Drive-by download malicious warnings keep appearing on our domains

Our domains keep getting tagged as malicious and I need to figure out why.

About 6 months ago, we were notified by our customers that they were getting Norton warnings that two of our domains were malicious. When I checked with Safe Web, the URLs listed as malicious were bizarre, ending with a tilde.  The type of malicious page was listed as "Drive-By Downloads"  I don't seem to have a record of the original URLs from months ago, but I was able to verify that those URLs were not valid on our site.  In any case, I made sure all our security and software were updated to the latest versions, and requested re-evaluation, and both sites were cleared.

I thought that would be the end of it, but now we're getting a similar malicious warning on a different domain, again "Drive-By Downloads", this time with just the root domain and a tilde extension ~mini04.  I've verified that our software is up-to-date again and requested a re-evaluation for this domain as well.

What could be causing these warnings?  Who or what is mini04 and how do I stop drive-by downloads from happening in relation to our site?  We've already updated everything and have actually even changed to a new web hosting service in between the two incidents.  The malicious warnings are affecting our online business.

Thanks for your help!