Web Shield flags site on a High Risk Hosting Provider even via 3rd party scan...

Folks, we really cannot do without avast! Web Shield for our protection. Checked this…Up(nil): unknown_html ARIN US abuse at softlayer dot com 50.22.194.94 to 50.22.194.94 berkonoutdoors dot com htxp://berkonoutdoors.com/catalog/
So wanted to look this domain up with evuln malware scanner and avast! Web Shield flagged JS:Decode-XA[Trj]
Detected malicious iframe injection → http://urlquery.net/report.php?id=2496495
so even getting enough of the malcode in a scan will block access to that scan.
We have a hihj level of protection, my friends, we sure have…
Also detected here: http://scanurl.net/?u=http%3A%2F%2Fberkonoutdoors.com%2Fcatalog%2Faccount.php&uesb=Check+This+URL#results

polonus

Blackhole exploit
https://www.virustotal.com/nb/file/8d71de0fb803f921a60a74f080e1c44e224d6ea87c6c02bafb724e2be7e61b16/analysis/1368736403/

Hi Pondus,

Well done, my friend, and thanks, you found up the accompanying file analysis, conclusion - we are being protected,

polonus

Another example here: https://www.virustotal.com/en/url/9eb8238066cc10b7b820161ab9490946756498c1b81a983242bfb4a1f04db015/analysis/1368801212/
Trying to see the evuln dot com scan results resulted in the avast! Webshield alerting HTML:Iframe-AKU[Trj] and blocking the | (gzip) file there…
Potentially suspicious code in: /plugins/system/rokbox/rokbox-mt1.2.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method write __tmpvar2040143295 = write;
File size[byte]: 21665
File type: ASCII
MD5: FF5022D82F8C393211349AE8951ACB8E
Scan duration[sec]: 0.086000
given at Quttera’s…
Site has vulnerable Joomla code: oomla Version 1.5.18 to 1.5.26 for: htxp://thejourneypc.com/language/en-GB/en-GB.ini via plug-in…
Site blacklisted by Google’s Safebrowsing

polonus

Same here: http://sitecheck.sucuri.net/results/slownik-angielsko-polski.pl/ WP plug-in vulnerabilities…
https://www.virustotal.com/en/url/f9cc0d2d903232134eb5533c2c6b0cfba98c4d3ffbebcb43116774b73b46114a/analysis/1368802643/
we would think but avast does not flag going to site…
index.html
Severity: Suspicious
Reason: Detected hidden reference to external web resource.
Details: Detected hidden iframe tag to ‘temp.vulkancomplect.ru’ a bad webhost with on IP 283 appearance(s) in spam e-mail or spam post urls
Threat dump: [[