avast blocking my site

Viruses and worms
1

I have a problem. Avast anti-virus always blocking my website hxtp://samburskaya.com/ .
It’s in black list more than a month, but site has no any virus.
http://www.virustotal.com/url-scan/report.html?id=0d7208d97438aa62af64c0c07748b36b-1323854484

Where should I apply or what to do?

2

Please deactive the link to suspicious url address. (change http:// to hxxp://)
Looks like It was hacked. Which avast! shield blocks this URL? Network or WebShield?

3

VT isn’t very good on site checks, as it is just checking against a database.

This site is more use as an actual scanner and analysis - http://sitecheck.sucuri.net/scanner/ that finds it clean, image1.

One suspect at URLVoid, http://www.urlvoid.com/scan/samburskaya.com.

URLQuery - no alerts though reputation listed as suspicious, http://urlquery.net/report.php?id=11781.

I visited the home page and didn’t get an alert by avast, so you will have to be more detailed about the detection, full path, malware name, etc. but modify any link replace http with hXXp so that links aren’t active to avoid accidental exposure.

I used Firefox 8.0 with NoScript and selectively allowed the scripts on that page. I also use RequestPolicy add-on to prevent cross site scripting (and you have a lot of cross site scripts), selectively allowing those I still don’t get an alert.

There is an on-line contact form, http://www.avast.com/contact-form.php?loadStyles for:  * Sales inquiries; Technical issues; Website issues; Report false virus alert in file; Report false virus alert on website; Undetected Malware; Press (Media), issues. 

- If you are reporting an FP, then you get another input field open, click Browse button and enter the web URL for the site you wish to submit for review, etc. A link to this topic also wouldn't hurt.
4

Hi cvz1978,

Make that link non-click-trhough, please, like -http://samburskaya.com/

This code may be suspicious on your site:
-samburskaya.com/engine/classes/js/js.js suspicious
[suspicious:2] (ipaddr:213.155.22.224) (script) -samburskaya.com/engine/classes/js/js.js
status: (referer=samburskaya.com/)saved 19627 bytes 4e3813539f2862539e561714b2ac9902d4d2e7a4
info: [decodingLevel=0] found JavaScript
But you also have so-called Dean Edwards embedded code there and that must be what avast is flagging- running from -samburskaya.com/templates/94/js/jquery.galleryview-1.0.1-pack.js
and this contains a dropper like JS:ShellCode-EG[Expl]

polonus

P.S. There was other malware from that IP according to the latest VW listing and malcode is down now: unknown_html_google_malware RIPE UA abuse at hosting dot ua 213.155.22.224 to 213.155.22.224 remont-b dot ru at -http://remont-b.ru/?avan
see: http://urlquery.net/queued.php?id=11810 suspicious