Jump to content
jkstark

ANSWERED tecknetonline.com FP

Recommended Posts

Yet another apparent FP - tecknetonline.com

Virustotal: https://www.virustotal.com/gui/url/0cbe5aa2d1e244568479e2e175397db66f984e6aee4cb17927af3de1e26253d3/detection

 

Seems to me that "Riskware" should not block an entire domain even if there is some there - it should block the actual program that is shown to be problematic...  This seems like a bit of an overreach...

 

Kris

image.png.7ab2d495f492ae22db6ddb2cf4d85479.png

 

Seem

Share this post


Link to post
Share on other sites

Hello, 

Please see this file information: 

https://www.virustotal.com/gui/file/5f9a858a334f82118699b50897d879999288dc2e5f0cb38eb49cd05c7f6c0ebf/relations

 

Share this post


Link to post
Share on other sites

A single file on the domain?  Or is that even on that domain?  I see where it is referring to a keygen, but I have no idea where that is found - VT does not show the origin site.

Even then, I have to question the idea of blocking an entire domain unless the site is a source of a drive-by download, or is comprised mainly of malicious content.  For a single file to be the cause of a block seems a tad bit excessive if it requires knowledge of where the file is specifically...

This seems like the kind of a situation where informing the domain owner would be ideal to resolving, since it is a hardware manufacturer's site, and the particular domain is a redirect primarily - thus indicating a domain that probably does not always have a whole lot of attention paid to it since there should be nothing directly accessible there - or so it seems from a first glance...

Share this post


Link to post
Share on other sites

Here is the link: 

http://tecknetonline.com/download/xf-adobecc2014.exe

 

Share this post


Link to post
Share on other sites

OK - so the file is on their site...

I still question the logic of blocking the entire domain for a single file...  Note that I have no affiliation with the site other than trying to go there and get information on a product that I have...

Kris

Share this post


Link to post
Share on other sites
Posted (edited)

Yes we do focus our research on web threats, like those distributed via a domain. 

Edited by Zynthesist
add info

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.