Trojans detected:
Object: -http://tobias.com.pl/
SHA1: 6061af9aee994e4b58c0b51b48d350c8967da96c
Name: TrojWare.JS.Iframeinject.AJ
See: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Ftobias.com.pl%2F+
3 flag: https://www.virustotal.com/nl/url/6f8f6d01ee6bca19e1e7c90483d09b55cac3b03116839686d3a8e4bcaeff8153/analysis/1457903082/
Infested: https://sitecheck.sucuri.net/results/tobias.com.pl
Retirable jQuery: -http://tobias.com.pl
Detected libraries:
jquery - 1.4.2 : (active1) -http://tobias.com.pl/js/jquery-1.4.2.min.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
swfobject - 2.2 : -http://tobias.com.pl/js/swfobject.js
jquery.prettyPhoto - 2.5.6 : (active1) -http://tobias.com.pl/js/jquery.prettyPhoto.js
Info: Severity: high
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6837&cid=3
Info: Severity: high
https://github.com/scaron/prettyphoto/issues/149
https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
(active) - the library was also found to be active by running code
2 vulnerable libraries detected
Known javascript malware. Details: http://labs.sucuri.net/db/malware/malware-entry-mwexploitkitblackhole1?v282.2
Yandex has it: https://yandex.com/infected?l10n=en&url=tobias.com.pl&redircnt=1457903509.1
Avast should detect as JS:Agent-DPO [Trj]
polonus