Web site False Positive (FP) , urgent matter

We need urgent matter on this issue, since we already sent email to support@avast.com and on Facebook and still no solution and no response.
We are travel agency in Serbia called Travel House, our company web site wxw.travelhouse.rs and since 10 days ago, Avast blocks the site and reports malware, but there is no virus or anything. It was checked several times, on all anti viruses, server, hosting, url…was checked by all our technical support. Therefore, it seems as from your side there is something which should be checked and changed - to unblock our site for users of Avast antivirus. We are losing clients by this, as our web site is important tool for us, and also we appear unprofessional if our web site shows to them as being infected, even tough it is not definitely.
I am waiting response asap please and the matter to be solved.
I am sending you the link which appears when trying to open web site.

http://www.avast.com/en-eu/lp-security-information-fp2?p_ext=0&utm_campaign=Virus_alert&utm_source=prg_fav_60_0&utm_medium=prg_systray&utm_content=.%2Ffa%2Fen-eu%2Fvirus-alert-challenger2&p_vir=al&p_prc=file://C:\Program%20Files%20(x86)\Internet%20Explorer\iexplore.exe&p_obj=http://www.travelhouse.rs/&p_var=.%2Ffa%2Fen-eu%2Fvirus-alert-default2&p_pro=0&p_vep=6&p_ves=0&p_lqa=0&p_lsu=24&p_lst=0&p_lex=357&p_lng=en&p_lid=en-eu&p_elm=7&p_vbd=1367

Kind regards,
Mirela Vidakovic

I have just visited the home page using firefox 10.0 and no blocking and no alerts.

So can you be more specific in the URL being detected (change http to hXXp, so the link isn’t active) or attach a screenshot of any avast alert window.

For clarification, I am an avast user not an avast employee.

Hello,
it should be fixed since yesteraday’s VPS update.

Milos

Hi vmirela,

A FP more than likely. Just some vulnerabilities to watch out for.
Found javascript eval for FB.XFBML.LikeBox. These Facebook plug-ins are a favorite tool for malware distribution. This being the only vulnearbilty issue I can see so-far from: http://urlquery.net/report.php?id=19566
Also ask for the Apache server to not give out the full version number like with the default settings, you give out too much to attackers that way. Go by this hardening rules:
http://www.thegeekstuff.com/2011/03/apache-hardening/ link article author RAMESH NATARAJA

and then there is this hick-up in the code to pay attention to:
-www.travelhouse.rs/scripts/cal86v2/js/calendar-eightysix-v1.1.js suspicious
[suspicious:2] (ipaddr:82.192.88.10) (script) -www.travelhouse.rs/scripts/cal86v2/js/calendar-eightysix-v1.1.js
status: (referer=-www.travelhouse.rs/)saved 24589 bytes b68d2e87c521ff8477b28be18748d0bf314661fb
info: [decodingLevel=0] found JavaScript
error: undefined variable Class
error: undefined variable Events
error: undefined variable Options
suspicious

Qua Network Acrivity this has been removed: about:blank 200 text/html OK
Do a check up here from time to time: http://www.whitefirdesign.com/resources/check-if-a-web-page-is-redirecting-when-accessed-from-google.html.
Malware for that IP is down for as far as I know.
Stay safe and secure,

polonus