wrong alarm:js:Downloader-JU [Trj]

[xuebin100]

When i visit the website:
hxxp://www.nmkjt.gov.cn/  
 I got the alarm as follow:
URL:   file://C:\Documents and Settings\Ma Xuebin\Local Settings\Temporary Internet Files\Content.IE5\I0HWSK7K\show.js
Process:   file://C:\Program Files\Internet Explorer\iexplore.exe
Infection:   js:Downloader-JU [Trj]

i think it's a wrong alarm, and i can not browse the page. Could anybody help me?

[Pondus]

This page seems to be <suspicious>
52 hidden external links found.
http://www.UnmaskParasites.com/security-report/?page=www.nmkjt.gov.cn


wepawet
http://wepawet.cs.ucsb.edu/view.php?hash=e8fbd9f954de1acd4ff1dea2d8395c55&t=1310201339&type=js

[polonus]

Hi xuebin100 & Pondus,

Hi xuebin100 make that link in your posting non-click through like -http://etc or hxtp or
http://wXw.etc....
There is definitely something there at the beginning of the page outside HTML,
see the attached image, which represents a malscript for a JS hanging trojan, see malware description found here: http://www.sdpaike.com/201008/508.html (linksource computer networks)
Not many scanners get it: http://wam.dasient.com/wam/diagnose?URL=www.nmkjt.gov.cn (failed to detect); SOSWebscan also failed: Your site URL -http://www.nmkjt.gov.cn has been successfully scanned. And No Malware or badwares found.
Urlvoid and netirk give: Domain does not exist or is unaccessible, because of the redirect and download that starts immediately, so no wrong alarm...but it can be easily found using malzilla,
My malware script detector in Google chrome even flags the search for part of the script code as xss attack...see attached image, example of JS script hung horse...

polonus