If you found a bug post here your report.
Adware Cleaner and GPU-Z blacklisted by ESET
|
Frustrated Posts: 18
08/05/2019
|
For a month or two Adware Cleaner was blocked from being updated by NOD32 Eset antivirus. Now GPU-Z is also being blocked from being updated sine the site the updates are being hosted on is on a PUA blacklist
Time;URL;Status;Application;User;IP address;SHA1
5/8/2019 3:51:28 PM;https://dpcdn-s14x.pl;Blocked by PUA blacklist;E:\Downloads\SyMenu\SyMenu.exe;Win10\user;212.91.8.86;C16D17C7161774BF6E78632F4F9B4EADD05D0B15
|
|
|
link
|
|
Gianluca Administrator Posts: 1274
10/05/2019
|
It seems that your NOD32 version is not agreeing with the rest of the AV world even if itself.
See here: https://www.virustotal.com/gui/url/073554db4efea10a996c8e1c3845595c6b16e549549f44b9638fe675096466c0/detection
The report has been generated yesterday.
Plus you can check the web site here too https://www.ip-tracker.org/blacklist-check.php?ip=dpcdn-s14x.pl
Definitely not blacklisted.
Is your AV definitions updated?
edited by Gianluca on 10/05/2019
|
|
|
link
|
|
Frustrated Posts: 18
10/05/2019
|
VIrus definitions are updated multiple times per day. ESet indicated the 212.91.8.86 for the infraction and if one does a scan on that it does not come up clean IP https://www.virustotal.com/gui/url/7e0e1da6458088fb838bd091ccf9ce98e08a2cf0f2d20559c956106903255d29/detection
If one does a whois on dpcdn-s14x.pl it resolves to rev-212.91.8.86.atman.pl whose IP is 212.91.8.86
edited by Frustrated on 10/05/2019
|
|
|
link
|
|
Frustrated Posts: 18
10/05/2019
|
Norton Safe Site also has an issue with the site https://safeweb.norton.com/report/show?url=dpcdn-s14x.pl
|
|
|
link
|
|
Gianluca Administrator Posts: 1274
11/05/2019
|
Checking an IP is not always the best method to check for a web site trustfulness.
You can have hundred of domains on a single IP. Try for example to reverse lookup the ugmfree.it domain (https://viewdns.info/reverseip/?host=ugmfree.it&t=1). Well I hope I'm not sharing my web space with so many of them...
All that to say that you should always go with the domain name.
The Norton service highlights 4 files hosted on the web site. Three of them are hacking tool and we know how the AVs consider these kind of software. The forth seems to really be a virus.
So what's the point?
The Polish web site hosts one program with a virus, while they probably host thousands of others that are perfectly clean.
Is this enough to ban the entire web site?
IMHO it's not. And the other services I mentioned say it's not the same since the web site is not black listed.
Moreover we are downloading other files from there that are not affected.
What should a SyMenu user do with the programs hosted over a suspect web site?
Definitely what he wants. If he think it's too dangerous downloading from there he can download the package from a more trustful source and use those packages to install the program inside SyMenu. Or he can totally give up with that program.
I want to use this occasion to be clear as I never be.
Downloading anything from the Internet is always dangerous and SyMenu doesn't grant in any way that what you are downloading can't be harmfull for you PC!!!
When you first enter the program you accept a license that makes this very clear and legally effective.
Ok now that I'm good with my own protection, I can become nice again
Starting from the next version you will have a report from VirusTotal for every single program hosted in the SyMenu suite.
So you will have a further way to evaluate the trustability of the hosted programs.
If you want to play with this new feature, you can already do that downloading the SyMenu beta version from here: https://www.ugmfree.it/forum/messages.aspx?TopicID=721
edited by Gianluca on 11/05/2019
|
|
|
link
|