False posite?

Is this a false positive?
It is a welknown Dutch opinionsite.

Infection Details
URL: http://xxx.joop.nl/fileadmin/template/inc/js/redirMobile-min.js|>{gzip}
Process: file://C:\Program Files\Mozilla Firefox\firefox.exe
Infection: html:Iframe-inf

xxx stands for www

Sucuri say infected…

see attached screenshot

malware type
http://sucuri.net/malware/malware-entry-mwiframehd421

Filename: redirMobile-min.js
Status: Scan finished. 2 out of 20 scanners reported malware.
http://virusscan.jotti.org/en/scanresult/c9e8b1cc2b524e7f963dfac40bdc6321b57ba3ec

VirusTotal - redirMobile-min.js - 4/43
http://www.virustotal.com/file-scan/report.html?id=bac3240d18bfa6194aa65701e799946bdad1a975fa069013652f584eb5d44965-1311787300

Hi Klauwkikker & Pondus,

Scanned the IPframe redirect here: http://wepawet.iseclab.org/view.php?hash=52ee1c0c20d38b7edb071123b878a5aa&t=1311793379&type=js (malicious)
Exploit being abused is HPC URL Help Center URL Validation Vulnerability - CVE-2010-1885;
see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1885
Also see attachec source code for the url you provided,

polonus

Is this a false positive? It is a welknown Dutch opinionsite.

Norman analysis confirms the detection is correct

redirMobile-min.js : Processed - HTML/Iframe.KY