Hi jefferson santiag,

Actually I did not expect anything else from good old avast! and so we are being protected.
I think it is also intriguing to find out what was the cause that these sites became so easily infested.

See: http://labs.sucuri.net/db/malware/mwjs-iframe-injected691?v4
and as it says there

A Remote and malicious iframe was identified. It uses javascript to generate the iframe dynamically on the browser of anyone visiting the compromised site. We are seeing it often on outdated Joomla and WordPress sites.

Analyzing one of the uri’s involved: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2F2chicksathome.com%2Fwp-content%2Fplugins%2Fcontact-form-7%2Fscripts.js%3Fver%3D2.3.1+&useragent=Fetch+useragent&accept_encoding=
Can’t display source for type application/javascript
But then have a look here: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2F2chicksathome.com%2F&useragent=Fetch+useragent&accept_encoding=

See what is really behind an infested uri - see attached

polonus