I am the owner of NEPARedline[dot]com which was registered on September 08, 2012 through Register[dot]com and is currently hosted on an Ubuntu VPS provided by Burst.Net in their Scranton, PA data center.
I have received several reports from others and have tested myself, Avast is currently listing my site as a malicious site in IE7, IE8, Chrome, and Firefox on Windows 7, Vista, and XP, both 32 and 64 bit.
According to both Virustotal and Avast [your own] online scanners, my site is clean. Please see the links below:
Issue is with Gleam theme, partly outdated WP version on site…
(script) neparedline dot com/wp-content/themes/Gleam/js/html5.js
The 4um site is also suspicious: http://zulu.zscaler.com/submission/show/1903b6a97815c4f02e7441a7f64cf62e-1349348280
The location line in the header above has redirected the request to: htxp://neparedline.com/4um/
code injection hack found here /index.php?sid=050779c3b43a559ac84e9e25cc4d2d8f redirect…
This Zulu scanner is garbage and throws a warning at any type of javascript. It displays a bunch of false positives and is a great way to sell software to people who are fed anything when it comes to security due to their lack of knowledge.
While the Gleam theme and WP are a few versions behind, there are no issues with either of them. As far as the forum goes, it is running the latest version of PHPBB3.
Again, Avast is saying my site is serving malware, it is not.
Zulu.zscaler scans are reliable, no scam whatoever, and based on various resources. I use the scanner not the way they try rto sell products. Sucuri came up with similar detection.
2. Being behind with website software updates leaves you open to hacks. Hackers and automated crawler malversant tool are “dorking” for an easy hack and you have the low hanging fruit like an easy or black hat PHP hack ready for them.
Oh, yet a third point,
Most website admins go into denial mode when being infected. It is a known reaction,
I know how it all works, scanning for open exploits/etc, but just because it’s an older version does not make it vulnerable. Being behind on updates does not make the website open to hacks, it just means that the latest features are not included. In the version log there is nothing claiming that any vulnerabilities or security holes have been patched or updated, after searching multiple different security based websites, there are no exploits or holes in any of the scripts that I am using. There are no vulnerabilities in the theme, plugins, wordpress version, or phpbb version that I am running, not even 0days.
As far as going in to denial? I’m not. I work for a web hosting company and know the drill, I keep offsite backups of the site that are made daily in case anything ever does happen and have multiple measures in place to log the event if anything ever does occur.
The site is blocked through a blacklisted IP, infection is JS:ScriptIP-inf[Trj] → your ip/btnG=[{gzip} via a perl exploit,
actual status of IP not known,
IP is blacklisted and blocked by the networkshield because of issues -
Well I do not question your skills, as I assume you do not question mine.
Be it as you say, because I am open enough to accept that possibility.
The fact remains that another domain shared on that IP has caused the IP to be blacklisted (McAfee SiteAdvisor still blacklists it)
and something should be done about that.
The problem is given here: http://www.urlvoid.com/ip/184.82.79.74/
Your site is the victim because of the other site hosted there caused the IP ban.
It has HTML:RedirMe-inf[Trj]. You say you are the netsite owner,
So the problem apparently is with the hoster and the infection on that IP there.
See this report: http://sitevet.com/db/asn/AS21788 with 2601 blacklisted sites on that AS.
By the way from a file viewer alert: //** Is your rel canonical tag pointing to another domain?
There may not be issues now for your domain, there were a couple of days ago to cause the blacklisting at IP Void (now given all green).
If you feel clean, file a report for a FP here: http://www.avast.com/contact-form.php?loadStyles
Then it is up to the analysts at virus AT avast dot com.
They are known to soon come with updates to correct FPs,