Infected javascript undetected?

This is the url scan at VT: https://www.virustotal.com/url/acdc0c4b4bfcccf522501ba4685fd93c3ff03c83bbdf033fb071b1903f10e105/analysis/1328461510/
Here the script flagged at unmasked parasites: http://www.UnmaskParasites.com/security-report/?page=zavesata.com/page.php%3F158%3Ascript11%3D
Given clean: http://siteinspector.comodo.com/public/reports/228166
No alerts at urlquery.net: http://urlquery.net/report.php?id=19241
Suspicious at wepawet: http://wepawet.iseclab.org/view.php?hash=a5308ea80bc71e943af34a21c947ae51&t=1328462395&type=js
Trojan downloader not detected by avast? re: http://vscan.urlvoid.com/analysis/4c684bd1136f332144cbfe96101352dc/cGFnZS1waHA=/
DrWeb url scanner detects: -http://zavesata.com/page.php?158:script11=/JSTAG_2[7a29][dce] infected with VBS.Psyme.377
Bitdefender TrafficLight also flags the site as malware site.

reported to virus AT avast dot com,

polonus

The PHP page is very nasty indeed, Polonus.

I’ll PM you about what I found, it can’t be discussed here.

Hi Donovansrb10,

No, we won’t touch any details of this, but generally a few remarks on this redirecting malcode.
This is a variant on the so-called Media Temple Malware Issue. The method has been with us for quite some time now. Those redirecting domains, encoded inside a JS file, may differ. Also the methods have become more and more refined. See malware description here:
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanClicker%3AJS%2FIframe.F&ThreatID=-2147335922
Well the suspicious obfuscated inline script pattern should stand out for detection and avast webshield should detect this really as JS:Downloader-IR[Trj]. About plug-in vulnerability on this site, see: http://e107.org/e107_plugins/forum/forum_viewtopic.php?139119 (link source = e107 Content managment system forum, and post author = CSDave),

polonus