Well this is flagged as supicious by avast as JS:ScriptDC-inf[Trj] for the jsunpack analysis
of mentioned site:
-www.msolarpro.com/wp-content/plugins/dropdown-menu-widget/scripts/include.js?ver=3.2 suspicious
[suspicious:2] (ipaddr:184.154.88.218) (script) -www.msolarpro.com/wp-content/plugins/dropdown-menu-widget/scripts/include.js?ver=3.2
status: (referer=-www.msolarpro.com/)saved 386 bytes 8312b9b0c984c54fbc8feaf66bcb4b1dd3acaf58
info: [decodingLevel=0] found JavaScript
Avast webshield flags -www.msolarpro.com/wp-includes/js/l10n.js?ver=20101110
But to Pondus, also have a look here for a second op:
http://forum.avast.com/index.php?action=printpage;topic=83287.0 where a false positive was found....and the IP also had an instance of HTML/Redirector.MA on it (now dead),
Also consider this VT scan:
https://www.virustotal.com/url/b417c30323119157b1261a38567c6b62c55941dd22dade7bc984be07d0f1068e/analysis/1327015879/ (detection from Bitdefender, but TrafficLight does not list it)
Now we can finally come to the point why the avast webshield blocks this, re:
http://wepawet.iseclab.org/view.php?hash=be10484672ca0c3fdf9004f67f05cc13&t=1327101730&type=jsThe iFrame source found there: -http://brunno.cz.cc
has malcious activity, found here, see:
http://google.com/safebrowsing/diagnostic?site=brunno.cz.cc/&hl=ru-RU brunno.cz.cc this site has infected 76 domains as we read there
via -/showthread.php?t=37220338 on it!
We can conclude that the dents of the avast web shield really dig that deep, my good forum friends, as I have explained and demonstrated above in my explanation of the website scan analysis, Yes, I repeat this again - the avast webshield, notwithstanding the status of the exploit found, is an awesome and formidable protection tool,
polonus