DavidR
4
I would want to know why there is a compressed obfuscated script file being loaded with that shtml page, see images and extract of the contents.
There is a chance that this could be the use of an example of exploit code being picked up, but it certainly seems strange. So yes it needs further investigation as only avast and gdata detect anything (same engine/signature).
http://www.virustotal.com/file-scan/report.html?id=d1dd70db377ba663219a6947dc5ed6355f1c1931e1586ac04efb8c5d068ce46a-1315313142