Code on blacklisted site detected by avast! Web Shield as JS;Agent-HA[Trj]

See: http://sitecheck.sucuri.net/results/web.hochzeitsgasse.eu/
Site blacklisted and with malware: http://labs.sucuri.net/db/malware/malware-entry-mwblk2
Nothing detected here: http://urlquery.net/report.php?id=8230886
See: https://www.virustotal.com/nl/url/17d0bfcacd1652980ada527318f716e709f7659fc1b84dc1dca8a338cdba7c7c/analysis/1386452958/
iFrame check: Suspicious htxp://www.kreativ-fotostudio.de/files/test/test.php’ found to be 88/100% malicious: http://zulu.zscaler.com/submission/show/4dff5adc7bceab939e8390a1c0efd7bc-1386453254
Alert for Joomla Version 2.5.x - 3.0.x for: htxp://web.hochzeitsgasse.eu//media/system/js/caption.js
Suspicious code: web.hochzeitsgasse dot eu/plugins/system/rokbox/rokbox.js benign
[nothing detected] (script) web.hochzeitsgasse.eu/plugins/system/rokbox/rokbox.js
status: (referer=web.hochzeitsgasse dot eu/)saved 21801 bytes c4ad729b8cfbc367d84c7d3e4fadb249b40b4e46
info: [decodingLevel=0] found JavaScript
error: undefined variable Element
error: undefined function Element.implement
info: DecodedGenericCLSID detected 22D6f312-B0F6-11D0-94AB-0080C74C7E95 D27CDB6E-AE6D-11cf-96B8-444553540000 02BF25D5-8C17-4B23-BC80-D3488ABDDC6B → part of a legitimate program or the operating system itself. Removal is not neededse dot eu/plugins/system/rokbox/
info: [embed] web.hochzeitsgas
info: [decodingLevel=1] found JavaScript
suspicious:
Quttera flags: /plugins/system/rokbox/rokbox.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method write __tmpvar1652015033 = write;
Threat dump: htxp://stackoverflow.com/questions/2731345/what-exactly-does-this-piece-of-javascript-do?
avast! Web Shield blocks and detects this code as JS;Agent-HA[Trj]
MD5: F01DD3E488F43157471B1AB98353CE25
Scan duration[sec]: 0.124000

pol