HTML/IFrame.AN at spam site...

See: http://www.virustotal.com/url-scan/report.html?id=06532eb9fc51d5eea165c1960f5700f0-1324683645
and nothhing detected here:
http://www.virustotal.com/file-scan/report.html?id=bff3b8d15d83183836a3f550b18f9f46c5f4694155ce8847968abd5caadcd1f6-1324687369
See: http://urlquery.net/queued.php?id=13319
Dangerous site http://www.urlvoid.com/scan/zhenfei.com.cn
-zhenfei.com.cn/fade.js suspicious
[suspicious:2] (ipaddr:61.139.126.eight) (script) -zhenfei.com.cn/fade.js
status: (referer=-zhenfei.com.cn/AClass2.asp?ClassID=10)saved 2952 bytes 953c6ee8608b199c19f76f5c714a84c8ec3b3fbf
info: [decodingLevel=0] found JavaScript
suspicious: -
Obfuscated script > iframe src=-http://www.wrmfwk.cn/b3.htm
found suspicious here: http://urlquery.net/report.php?id=13318

This is weird to observe, how could this scan be OK?
Checking: -http://www.zhenfei.com.cn/fade.js?ArticleID=13
File size: 2952 bytes
File MD5: 583f759f509e1fd1bcc01caca1adae20

-http://www.zhenfei.com.cn/fade.js?ArticleID=13 - Ok
And here we go---->
Checking: -http://%61%76%65%32%2E%63%6E
File size: 2124 bytes
File MD5: 551823d3fd646640a8e6080d6bc9c1aa

-http://%61%76%65%32%2E%63%6E - archive HTML

-http://%61%76%65%32%2E%63%6E/Script.0 - Ok
-http://%61%76%65%32%2E%63%6E - Ok

Checking: -http://www.wrmfwk.cn/b3.htm
File size: 65 bytes
File MD5: 3d95b9e93f4700e490609dff2a7cfff6

-http://www.wrmfwk.cn/b3.htm - archive HTML

-http://www.wrmfwk.cn/b3.htm/Script.0 - Ok
-http://www.wrmfwk.cn/b3.htm - Ok

Checking: -http://www.zhenfei.com.cn/article_show.asp?ArticleID=13
Engine version: 5.0.2.3300
Total virus-finding records: 2964032
File size: 8961 bytes
File MD5: 9e6ab878600f63e9332a799ea1a4f7ea

-http://www.zhenfei.com.cn/article_show.asp?ArticleID=13 - has Trojan.Malscript!html

Threats found at site: Trojan.Malscript!html and Bad Anchor Link total 158
Sucuri alterts these:

Malware found in the URL:
-http://www.zhenfei.com.cn
Anomaly behavior detected (possible malware).
Details: http://sucuri.net/malware/malware-entry-mwanomalysp8

Security warning in the URL:
-http://www.zhenfei.com.cn/main.asp
Hidden Iframes.
Details: http://sucuri.net/malware/entry/MW:IFRAME:HD202

Sucuri say -http://zhenfei.com.cn/ is infected

Malware entry:
MW:ANOMALY:SP8: http://sucuri.net/malware/malware-entry-mwanomalysp8
Malware entry: MW:IFRAME:HD202 http://sucuri.net/malware/malware-entry-mwiframehd202
Malware entry: MW:BLK:2 http://sucuri.net/malware/malware-entry-mwblk2

Wepawet
http://wepawet.iseclab.org/view.php?hash=7c9d347d1b3895bd2b6a15448ddeb434&t=1324689758&type=js

VirusTotal
http://www.virustotal.com/file-scan/report.html?id=0d1bc8f1513a6ee9b1d356b9e41a20d6239701c4ecbd79d8025387aad5fc77f5-1324690180