See: https://www.virustotal.com/nl/url/9cf882f4c254cc3f8269e88ae801065a2c85d954727f9d4dbf8f4a9cd76ee5c6/analysis/1444857549/
See: /index.php/%d8%a7%d9%84%d9%83%d8%aa%d8%a7%d8%a8-%d8%a7%d9%84%d9%85%d9%82%d8%af%d8%b3/%d8%a3%d8%af%d9%88%d8%a7%d8%aa-%d8%a7%d9%84%d9%83%d8%aa%d8%a7%d8%a8-%d8%a7%d9%84%d9%85%d9%82%d8%af%d8%b3?format=feed&type=rss
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain -newfreescreensavers.com
Sucuri detects: ISSUE DETECTED DEFINITION INFECTED URL
Website Malware malware-entry-mwexploitkitblackhole1?v282.2 -http://thelivingwaters.net
SEO Spam MW:SPAM:SEO?sb -http://thelivingwaters.net/index.php/الكتاب-المقدس/أدوات-الكتاب-المقدس
Website Malware malware-entry-mwexploitkitblackhole1?v282.2 -http://thelivingwaters.net/index.php/2012-01-21-02-48-41
Website Malware malware-entry-mwexploitkitblackhole1?v282.2 -http://thelivingwaters.net/index.php/2012-01-21-02-48-41/screensave
Website Malware malware-entry-mwexploitkitblackhole1?v282.2 -http://thelivingwaters.net/index.php/2012-01-21-02-48-41/56-2012-01-20-23-53-31
Website Malware malware-entry-mwexploitkitblackhole1?v282.2 - http://thelivingwaters.net/index.php/لم-اتزوج-
%D8%A8%D8%B9%D8%AF/253-%D9%83%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%86%D8%A7%D8%B3

Detected also here: http://killmalware.com/thelivingwaters.net/
and here:
http://urlquery.net/report.php?id=1444857685713

Web application version:
Joomla Version 2.5.6 found at: -http://thelivingwaters.net/administrator/manifests/files/joomla.xml
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 2.5.28 or 3.4.3

polonus (volunteer website security analyst and website error hunter)

Avast! blocked the threat as: JS:Agent-DPO[Trj].We are Protected

Update threat still around: http://urlquery.net/report.php?id=1476550497723

Read on it here: http://blog.malwaremustdie.org/2013/09/302-redirector-new-cushion-attempt-to.html
angler related malcode…

pol