Avast is blocking my site...

Readers from my website hxtp://pipocamoderna.com.br started complaining in the site’s Facebook page that the site was down. As the difficulties to access the site seemed to increase between our readers, we found out that Avast Antivirus was blocking the site. We also found that Sucuri.net got us blacklisted. Our host is the biggest company from South America and they swept the server looking for malware. Nothing was fond. But we proceed to scan every single file and replace every piece of program file in it, just in case. Google, Norton, Site Advisor e Yandex give us a clean domain result.
What else can I do to free my site from Avast blockage, since it is hurting us with traffic and ad revenue?

Sucuri
http://sitecheck.sucuri.net/results/pipocamoderna.com.br

Zulu
http://zulu.zscaler.com/submission/show/4ca574713da71b972116d67abbba8106-1347256403

URLVoid - also see the IP alarms at the bottom
http://www.urlvoid.com/scan/pipocamoderna.com.br/

So, as you can see in the links you provided above, Zulu says we’re Benign and the flag in AVG Threats says it only saw something in 27 august. We’ve been declared clean since that. And after I’ve complained to Sucuri, pipocamoderna.com.br got reviewed and cleared as well. It’s up to you now to let me return to my business, since I’m already getting an undeserved rap and being commercially hurt.
Please check it again on Sucuri and Zulu.

And see these other links as well:
http://safeweb.norton.com/report/show?url=pipocamoderna.com.br
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=pipocamoderna.com.br
http://www.yandex.com/infected?url=pipocamoderna.com.br&l10n=en

Wordpress internal path: /u/htdocs/webpoint/pipoca/public_html/wp-content/themes/thestars/index.php
Wordpress needs updating - WordPress version: WordPress 3.4.2
Wordpress Version 3.3 or 3.4 based on: htxp://pipocamoderna.com.br/wp-includes/js/autosave.js
WordPress theme: htxp://pipocamoderna.com.br/wp-content/themes/thestars/
Content after the html tag should be considered to be suspicious:
1229: < !–[if lte IE 6]> < sc​ript type≈ “text/javascript” src≈ “htxp://pipocamoderna.com.br/wp-content/themes/thestars/scripts/supersleight.js”> < / sc​ript > < ![endif]–>
1230: < sc​ript type≈ “text/javascript” src≈ “htxp://pipocamoderna.com.br/wp-content/themes/thestars//scripts/custom.js”> < / sc​ript >
1231: < !-- #google-analytics

polonus

I just tested that site,i dont get any alerts odd? ???

It’s because, after I’ve complained, Avast cleared me. But I’ve been blocked for two weeks. And Polonius is trying to justified it with comments on path and code. I was nearly lawyering up…

And Polonius is trying to justified it with comments on path and code. I was nearly lawyering up...
dont shot the messenger ....we just give you the info we find on the net so to find out why

Hi P1a55e,

As Pondus says, I never stated that your site at this moment is infected. It had 3 cases of remote file injection malware that has been closed or is no longer responding now. The malware was gone within 2 - 3 hrs at the utmost, that is good.
The only issue that I alerted you to is that the Word Press software version on your site is not fully updated for all of the site, so you have to check that what is outdated, just in case you do not want to be re-infected from attackers before you can say John Robinson because of WP vulnerabilities.
Also consider the bad web rep status for this domain as you connect to this via links, see: http://www.mywot.com/en/scorecard/s1.trrsf.com?utm_source=addon&utm_content=popup-donuts (so-called third party requests), s1.trrsf dot com is listed in OpenDNS’s Block Tool http://forums.opendns.com according to marco 2981 on WOT…

I wish you stay safe and secure online,

polonus

Polonus, the Wordpress is up to date, since we’re in Brazil and speak Portuguese. We can’t use an English version of Wordpress, only the newest availiable on our language - which is the one we’re using. You must think about that when you address the out of date aspect. I’ll seek out the link you’ve mentioned. It’s problably just a spam comment we’ve missed.