Right detection by avast's Web Shield on this URL!

Viruses and worms
1

See: http://urlquery.net/report.php?id=112523
Avast Webshield alerts a search query for this URL as JS:ScriptPE-inf[Trj]
See: https://www.virustotal.com/file/75d0ec041a4508a395c6d4f8ab93a347dd3eafea8bdc206bce80203931501516/analysis/1343944107/
arp.exe detected by avast as Win32:Agent-AISA [Trj]

polonus

2

Only in a tiny minorty of cases arpe.exe is found to be malcious: http://www.threatexpert.com/files/arp.exe.html
About secure versions of the executable: http://www.computer-support.nl/Systeemtaken/taakinfo/28580/ARP.EXE/

polonus

3

See: http://siteinspector.comodo.com/public/reports/show_log?id=5183199
iFrame script goes to htxp://www.Brenz.pl/rc avast Web Shield detects this as JS:ScriptPE-inf[Trj]
Search flagged by avast Webshield is “search?hl=nl&output=search&sclient=psy-ab&q=htxp%3A%2F%2FwXw.Brenz.pl%2Frc&btnK=”
Not being detected here: http://urlquery.net/report.php?id=113285
Read about this particular iFrame malware: http://blog.sucuri.net/2011/03/brenz-pl-is-back-with-malicious-iframes.html

polonus

4

Update:
This malware campaign is still going on: http://killmalware.com/ycbangong.com/
Hidden iFrame found.
size: 1x1
src: htxp://www.brenz.pl/rc/