Malicious website

Viruses and worms
1

Hi!

We own a website http://turist-cazare.ro which cannot be opened with Avast on your computer since a few weeks. Because the description of the malware wasn’t so specific, I would be pleased if you rechecked this site because I don’T think that it’s malicious. If it is please let us know what to fix on the site.

Below I paste other common url checkers which found it alright:
https://safeweb.norton.com/report/show?url=turist-cazare.ro
http://www.avgthreatlabs.com/website-safety-reports/domain/turist-cazare.ro
http://sitecheck.sucuri.net/results/turist-cazare.ro
http://scanurl.net/?u=turist-cazare.ro&uesb=Check+This+URL#results

Thank you for your help!

ps: I created this thread because i did not get any answers for my messeage through your contact form

2

http://zulu.zscaler.com/submission/show/df23808712abd43db2dc0d22113f7b70-1406799491

3

This is the malicious file there according to Quttera’s:
/cms/js/tabifier.js
Severity: Malicious
Reason: Detected known malicious content.
Details: Threat detected according to previously retrieved information
File size[byte]: 13847
File type: ASCII
MD5: F37ABA2D81F5759ED4F4584C77AA47DF

external element found to be suspicious: htxp://www.korpa.ro/ro/ecoturism/

Google Browser diff:
Not identical

Google: 43052 bytes Firefox: 42998 bytes
Diff: 54 bytes

First difference:

<img src="/images/icon_suitcase.gif" al...

But the following results are why avast is blocking.
You are on afraid dot org nameservers. ns1->ns4.afraid dot org.
Steer away from afraid dot org dns and avast may unblock your domain.
When you have come away from afraid dot org report here: www.avast.com/contact-form.php
An avast team member may then unblock your site.
I cannot because I am not an avast! team member, but a volunteer with relevant knowledge,
doing all this for the good of my soul and avast! community and so improving avast! detection.

polonus