Webiste not infected

Hi,

Our website masiacancanal.com is marked as infected and users with avast can not acces to our site. We updated and cleaned the site, changed the server and didn’t find any malware, but the problem still appearing. Please could you help us with that issue?

Thank you.

What is the infection that avast detects ?

Hi,

Avast only says: This site could damage your computer, and do’nt allow to access to the site, after that the website appears as not available.

That is not a detection.
Please post a screenshot.

Vulnerable library detected :
http://retire.insecurity.today/#!/scan/105bcecb4d5836be1789f4302d548b8ad7291f8ddbc50bf74fb7db527f4c51a1

Outdated software :
https://sitecheck.sucuri.net/results/masiacancanal.com

Blacklisted :
https://www.virustotal.com/en/ip-address/62.138.138.14/information/

Blacklistings on that ASN :
http://urlquery.net/report.php?id=1483100300313

In 2015 there were detections for doc.php, but later this seemed safe to use…

Eddy is right, but there are also WordPress CMS issues and insecurities:
The following plugins were detected by reading the HTML source of the WordPress sites front page.

revslider
ultimate-gallery-master 1.3.1 latest release (1.3.1)
http://demo.webhuntinfotech.com/demo
waving-portfolio latest release (1.2.4.5)
http://www.itechflare.com/
cookie-law-info 1.5.3 latest release (1.5.3)
http://wordpress.org/extend/plugins/cookie-law-info/description/
nation-booking
wordpress-popup latest release (4.8.0.0)
http://premium.wpmudev.org/project/the-pop-over-plugin/
contact-form-7 4.6 latest release (4.6)
http://contactform7.com/
redforts-oscar-hotel-booking 1.3 latest release (1.3)
https://redforts.com
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.

Also check: Compromised sites will often contain embedded iframes that can also deliver malicious code to visitors of the web site. Check any discovered iframes and ensure they are legitimate.

https://wXw.google.com/maps/embed?pb=!1m19!1m8!1m3!1d11928.517850589269!2d2.398336!3d41.631333!3m2!1i1024!2i768!4f13.1!4m8!3e6!4m0!4m5!1s0x12a4cbc6b92fed7b%3A0x6cea9e7ff2f6c4e7!2sMasia+Can+Canal%2C+Camino+a+Can+Canal%2C+B-510%2C+08450+Llinars+del+Vallès%2C+Barcelona!3m2!1d41.631333!2d2.398336!5e0!3m2!1ses!2ses!4v1473318217474

F-status here: https://observatory.mozilla.org/analyze.html?host=masiacancanal.com

DOM-XSS issues: Results from scanning URL: -http://masiacancanal.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.1.1&ver=676bece2aa73098645e66c2f6157a345
Number of sources found: 41
Number of sinks found: 17

4 issues and therefore B-status: https://sritest.io/#report/157c1a44-4cd2-40b1-ad46-f08a13fa6b68

polonus (volunteer website security analyst and website error-hunter)

This was blocked a while ago due to Router CSRF attacks - I am unblocking the domain now!