Hi acx,
Those that visit the site will get a avast Web Shield warning for JS:ScriptUE-inf[Trj] in -htxp://etc… logo.png
The site was hacked via a vulnerability, web admins should check theirr PHP and Joomla website application software for updates:
parts of the code could be still in Joomla 1.5.18 and not 1.5.21
PHP version is PHP/5.1.6, version open to some recent by-pass vulnerabilities, 3 known to sofware developer,
polonus
P.S. Code attached could be replaced to make the webpage more IE friendly…
this because the site runs Apache…
see: http://wepawet.iseclab.org/view.php?hash=e1667a2bc5725a999462548a2981bb71&t=1307997764&type=js
D