New scan:

Malware Scanner report for msp-world.ru

Malicious/Suspicious/Total urls checked
4/0/15
4 pages have malicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "msp-world.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/8
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=msp-world.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://msp-world.ru/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://msp-world.ru/
200 OK
Content-Length: 26687
Content-Type: text/html
clean
http://msp-world.ru/template/common/js/jquery.min.js
200 OK
Content-Length: 82668
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function barashkalo(){
var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1
... 3252 bytes are skipped ...
null:this;if(c.isFunction(f))return this.each(function(j){var i=c(this);i[d](f.call(this,j,i[d]()))});return"scrollTo"in
e&&e.document?e.document.compatMode==="CSS1Compat"&&e.document.documentElement["client"+b]||e.document.body["client"+b]:e.nodeType===9?Math.max(e.documentElement["client"+b],e.body["scroll"+b],e.documentElement["scroll"+b],e.body["offset"+b],e.documentElement["offset"+b]):f===w?c.css(e,d):this.css(d,typeof f==="string"?f:f+"px")}});A.jQuery=A.$=c})(window);

Antivirus reports:

Avast
JS:Includer-BEX [Trj]
DrWeb
JS.IFrame.566
NANO-Antivirus
Trojan.Script.Iframe.brqwio
VIPRE
Malware.JS.Generic (JS)
Avira
HTML/Rce.Gen
Norman
Iframe.ZX
Sophos
Troj/JSRedir-LH
AVware
Malware.JS.Generic (JS)

http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 21412
Content-Type: text/javascript
clean
http://msp-world.ru/feedback.html
200 OK
Content-Length: 8967
Content-Type: text/html
clean
http://msp-world.ru/template/common/js/jquery.validate.js
200 OK
Content-Length: 47627
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function barashkalo(){
var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1
... 3446 bytes are skipped ...
pply(this, arguments);
}
};
function handler(e) {
e = $.event.fix(e);
e.type = fix;
return $.event.handle.call(this, e);
}
});
};
$.extend($.fn, {
validateDelegate: function(delegate, type, handler) {
return this.bind(type, function(event) {
var target = $(event.target);
if (target.is(delegate)) {
return handler.apply(target, arguments);
}
});
}
});
})(jQuery);

Antivirus reports:

Avast
JS:Includer-BEX [Trj]
DrWeb
JS.IFrame.566
NANO-Antivirus
Trojan.Script.Iframe.brqwio
VIPRE
Malware.JS.Generic (JS)
Avira
HTML/Rce.Gen
Norman
Iframe.ZX
Sophos
Troj/JSRedir-LH
AVware
Malware.JS.Generic (JS)

http://msp-world.ru/template/common/js/messages_ru.js
200 OK
Content-Length: 12457
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function barashkalo(){
var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1
... 3305 bytes are skipped ...
mat("Пожалуйста, введите значение длиной от {0} до {1} символов."),
range: jQuery.validator.format("Пожалуйста, введите число от {0} до {1}."),
max: jQuery.validator.format("Пожалуйста, введите число, меньшее или равное {0}."),
min: jQuery.validator.format("Пожалуйста, введите число, большее или равное {0}.")
});

Antivirus reports:

Avast
JS:Includer-BEX [Trj]
DrWeb
JS.IFrame.566
Microsoft
Trojan:JS/Iframe.DI
NANO-Antivirus
Trojan.Script.Iframe.brqwio
VIPRE
Malware.JS.Generic (JS)
Avira
HTML/Rce.Gen
Norman
Iframe.ZX
Sophos
Troj/JSRedir-LH
AVware
Malware.JS.Generic (JS)

http://msp-world.ru/template/common/js/feedback.validate.js
200 OK
Content-Length: 10967
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function barashkalo(){
var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1
... 3448 bytes are skipped ...
orm").validate({
rules: {
name: {
required: true
},
message: {
required: true
},
email: {
onkeyup: false,
required: true,
email: true
},
captcha: {
required: true,
remote: "/template/common/captcha/process.php",
onkeyup: false
}
}
});
});

Antivirus reports:

Avast
JS:Includer-BEX [Trj]
DrWeb
JS.IFrame.566
Microsoft
Trojan:JS/Iframe.DI
NANO-Antivirus
Trojan.Script.Iframe.brqwio
VIPRE
Malware.JS.Generic (JS)
Avira
HTML/Rce.Gen
Norman
Iframe.ZX
Sophos
Troj/JSRedir-LH
AVware
Malware.JS.Generic (JS)

http://msp-world.ru/sitemap.html
200 OK
Content-Length: 52793
Content-Type: text/html
clean
http://msp-world.ru/imeniny
200 OK
Content-Length: 28481
Content-Type: text/html
clean
http://msp-world.ru/static/208
200 OK
Content-Length: 40614
Content-Type: text/html
clean
http://msp-world.ru/static/
404 Not Found
Content-Length: 6126
Content-Type: text/html
clean
http://msp-world.ru/test404page.js
404 Not Found
Content-Length: 6126
Content-Type: text/html
clean
http://msp-world.ru/static/206
200 OK
Content-Length: 28966
Content-Type: text/html
clean
http://msp-world.ru/static/5667
200 OK
Content-Length: 20270
Content-Type: text/html
clean
http://msp-world.ru/static/565
200 OK
Content-Length: 17262
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: msp-world.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 18:24:26 GMT
Pragma: no-cache
Server: nginx/1.2.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c3f5230339da450eae41e37e75c6823a; path=/
Set-Cookie: stat=8dc98b6624fc244218fb0f7e8ac27000; expires=Thu, 19-Mar-2015 18:24:25 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: msp-world.ru
Referer: http://www.google.com/search?q=msp-world.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.