polonus
3
Our forum member craigb is right, and here you see why: http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fwww.informatikserver.at%2F
and http://urlquery.net/report.php?id=5060516
/media/jui/js/jquery.min.js
Quttera scan result:
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Too low entropy detected in string
[['=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26async=%26=%26=%26=%26=%26=%260=%26=%26=%26=%26=%26=%260=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%260=%26=%26']]
of length 551 which may point to obfuscation or shellcode. (ad malvertiser malcode- vulnerable through bad Joomla configuration)
File size[byte]: 93637
File type: ASCII
MD5: 24BD97B1DE158C4F1A162336EECA4AA6
Scan duration[sec]: 78.746000
polonus
P.S. Also see my posting for similar issue here: http://forum.avast.com/index.php?topic=116107.0
D