See: https://www.virustotal.com/nl/url/9ef7e2e67636cf364d8eec06c69faf340ceef487fe191a08035bafdc63d48a6a/analysis/1399223346/
& https://www.virustotal.com/nl/file/7be879588ac0b9af3529e2701e35666a4b741b5402b46aebac52db65eed09ec7/analysis/
See: http://support.clean-mx.de/clean-mx/viruses.php?id=19319697
and http://app.webinspector.com/public/reports/21674069 flagged as suspicious - possible malware and suspicious code.
detected as Android/Trojan.SMSStealer by MBAM Mobile…
Badness history on IP: https://www.virustotal.com/nl/ip-address/91.202.63.75/information/
134 websites on one and the same IP: http://sameid.net/ip/91.202.63.75/

pol

Update: have to add this report: http://sitecheck.sucuri.net/results/antiviru.ru
So site was likely compromised!

Web Security Test results for main site:
Google safebrowsing flags: http://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fantiviru.ru&hl=en
Injection check: Suspicious Text before HTML 
Javascript check: Suspicious
content="5;url=htxp://antiviru.ru/download?midlet_id=3253&midlet_name=android+%d1%83%d1%81%d0%ba%d0%be%d1%80%d0%b8%d1%82%d0%b5 (headline)
Local File inclusion bypass exploit vulnerability on site for php/5.3.10-1ubuntu3.4
Also read → http://blog.detectify.com/post/34559130700/do-you-dare-to-show-your-php-easter-egg (info credits go to Fredrik Nordberg Almroth)

This all confirming the finds here: http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fantiviru.ru
also consider: https://www.mywot.com/en/scorecard/antiviru.ru
Listed here: http://www.malwaredomainlist.com/mdl.php#! threat = Android.Trojan

Potentially malware and bad web rep, so avast! users are better to stay away from this site and it’s downloads!

polonus

URL is blocked by Avast and AOS. So we are protected.