document.write('<a href="#" onclick="javascript:window.close();"><span class="small">Fechar janela</span></a>'); document.write('</div>'); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J
http://www.cend.uem.mz/test404page.js	404 Not Found Content-Length: 23 Content-Type: text/html	clean
http://www.cend.uem.mz/index2.php?option=com_content&task=emailform&id=69&itemid=1	200 OK Content-Length: 11500 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function submitbutton() { var form = document.frontendForm; if (form.email.value == "" \|\| form.youremail.value == "") { alert( 'É necessário introduzir um e-mail válido para o remetente e para o destinatário.' ); return false; } return true; } Antivirus reports: Avast HTML:Iframe-inf MicroWorld-eScan Trojan.JS.Iframe.DEB F-Secure Trojan.JS.Iframe.DEB GData Trojan.JS.Iframe.DEB ESET-NOD32 HTML/Iframe.B.Gen BitDefender Trojan.JS.Iframe.DEB
http://www.cend.uem.mz/index.php?option=com_content&task=view&id=68&Itemid=1	200 OK Content-Length: 51709 Content-Type: text/html	clean
http://www.cend.uem.mz/index2.php?option=com_content&task=view&id=68&pop=1&page=0&Itemid=1	200 OK Content-Length: 50671 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- document.write('<div align="center" style="margin-top: 30px; margin-bottom: 30px;">'); document.write('<a href="#" onclick="javascript:window.close();"><span class="small">Fechar janela</span></a>'); document.write('</div>'); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J
http://www.cend.uem.mz/index2.php?option=com_content&task=emailform&id=68&itemid=1	200 OK Content-Length: 11487 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function submitbutton() { var form = document.frontendForm; if (form.email.value == "" \|\| form.youremail.value == "") { alert( 'É necessário introduzir um e-mail válido para o remetente e para o destinatário.' ); return false; } return true; } Antivirus reports: Avast HTML:Iframe-inf MicroWorld-eScan Trojan.JS.Iframe.DEB F-Secure Trojan.JS.Iframe.DEB GData Trojan.JS.Iframe.DEB ESET-NOD32 HTML/Iframe.B.Gen BitDefender Trojan.JS.Iframe.DEB
http://www.cend.uem.mz/index.php?option=com_content&task=view&id=67&Itemid=1	200 OK Content-Length: 97269 Content-Type: text/html	clean
http://www.cend.uem.mz/index2.php?option=com_content&task=view&id=67&pop=1&page=0&Itemid=1	200 OK Content-Length: 96231 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- document.write('<div align="center" style="margin-top: 30px; margin-bottom: 30px;">'); document.write('<a href="#" onclick="javascript:window.close();"><span class="small">Fechar janela</span></a>'); document.write('</div>'); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J
http://www.cend.uem.mz/index2.php?option=com_content&task=emailform&id=67&itemid=1	200 OK Content-Length: 11507 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function submitbutton() { var form = document.frontendForm; if (form.email.value == "" \|\| form.youremail.value == "") { alert( 'É necessário introduzir um e-mail válido para o remetente e para o destinatário.' ); return false; } return true; } Antivirus reports: Avast HTML:Iframe-inf MicroWorld-eScan Trojan.JS.Iframe.DEB F-Secure Trojan.JS.Iframe.DEB GData Trojan.JS.Iframe.DEB ESET-NOD32 HTML/Iframe.B.Gen BitDefender Trojan.JS.Iframe.DEB
http://www.cend.uem.mz/index.php?option=com_content&task=view&id=66&Itemid=1	200 OK Content-Length: 14260 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: cend.uem.mz

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: cend.uem.mz
Referer: http://www.google.com/search?q=cend.uem.mz

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=cend.uem.mz

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://cend.uem.mz/

Result: cend.uem.mz is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for cend.uem.mz

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools