JS.ScriptIP site blocked by Netcraft and BitdefenderTrafficLight, not by avast!

Suxcuri gives the site an all green. Site security is questionable and site may be compromised because of this external link: htxp://squeezewayl.net/test404page.js see the case of http://urlquery.net/report.php?id=7623934

IDS alert for ET “RBN Known Russian Business Network IP group 400” (Be aware site with adult content links)
http://urlquery.net/report.php?id=8827872
See: https://www.virustotal.com/nl/url/6a8188dd45ae3764610dae80806e69977ef625d014bad76b65b175e03ebb94db/analysis/1389805221/
JavaScript check: Suspicious

ion+xml" href=“htxp://linksfun dot ru/engine/opensearch.php” title=“ðàçâëå÷åíèÿ îíëàéí äëÿ âàñ.ñìåøíîå âèäåî ïðèêîëû.” /> ïîðíî ñ ïåâèöîé ñâåòîé

Included script:
Suspect - please check list for unknown includes
Suspicious Script:
linksfun dot ru/engine/classes/js/dle_js.js
.ru/whois/?ip=‘+a+’" target=“_blank”>‘+b+“”;e[1]=’<a href=“'+dle_root+dle_admin+”?mod=iptools&ip=“+a+'” target=“_blank”>'+c+“”;e[2]=

Code hick-up in jsunpack:
xoliter dot com/60h16f5fc94/5db91/4/ecd.js benign
[nothing detected] (script) xoliter dot com/60h16f5fc94/5db91/4/ecd.js
status: (referer=linksfun.ru/2011/10/09/)saved 15423 bytes 14bbedabc310fb974c44495aca2fcbe8851f1098
info: [javascript variable] URL=
info: [decodingLevel=0] found JavaScript
external link to c.teromil dot com - no description because of robot.txt → SMS fraud site?
error: undefined variable padid
error: undefined variable blockid
info: [var appendChildsrc] URL=/wp-includes/js/jquery/jquery.js
info: [var appendChildsrc] URL=c.teromil.com/s/0/1.js
info: [element] URL=/wp-includes/js/jquery/jquery.js
info: [element] URL=c.teromil.com/s/0/1.js
info: [decodingLevel=1] found JavaScript
error: undefined variable show1
error: undefined function show1
suspicious:

Netcraft detect is because of PHISHING!!

The malware detection is found here: http://support.clean-mx.de/clean-mx/viruses?id=16594627
Missed by avast!-> https://www.virustotal.com/nl/file/c20e0ab27a67d197ab6476ae59970ea8291a4ac1f65cfa4fe36d6b3f9c236611/analysis/

The malware is long OVERDUE! alive & up and running now for 1847.6 hrs!

pol