Avast is blocking it but I've run a number of online screening

Viruses and worms
1

Avast is blocking it but I’ve run a number of online detectors without success. Could you please give me some advise? Thx!

neo-tantra.es

2

as i replyed in your previous post today → https://forum.avast.com/index.php?topic=179230.msg1268766#msg1268766

INFECTED https://sitecheck.sucuri.net/results/resto-web.es

INFECTED https://sitecheck.sucuri.net/results/neo-tantra.es

*This site was just scanned a few minutes ago.Force a Re-scan to clear the cache.

3

Malware on the website, spam and phishing coming from that host…

The site is blocked because it contains malware.
http://www.web-malware-removal.com/website-malware-virus-scanner/url=neo-tantra.es
https://sitecheck.sucuri.net/results/neo-tantra.es
http://multirbl.valli.org/lookup/192.254.189.67.html

IP is also blocked :
http://urlquery.net/report.php?id=1447772811131
http://urlquery.net/report.php?id=1447772976649
http://zulu.zscaler.com/submission/show/3708d46a50b999c08767f2acf49c7d27-1447772667

4

Yep, code on website should be retired as vulnerable: Detected libraries:
jquery-migrate - 1.2.1 : -http://neo-tantra.es/wp-includes/js/jquery/jquery-migrate.min.js?ver=cbdfedb36cf6d9f4215b632ec6bdb6aa
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
1 vulnerable library detected

You should take issues up with your hoster of those that maintain the code on that website.

Check your WP plug-ins: WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.

wp-super-cache latest release (1.4.6)
http://wordpress.org/plugins/wp-super-cache/
asesor-cookies-para-la-ley-en-espana latest release (0.21)
http://webartesanal.com
sitepress-multilingual-cms
jetpack latest release (3.8.0)
http://jetpack.me
jinda-facebook-lightbox latest release (1.1.1)
http://www.jindatheme.com/blog/jinda-facebook-lightbox-wordpress-plugin
addthis latest release (5.2.0)
http://www.addthis.com
bigbluebutton latest release (1.4.2)
http://blindsidenetworks.com/integrations/wordpress
google-analyticator latest release (6.4.9.6)
http://www.videousermanuals.com/google-analyticator/
iframe-popup latest release (1.8)
http://www.gopiplus.com/work/2014/04/13/iframe-popup-wordpress-plugin/
wp-webinarsystem latest release (1.2.1)
http://www.wpwebinarsystem.com
slide-in-popup latest release (0.1)
http://www.vuleticd.com/products/wordpress-plugins/slide-in-popup/
icegram latest release (1.9.9)
http://www.icegram.com/

Warning Directory Indexing Enabled
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.

/wp-content/uploads/ enabled

polonus (volunteer website security analyst and website error-hunter)