Comodo Web Inspector

• Introduction To Comodo Web Inspector
• The Administrative Interface
  • Logging-in To The Administrative Interface
  • Adding Websites For Daily Blacklist Monitoring And Malware Scanning
  • Managing Websites In Web Inspector
    • Removing A Website From Daily Blacklist Monitoring And Malware Scanning
    • Viewing Last Scanned WI Reports
    • Adding The WI Logo To Your Website
    • Validating Your Website
    • General Website Configuration
      • Disabling / Enabling A Website
      • Changing WI Notification Recipient Email Address
      • Web Inspector Scan Reports
      • False Positives
      • Scanning Options
      • Adding Trust Logo To Your Website
  • Managing Your Account
    • Web Inspector Area
    • My Account
    • Help
    • Contacts
  • PCI Scanning
    • Starting Up With Web Inspector PCI Scanning Service
      • Introduction To The Interface
      • Running Your PCI Scan
      • Viewing Executive Report, Charts And Vulnerability Reports
      • Accessing The Self Assessment Questionnaire
    • PCI Scanning Service - Infrastructure
    • PCI Scan
      • Overview
      • List Of Devices
      • How To Create A New Device
      • Devices Management
      • Start Scanning
      • Viewing A Dashboard Summary Of Scan Results
      • Viewing Executive Report, Charts And Vulnerability Reports
    • Internal Scanning
      • How To Add A New Device
      • Internal Devices Management
      • How To Install The Agent
      • Configuring The Agent
      • Using The Agent - Main Menu
        • HackerGuardian Agent
        • Network Configuration
        • Select A Device For Session Profile
        • Diagnostic Console
        • Shutdown System
      • Start Device Scanning
      • Viewing A Dashboard Summary Of Scan Results
      • View Reports And Statistics
    • Account Preferences And Scan Settings
      • My Account Area
      • Configure Email Alert And Global Alert Options
      • Custom Settings
      • PCI Settings
    • Scheduled Scans
      • Adding A New Scan Schedule
    • Web Inspector PCI Reports
      • Viewing Scan Reports
        • Filtering Options
      • Executive Report
      • Charts Page
      • Vulnerability Report
      • Mitigation Plan
      • Reporting False Positives
      • Downloading Reports Pack
      • Tracking Status Of Submitted False Positives
    • Purchasing Additional IP Packs
  • Web Inspector PCI FAQs
    • Web Inspector PCI Services - General FAQ
    • Web Inspector PCI Services - Technical FAQ
    • PCI FAQ
• About Comodo Security Solutions

Web Inspector Scan Reports

 

The Web Inspector Scan Reports are highly informative graphical summaries of the malware affected status of enrolled websites. WI Reports include:

• Scan reports of all the web pages of websites enrolled for Daily Malware Scanning

• Scan reports of index /home pages of the websites enrolled for Daily Blacklist Monitoring

The 'Reports' interface displays a list of all the malware scan reports of the selected websites with the details on:

• the website/domain to which the report pertains

• the number of web pages (urls) scanned in that website

• creation date and time of the report

To view the last scan report of a specific website, click the 'Report' link at the right side in the row. Refer to 'Viewing Last Scanned WI Reports' for more details.

To view the reports list of a specific website, click the 'Manage' link at the right side in the row and click the 'Reports' link in the 'General Website Configuration' interface.

The complete list of daily run WI scan reports for the selected website will be displayed.

 

In the Reports area:

• the sites identified as safe and free from malware are highlighted in green

• the sites identified as suspicious are highlighted in yellow

• the sites identified as unsafe and containing malware are highlighted in red

• the sites that produced inconclusive scan results are highlighted in gray

The 'Reports of the website' interface for the selected website allows the administrator to:

• Filter the Reports

• View Detailed Reports of a website

• Remove outdated/unwanted reports
  
  

Using the Filter options

Sorting Reports based on Report Types - The drop-down menu at the top-right enables you to select the reports to be displayed based on scan results.

• Show all entries - Displays all the entries

• Show only Safe entries - Displays only the scan reports of the sites identified as safe and free from malware

• Show only Unsafe entries - Displays only the scan reports of the sites identified as unsafe and suspicious

• Show only Inconclusive entries - Displays only the scan reports of the sites on which the malware scanning yielded inconclusive results.

Limiting number of entries per page - You can limit the number of items displayed in the Reports page by selecting the option from 'Display' drop-down at the bottom.

Viewing Detailed Reports

The detailed scan report created on a particular date can be viewed by clicking the 'Report' link beside a listed item.

Tip: The most recent report for a specific website can be opened by clicking the 'Report' link against the website name in the 'List of Websites' interface. Refer to the section 'Viewing Last Scanned WI Reports' for more details.

The report page is divided into two sections namely:

• Report Summary - Provides an at-a-glance summary of status of the website, number of pages scanned, domain registration and contact details. The Summary area also contains a link to open a list of report on unsafe URLs found on the same IP address.

• Checked URLs - Gives a list of web pages (URLs) in the website, which are scanned with individual results.

Report Summary:

The Report Summary area provides at-a-glance summary of the scan results. It also gives:

• the IP address of the domain

• the domain registration details

• administrative/technical contact details of the domain

• Whois information for the website

Against each scanned activity in the left side of the report, a 'View Details' link will appear if found to be suspicious, high risk and inconclusive. Clicking on the 'View Details' besides an activity will display the detailed report for it. For example, the 'View Details' link besides 'Blacklist Checking' scan will display the warning that this is a high risk site.

• Clicking 'Advisory provided by Google' link will take you to the Google Safe Browsing FAQ page, that explains why this page is qualified for blacklisting, if found containing Malware.

 

Click the 'Return to Overview' link to go back to the report summary page.

Clicking on the 'View Details' link of other scanned activities will open the detailed report for the respective activity. Some examples of detailed report are shown below:

Example of detailed report for Malicious Activity

Clicking the 'Malicious activity detected' link will display the report for that particular page.

Click the 'Print report' link to take a print of the report for that page.

If you are sure that a page listed in the report is safe, you can report it as False Positive by clicking the 'Mark As FP' link beside. See the section 'False Positives' for more details.

Click the 'Return to Overview' link to return to the summary report screen.

Example of detailed report for Malware Downloads

Clicking the 'Suspicious details' link will display the report for that particular page.

Click the 'Print report' link to take a print of the report for that page.

If you are sure that a page listed in the report is safe, you can report it as False Positive by clicking the 'Mark As FP' link beside. See the section 'False Positives' for more details.

Click the 'Return to Overview' link to return to the summary report screen.

Checked URLs

The Checked URLs area provides a list of scanned web pages (urls) of the website.

The Checked URLs area displays the scan result of each and every page scanned; enables you to view the report details of individual pages, print the report for the pages identified as High Risk and Suspicious and report an unsafe page as 'False Positives'. You can also filter the reports to be viewed.

The details provided under each column are described below:

• URL - The url of the scanned page. If the full url could not be displayed within the width of the column, clicking on the displayed portion will open a pop-up showing the full url.

• Result - Shows the result of the malware scanning on the page. The result can be one of:

• Safe - The page contains no malicious code, files or activity

• Suspicious - The page is identified with suspicious code, file or behavior by the scanning engine

• High Risk - The page is identified with dangerous code, file or behavior by the scanning engine

• Inconclusive - The scan terminated without providing conclusive results.

• URL Detail – Provides a short description of the result. If the page is found unsafe, clicking on the description will open a pop-up with the report details.

• URL Report - Enables you to print the report on the page by clicking the 'Print report 'link.

• False Positive - Enables you to mark the page as 'False Positive'. See the section 'False Positive' for more details.

Removing reports for a particular website

Unwanted and outdated reports can be removed from Web Inspector Reports by clicking the 'Remove' link in the 'Reports of the website' interface.

A Confirmation dialog will appear.

• Click 'OK'. The selected report will be removed from Web Inspector.