Known infection source

Out on MX VirusWatch archives and marked by DrWeb’s as a known infection source
and listed at DNS-BH / malwaredomains.com
http://sitecheck.sucuri.net/results/h0b.ru
Site most likely compromised because of outdated software found:
SSUE DETECTED DEFINITION VULNERABLE HEADER
Outdated Web Server Apache Found Vulnerabilities on Apache 2.2 Apache/2.2.22
List of blacklisted external links: 25 → http://quttera.com/detailed_report/h0b.ru
IP badness history: https://www.virustotal.com/nl/ip-address/88.198.6.20/information/
Iframe malware on IP: http://censorthis.urlquery.net/report.php?id=1397883452484

HTTP header issues: Number of Happy Findings: 2
Number of Not As Happy Findings: 8
Percentage Happy Findings: 20% results taken from → https://securityheaders.com/test-http-headers.php

navigation.js?ver=1.0 error - read:

com may encounter the Neutrino exploit kit after clicking through the … at /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js

code hick-up:
h0b.pigramodot com/wp-content/plugins/buddypress/bp-themes/bp-default/_inc/global.js?ver=20110818 benign
[nothing detected] (script) h0b.pigramo dot com/wp-content/plugins/buddypress/bp-themes/bp-default/_inc/global.js?ver=20110818
status: (referer=h0b.ru/)saved 54322 bytes 9825dfe07ac553a9599509fbab4831d4827d55d0
info: [decodingLevel=0] found JavaScript
error: undefined variable jQuery
error: undefined function jq
suspicious:

polonus

Another one blacklisted and missed by many scanners and given as only blacklisted:
https://www.virustotal.com/nl/url/6783476267952e16556b40812c4a3e706495c6b82773129b35bf13a0f6b77d07/analysis/1411990588/ (5 detections) → http://community.spiceworks.com/topic/508209-blacklisted-in-the-government-s-crackdown-on-p2pzeus?page=2
IP badness history: https://www.virustotal.com/nl/ip-address/54.83.43.69/information/
and here: http://urlquery.net/report.php?id=1407329850597
on the Tor relay user list: http://comments.gmane.org/gmane.network.tor.relay/4686 (CryptoLocker IP)
which avast detects as Win32:LockScreen-TV [Trj]

System Details:
Running on: Apache/2.4.7
Outdated Web Server Apache Found: Apache/2.4.7

Sinkhole IPs to block for Cryptolocker and Gameover Zeus

pol