Potentially suspicious content

Viruses and worms
1

See: http://urlquery.net/report.php?id=1407682562765 → Detected javascript associated with malicious code
1 detection here: https://www.virustotal.com/nl/url/41b0d8b404d0c387b8f9582f81a9d577c08195971235806fb563bd888fdcbfcf/analysis/1407685526/
Two potential suspicious files: http://quttera.com/detailed_report/www.bestsitesptc.com
also here: http://app.webinspector.com/public/reports/23991690
Malware detected: http://sitecheck.sucuri.net/results/www.bestsitesptc.com
→ Known javascript malware. Details: http://sucuri.net/malware/entry/MW:JS:222
#22 JavaScript::Script (size: 324, repeated: 1) - Alert detect on script (Severity: 2) - wXw.bestsitesptc.com/ 207.7.84.50 - SHA256: 9e430dce3e86d3a2bf40e5d2c9f69d47710f5981f2fe3558eb71a7072161d227

Read about WP security: http://wordpress.org/support/topic/get-your-security-holes-fixed-damn-it
and http://www.webhostingtalk.com/showthread.php?t=1400116

pol

2

VirusTotal
https://www.virustotal.com/nb/file/3c923b50c08c2b0ec23fc09f7091dc3fc73c41b898302f610568bd8935d313e5/analysis/1407712751/

killmalware http://killmalware.com/www.bestsitesptc.com/

3

Hi Pondus,

Not widely detected and for us important, not flagged by avast!: http://support.clean-mx.de/clean-mx/viruses.php?virusname=TrojWare.JS.Iframe.fpa&sort=id%20DESC all alive and up for over 300 hrs.
Googled up on code flagged, see: https://www.google.nl/search?q=document.write(unescape(%27%253C%2573%2563%2572%2569%2570%2574%2520%2574%2579%2570%2565%253D%2522%2574%2565%2578%2574%252F%256A%2561%2576%2561%2573%2563%2572%2569%2570%2574%2522%253E%250A%2564%256F%2563%2575%256D%2565%256E%2574%252E%2577%2572%2569%2574%2565%2528%2575%256E%2565%2573%2563%2561%2570%2565%2528%2527%2525%2533%25&rlz=1C1CHNQ_nlNL595NL595&oq=document.write(unescape(%27%253C%2573%2563%2572%2569%2570%2574%2520%2574%2579%2570%2565%253D%2522%2574%2565%2578%2574%252F%256A%2561%2576%2561%2573%2563%2572%2569%2570%2574%2522%253E%250A%2564%256F%2563%2575%256D%2565%256E%2574%252E%2577%2572%2569%2574%2565%2528%2575%256E%2565%2573%2563%2561%2570%2565%2528%2527%2525%2533%25&aqs=chrome…69i57&sourceid=chrome&es_sm=122&ie=UTF-8

polonus