Author Topic: Comodo Site Inspector false posiitve  (Read 1714 times)

Offline ElenaRez

  • Comodo Member
  • **
  • Posts: 36
Comodo Site Inspector false posiitve
« on: August 06, 2019, 04:41:18 AM »
Hello,
Can you please help us remove a false positive, given to TweakBit download link by Comodo Site Inspector.
The detected URL: http://dynamicdownloads.tweakbit.com/prk/def/pc-repair-kit-setup
Detection name: Malware
VirusTotal result: https://www.virustotal.com/gui/url/4a0dca69e89a92c8f9c3b33c9d6e9e61953c3f3a8d4d9daa5483284d81b4153b/detection
The program is clean and a false positive was removed from it a while ago.
Please let me know if you need any additional information.
Thank you,
Elena

Offline Mathi R

  • Global Moderator
  • Comodo Loves me
  • *****
  • Posts: 149
Re: Comodo Site Inspector false posiitve
« Reply #1 on: August 08, 2019, 02:21:48 AM »
Hi Elenarez,

We are checking the issue and will update its status soon.

Thanks,
Mathi R

Offline ElenaRez

  • Comodo Member
  • **
  • Posts: 36
Re: Comodo Site Inspector false posiitve
« Reply #2 on: August 08, 2019, 03:33:27 AM »
Thank you, Mathi, looking forward to your reply.
Regards,
Elena

Offline Mathi R

  • Global Moderator
  • Comodo Loves me
  • *****
  • Posts: 149
Re: Comodo Site Inspector false posiitve
« Reply #3 on: August 15, 2019, 02:08:12 AM »
Hi Elenarwz,

The site www.tweakbit.com contains applications that are potentially unsafe for users, so it is not suitable for whitelisting.

Thanks,
Mathi R

Offline ElenaRez

  • Comodo Member
  • **
  • Posts: 36
Re: Comodo Site Inspector false posiitve
« Reply #4 on: August 15, 2019, 09:41:46 AM »
Hi Mathi,

Thank you for your reply.

Can you please specify which applications you consider unsafe and for what reason, because none of TweakBit programs are being detected by Comodo antivirus.

Thank you in advance,
Elena

Offline Mathi R

  • Global Moderator
  • Comodo Loves me
  • *****
  • Posts: 149
Re: Comodo Site Inspector false posiitve
« Reply #5 on: August 21, 2019, 12:52:35 AM »
Hi Elenarwz,

This vendor has the history of distributing several unsafe applications, here are the few examples for your reference.

Driver Updater

SHA-1   7e44eb31a520f9ced2514eefe17083230d88af5a
SHA-1   c6a077f2b1cf66cc8b0dc4d9955e1a1400585d05

PCRepairKit

SHA-1   f2484719524df82e2dd24ee91b67e2a62548337f
SHA-1   c71075fd66110c231dc58dd8a5e0b67ecf9e22fa

So, we chose to do on per-file/version detection removing rather than the entire site.

Thanks,
Mathi R

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek