Anyone getting certificate errors when trying to access the https version of the unchecky site? Heimdal only blocks the http version.
Unchecky Compromised?
- Thread starter upnorth
- Start date
- Jul 27, 2015
- 5,458
The real certificate is from Comodo and Heimdal PRO does also block the https version at least on my machine.
Curious enough I downloaded the software from the main source and installed it on a VM ( Virtual Machine ) just briefly to see if I could find anything suspicious. It creates a service called " unchecky_svc.exe " along with a child process " unchecky_bg.exe " and initially when first time started calls back to a Amazon server in Ashburn, Virginia USA. Quttera.com flags it with a reference that seams to be blacklisted but a quick check on that seams to be false or simply old information.
After about 30 minutes when I couldn't see any other outbound connections etc I killed the test. The one thing I did found odd was 3 checkboxes in the About page. Was for some reason impossible to uncheck and I never could understand what they where.
Last edited:
- Jul 27, 2015
- 5,458
If thats the case I wish they could have added some funny sound effects.Just a Pacman style joke, checkboxes doesn't do anything.Just like Windscribes.
View attachment 194323
- May 4, 2018
- 2,261
What's the recommendation for this then? Uninstall or leave as is. I use this on my current machine.
Thanks in advance.
~LDogg
Thanks in advance.
~LDogg
- Jul 27, 2015
- 5,458
Good question but do you really use it? On a regular basis I mean.
- May 4, 2018
- 2,261
On a regular basis, probably not. It's there I guess encase I forget to untick a box when reinstalled or updating software. Which I have a tendency to do xD
~LDogg
~LDogg
That's not true. There is mysterious 3th party vendor pages, neither fake Java download page linked to our products.... Are you using genuine SUMo binaries ?
Same is true if you use SUMo, kc-softwares.com is blocked,
Anyway if one think is a false positive can surely unblock I think,
I usually do a double check with Heimdal and PiHole,
the final response is given to urlscan.io, analyzing all the info given from that nice service
Not sure how false-positives are handled, because surely is a false positive,
maybe @Kyle_Katarn too should be informed
I have to admit Heimdal catch some things PiHole didn't and same PiHole catch some things Heimdal didn't, so added together they make a very nice layer
Thanks for letting me know. Hopefully it seems to be blocking kc-softwares.com only, which is our backup server.... Is SUMo still working correctly despire this on your system ?
@davisd It's possible that RK/Adware has been removed, the green Download fetches the Lite version. (SUMo_lite.exe | VirusTotal)
- Jul 27, 2015
- 5,458
Guess Heimdal Securitys global block list ain't something thats written in stone because I just tried unchecky.com again.
Last edited:
- May 4, 2018
- 2,261
Do we still think that Unchecky is compromised? If not I may just reinstall it.
~LDogg
~LDogg
- Jul 27, 2015
- 5,458
The poll gives a pretty good view and with the latest whitelist from Heimdal Security, I personal would now consider it safe enough but download the software from the main site as I suspect previous found infections came from unknown or less known sources.
Unchecky - Keeps your checkboxes clear
Last edited:
Similar threads
