See: http://zulu.zscaler.com/submission/show/23499852c9986f37a6f79d2d40bfc9dd-1421341354 54/100% suspicious code…
Hick-up and insecurity on: htxp://www.comfortdress.ru/var/cache/1.1d16455f10ecf7a448693e590b5447c8.js → worth storing to save time of recomputing them
Use http://www.sevenforums.com/tutorials/149053-internet-explorer-activex-filtering-turn-off.html considering Flyout_Menus/Icons/func.js
to gain additional security. See: http://urlquery.net/report.php?id=1421341586528
multipart encrypted file: http://jsunpack.jeek.org/?report=b69e55f1db55f21a202adf701b484c8d637059c6 info: [iframe] wXw.comfortdress.ru/var/cache/javascript:false;
info: [img] wXw.comfortdress.ru/var/cache/
info: [iframe] wXw.comfortdress.ru/var/cache/
info: [decodingLevel=0] found JavaScript
suspicious:
External link IP: https://www.virustotal.com/nl/ip-address/173.194.116.132/information/
External link domain info: https://www.virustotal.com/nl/domain/cdn-qualiteamsoftwar.netdna-ssl.com/information/
polonus