Avast does not detect PHP/Small.AA here...

See: https://www.virustotal.com/url/6a37cbb8aa1df4d5baae3b8d041ed8ca72bed6580216abc4f003dd36554b4bf0/analysis/1328197283/
and given safe here: http://urlquery.net/report.php?id=18880
But indeed infected, see:
http://vscan.urlvoid.com/analysis/f9bb68fa94b0229b41d6fe4ba1758e98/eW91dHViZS1waHA=/
See: -http://jsunpack.jeek.org/?report=c6d2dfa4f952727f5d0c2309467e8a2440d53f89
Open last link when security savvy, with ample script protection and in a VM,

first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools

syntax error: *
correction: SELECT
syntax error: .
correction: FROM
syntax error: /* 18 Des 2011 Kalimantan Barat …
correction: bad web rep, see: * recky a.k.a bogel /* →
http://www.mywot.com/en/scorecard/reverber8.net

polonus

VirusTotal - 10/43
https://www.virustotal.com/file/c9c46ef42766058d3e803607291841afb194d00b1a9c5357d052b6e39a8caf59/analysis/1328198340/

Sucuri: http://sitecheck.sucuri.net/results/http://img.youtube.com.misterquim.com

Hi Pondus,

Thanks for confirming avast does not detect this yet, Norman does not either.
But the avast webshield should detect this, as it detects JS:Illredir-AQ[Trj] on
-http://sucuri.net/malware/malware-entry-mwjsgen2
But for the given malcious page, the php download will begin immediately without any avast alert.
Additionaly I will give the bizimbal report: http://www.bizimbal.com/odb/details.html?id=1181546
Here we can read more about this PHP malware: -http://www.bizimbal.com/docs/article02.html(avast will alert this link as PHP:Small-AG[Trj] a flag that is safe to ignore. as it detects parts of the code, but there is no payload inside the article. It describes how easily site servers are being probed…article author = Yavuz Darendelioglu a.k.a bioyavuz of Offensive IP Database,

polonus