Site only blacklisted or also malcoded?

See: http://quttera.com/detailed_report/twinportsauctions.com 71 instances flagged of “Procedure: + has been called with a string containing iframe with hidden URL ‘user-api.inf’”…
Blacklist status given here: http://sitecheck.sucuri.net/results/twinportsauctions.com
malicious scripts, link and form → http://zulu.zscaler.com/submission/show/64bf1e8e628853a20ddb7de368833b43-1357064380
URL query alerts here: http://urlquery.net/report.php?id=574053
code redirect to (var newurl) mish2010.hopfeed dot com/ → 500 Private/Reserved IP
status: (referer=wXw.twinportsauctions.com/scripts/innovaeditor.js)saved 9029 bytes e7378cdb1b871753ebdba6146f02ac59e0ce786a
info: [script] wXw.google.com/cse/brand?form=cse-search-box&lang=en
info: [script] mish2010.hopfeed dot com/script/hopfeed.js
info: [img] wXw.ptchosting.biz/banners/SSFEATFINAL.gif
info: [decodingLevel=0] found JavaScript
suspicious:
Also detected on IP
HTML/Rce.Gen3 detected for IP: https://www.virustotal.com/file/f3b44d4e9e9155de4ecb32a2b5ff402ccf221939b43caf257d6862e192c377e9/analysis/

Site has active malware with long OVERDUE status: JS/Redirector.NS.3 → since 2012-11-09 10:40:5
which avast detecs as JS:Redirector-HS [Trj]
https://www.virustotal.com/file/570a367416a91ce9afce01fdeb4126e7ad9ab55c6337715c1730752176d4bc49/analysis/

polonus