Site blocked by avast shield

Hi malware fighters,

Trying to open this in malzilla: htxp://www.knighthaber.com/?sayfa=sozlesme
I got immediately blocked, because of this being a malware site:
Security Risks
The site is especially dangerous when opened up with IE…
Threats found: 4

Threat Name: HTTP C6 Messenger ActiveX File Overwrite
Location: htxp://www.knighthaber.com/?sayfa=sozlesme

Threat Name: HTTP C6 Messenger ActiveX File Overwrite
Location: htxp://www.knighthaber.com/

Threat Name: HTTP C6 Messenger ActiveX File Overwrite
Location: htxp://www.knighthaber.com/?sayfa=urunler

Threat Name: HTTP C6 Messenger ActiveX File Overwrite
Location: htxp://www.knighthaber.com/?sayfa=iletisim

Virus
Threats found: 1

Threat Name: Trojan.Gen
Location: htxp://www.knighthaber.com/cupdate.exe

From the attached code image, one sees the site almost immediately redirects
after Empty source - Could not connect to site…
What is found there: Virus.JS.Downloader.Small!IK
S/Downloader.Small.(S)
This signature detects attempt to exploit a remote file download vulnerability by sending specially crafted arguments into a a method of C6 Messenger ActiveX Control.

Specifically, the vulnerability affects the ‘propDownloadUrl()’ method of the Installation URL Downloader ActiveX control identified by CLSID:

c1b7e532-3ecb-4e9e-bb3a-2951ffe67c61

Attackers may exploit this issue by enticing victims into visiting a maliciously crafted webpage,
and there are no known FPs involved here…

polonus

Jepp, you hit Malware there

VirusTotal - www.knighthaber.com.htm - 3/41
http://www.virustotal.com/analisis/7790abfcd86ef5ef3948348732c8c6bcb2826e8dad1578b5985beb9a8f93bfaa-1276442560

VirusTotal - cupdate.exe - 35/40
http://www.virustotal.com/analisis/d981c13ef6e7263dd6e6b6843b5bc9b41a8c4daf9bfad21ef5d1d9e18e9eca46-1276442617