Avast is saying my website is a phishing scam - problem is i used nulled plugin

Hello,

i know it is sunday (not working day) but if someone on avast see this i need help about my site. Avast saying my site have virus and it is scam , not letting my customer go to shop. My site is not scam, the only problem i see is my plugin on wordpress that is nulled and it is elementor pro. I didnt update that plugin or replaced for months. I just removed that plugin.

Can someone just check my case i just send email to support.

Please support look my email registrated with my avast forum, that is the same email that I send you report. I need to my site get unban.

Best regards!

and i just want to add note: on every google security check my site is good, not blocked or have any type of virus. I know that is elementor pro and i removed that nulled plugin. I only have this now on avast.

Report Suspicious File or URL: https://www.avast.com/false-positive-file-form.php

Had you given the domain name (no http, etc.) then there are people in the forums that can run checks at other sites.
I have no idea what this “on every google security check my site is good” every google security check means ?

Yes i did 25 hours ago, but support do not reply.

I do not want to give domain name here on forum public, just read first my post. I sent my domain here https://www.avast.com/false-positive-file-form.php#pc 25 hours ago so I just want support to be able to see the domain . My domain does not have a single virus or is blocked in any way by Google.

Note: But it’s very strange to me that I can’t access the site because I have to set the antivirus to be blocked for, for example, 1 hour, while my visitors who are on a PC, as I can see from google analytics web, enter the site and make orders without the prospect of getting banned by the antivirus ( or they don’t have this antivirus)?

I see on forum people checking on this site too https://www.virustotal.com/ and my site do not have any virus , all green

Did you scan with a specific CMS scanner, e.g. hackertarget.com/wordpress-security-scan/ (WP website)
or scan at https://www.magereport.com/ (in case of a Magento shop)?

Often you can establish configuration errors there or find info on outdated plug-ins etc.

What did retire.js revealed about your website javascript libraries?
Or a webhint scan in the console via Ctrl+Shift+ I?

What is the verdict of avast wordly?
You have to wait for their final verdict, as it is their definitions.

We here are just volunteer 3rd party website-error hunters.

What were your scan results at Sucuri’s? Zscaler etc.?
VT as resources does not always have the last word.
And even allmighty Google misses out on detections sometimes.

polonus

Hello, yes i did. And 0 issues, all green. I think plugin did this, and i removed him. I will wait support to reply. Because people on PC they don’t seem to get messages from avast (or they don’t have that antivirus). Because I get orders, people normally pay for things in the store, they dont get errors about scams from Avast or something like that. But i get, i need to close avast for 1h to process customers orders.

edit: because I used the nulled elementor plugin for a while when I first started the store 2 years ago and I didn’t want to pay the full price of 200$+ and after 2 years I said let it stay like this, but I better have bought it, but i removed that plugin i know it is stupid but 100% im sure this plugin did it…

Hi povedholding,

Again file a FP report to avast’s via https://www.avast.com/false-positive-file-form.php

What is the status of the website at Avast Online Security & Privacy now?

Not only you but also all other WordPress website owners should read:
https://www.wordfence.com/blog/2023/08/demystifying-the-wordpress-vulnerability-landscape-2023-mid-year-wordfence-intelligence-wordpress-vulnerability-review-leveraging-chatgpt/

Still many website admins around, that did not have set user enumeration and directory listing to “disabled”.

Generally speaking CMS isn’t the problem, problems arise from outdated and no longer maintained plug-ins.

polonus