Woody, your answer might help him because I would suspect that the only real safe way is a physical machine with live CD/DVD. Can't see why it's important to try to "decode" the malware but anyway. I would setup a physical machine with Linux live cd/dvd and do use something to see what a site tries to load. But while you can maybe see some Java or Flash stuff, most of the time it's not that easy to see the real code because it's encapsulted.
This is the reason most AV solutions can't detect it anymore. Times have changed greatly.
A VM (vendor independant) can be detected. BIOS and graphic card is a good way to see this. And it may exist code to bypass the VM restrictions. That's why I would prefer a seperate physic host.