So here’s my problem…
I just bought a brand new desktop for around £900 ($1350+) and I downloaded the free Avast! antivirus.
When I first got it, my website would work, but then when I tried to get onto the .html file, it told me there’s a javascript virus…
My website has no viruses, only I have access to the source code and login info.
Avast is calling it a JS troj file (Image below)
I’ve tried adding the website to the exceptions on my internet security (control panel) aswell as Avast!'s person ones (where the .txt etc are).
I know there’s nothing wrong with the coding of the small javascript code, so no idea what is wrong.

Specs:
Browser - Firefox Version 3.6.12
OS - Windows 7 Premium
Avast Version - 5.0.677
Website URL; http://www.mark-forbes.zxq.net/
Javascript that’s on it:

<script type="text/javascript">
<!--
    function toggle_visibility(id) {
       var e = document.getElementById(id);
       if(e.style.display == 'block')
          e.style.display = 'none';
       else
          e.style.display = 'block';
    }
//-->
</script>

Image of the virus being detected -

http://img13.imageshack.us/img13/1353/avasts.png

If I don’t reply after a few days of posting, if the posters could please email me here and I’ll come back and look at the reply.

My website has no viruses, only I have access to the source code and login info.

VirusTotal - index.html - 16/43
http://www.virustotal.com/file-scan/report.html?id=3bcfd0b706049a5e83946889451a6436ce092bcfc0291932176a5d530592f45f-1290550820

Every 3.6 seconds a website is infected
http://www.scmagazineus.com/every-36-seconds-a-website-is-infected/article/140414/

I just bought a brand new desktop for around £900 ($1350+) and I downloaded the free Avast! antivirus.

I had used a redirector to redirect the website to http://www.mark-forbes.zxq.net/underconstruction.html
But I don’t remember using JS for that…

Avast! was the first antivirus I had installed. There was no previous installations prior to Avast!

It isn’t the script you posted in your first post, but a large chunk of obfuscated javascript after the closing Table tag and before the closing Body tag on the home page. See image1 for the location of the offending script tag and image2 with that single line broken down to show it easier in an image.

So it does looks like your site has been hacked, as there really shouldn’t be any need for this kind of obfuscation in a legit javascript.

Ahh, I’ll just edit the template thing and edit it out and see if it works.
I’ll update when I do that.

What you have to do if eliminate the vulnerability that allows the exploitation of the site to happen.

• This is commonly down to old content management software being vulnerable, PHP, Joomla, Wordpress, SQL, etc. etc.

Also see, Tips for Cleaning & Securing Your Website, http://www.stopbadware.org/home/security.

http://mark-forbes.zxq.net/
I’ve restarted the website now, there’s no problems

Thank you to all who helped me.

yepp comes up clean now

VirusTotal - index.html - 0/43
http://www.virustotal.com/file-scan/report.html?id=0b74231c3775b3f99b5afefebc4596d5a6edf6a2369aac6eab44c1a3589a8e9f-1290558402

You’re welcome, happy that you site is coming up clean now.