What unknown html malware on this site?

Only flagged by Google Safebrowsing: https://www.virustotal.com/url/d9bef608e977f35b03db3863dc58323b356eae2318642c27fd8bdc3a9834a201/analysis/1359813407/
Here Detected a Dynamic DNS URL was detected for a RBN Network IP: http://urlquery.net/report.php?id=917625
Infected since 2013-02-01 17:07:34
Risky URLs found in: htxp://filman.at.ua

1: htxp://p0rtal.org/informer/23 → Google Safe Browsing diagnostic page for this URL → http://www.google.com/safebrowsing/diagnostic?site=http://p0rtal.org/informer/23
2: htxp://p0rtal.org/informer/24 → Google Safe Browsing diagnostic page for this URL → http://www.google.com/safebrowsing/diagnostic?site=http://p0rtal.org/informer/24
iFrame sc​ript call above is loading a sc​ript from a flagged site and shoud be removed. Also Yandex blakclisted domain ->: http://www.mywot.com/en/scorecard/p0rtal.org?utm_source=addon&utm_content=popup-donuts
Content after the < /html> tag should be considered suspicious. It sends the message “Please come hack this site!” to every hacker in the world.

348: < !-- 0.01067 (s23) → all according to Redleg’s Fileviewer analysis ->: http://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Ffilman.at.ua&ref_sel=Google&ua_sel=ff

polonus