Did your firewall not go to the length of saying what file name it was that was trying to connect ?
It may be a false positive on the symantec site, but you would have to chesk the detection by the firewal outbound check.
It is possible there is some information about the infection that matches an avast signature but that is speculation.
the actual writeup.jsp proved clean when downloaded and scanned by avast, VT shows 0/32 on writeup.jsp.
DrWeb shows clean on the URL link for Technical Details tab which is what avast is alerting on.
I have sent a FP email so we will have to see if they pick it up.