New scan:

Malware Scanner report for human.tru.ac.th

Malicious/Suspicious/Total urls checked
1/0/17
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://human.tru.ac.th/
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 20:53:21 GMT
Accept-Ranges: bytes
ETag: "395063d-524-8a8eff80"
Server: Apache/2.2.3 (CentOS)
Content-Length: 1316
Content-Type: text/html; charset=UTF-8
Last-Modified: Wed, 04 Dec 2013 02:55:10 GMT
clean
http://human.tru.ac.th/2013
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 03 Oct 2014 20:53:22 GMT
Location: http://human.tru.ac.th/2013/
Server: Apache/2.2.3 (CentOS)
Content-Length: 316
Content-Type: text/html; charset=iso-8859-1
clean
http://human.tru.ac.th/2013/
200 OK
Content-Length: 100561
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var start = new Date();
var startsec = start.getTime();
var num = 0;
for( var i = 0; i < 250000; i++ )
{
num++;
}
var stop = new Date();
var stopsec = stop.getTime();
var loadtime = ( stopsec - startsec ) / 1000;
function checkAll(field)
{
for(i = 0; i < field.elements.length; i++)
field[i].checked = true ;
}
function uncheckAll(field)
{
for(i = 0; i < field.elements.length; i++)
field[i].
... 1721 bytes are skipped ...
layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
function MM_displayStatusMsg(msgStr) { status=msgStr;
document.MM_returnValue = true;
}

Antivirus reports:

Emsisoft
Gen:Variant.Symmi.37546 (B)

http://human.tru.ac.th/2013/highslide/highslide.js
200 OK
Content-Length: 45234
Content-Type: application/x-javascript
clean
http://human.tru.ac.th/highslide/highslide-html.js
404 Not Found
Content-Length: 305
Content-Type: text/html
clean
http://human.tru.ac.th/test404page.js
404 Not Found
Content-Length: 292
Content-Type: text/html
clean
http://human.tru.ac.th/js/jquery.min.js
404 Not Found
Content-Length: 294
Content-Type: text/html
clean
http://human.tru.ac.th/js/datepicker.js
404 Not Found
Content-Length: 294
Content-Type: text/html
clean
http://human.tru.ac.th/js/java.js
404 Not Found
Content-Length: 288
Content-Type: text/html
clean
http://human.tru.ac.th/js/autocomplete.js
404 Not Found
Content-Length: 296
Content-Type: text/html
clean
http://human.tru.ac.th/js/Style_event.js
404 Not Found
Content-Length: 295
Content-Type: text/html
clean
http://human.tru.ac.th/js/Style_cookie.js
404 Not Found
Content-Length: 296
Content-Type: text/html
clean
http://human.tru.ac.th/js/Style_size.js
404 Not Found
Content-Length: 294
Content-Type: text/html
clean
http://human.tru.ac.th/js/Set_text.js
404 Not Found
Content-Length: 292
Content-Type: text/html
clean
http://human.tru.ac.th/modules/randomimg/contentslider.js
404 Not Found
Content-Length: 312
Content-Type: text/html
clean
http://human.tru.ac.th/js/fullcalendar/jquery-ui-1.8.23.custom.min.js
404 Not Found
Content-Length: 324
Content-Type: text/html
clean
http://human.tru.ac.th/js/fullcalendar/fullcalendar.min.js
404 Not Found
Content-Length: 313
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: human.tru.ac.th

Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 20:53:21 GMT
Accept-Ranges: bytes
ETag: "395063d-524-8a8eff80"
Server: Apache/2.2.3 (CentOS)
Content-Length: 1316
Content-Type: text/html; charset=UTF-8
Last-Modified: Wed, 04 Dec 2013 02:55:10 GMT

...1316 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: human.tru.ac.th
Referer: http://www.google.com/search?q=human.tru.ac.th

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=human.tru.ac.th

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://human.tru.ac.th/

Result: human.tru.ac.th is not infected or malware details are not published yet.