I would say the sites are definitely infected.
A reference for you: http://www.unmaskparasites.com/ just type the URL’s in to the space indicated. All your URLs are analysed as suspicious.
I would say, at least in this case, you are safer with Avast than with the other AV you tried.
The webmaster will only know the site is infected if someone tells him (or her.)
Your English is very easy to understand, and a great deal better than any other language I speak!
I will tell them what’s going on with their sites.
By the way, Avast show me an alert when “I’m googling” these sites in the results page.
(but I haven’t click yet on the links ?)
It occurs when I use Firefox but not occurs with IE 7
Why ?
EDITION: I go to the site and suspicious they are as you said
But then I go there
hxxp:www.google.com/safebrowsing/diagnostic?site=www.exceltip.com
And the result is:
Blacklist Doctor, that also analyses pages shows the first URL appears to have been hacked and this code inserted (see image), the second script tag goes on for a bit longer. Warming avast will allert on the analysis of blacklist doctor as it is effectively importing the page source. No detections on the next two, but a manual check confirms they too have been hacked, see below.
The jmt.puremis.net/index.htm has also been hacked with the insertion of an obfuscated javascript, script tag after the closing Head tag, see image 2.
The same is true of the puremis.net/excel/ URL script tag after the closing Head tag.