Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

false positive for mimikatz and Metasploit software

geisenhorn

Recommended Posts

geisenhorn Newbie

geisenhorn

Posted
Posted

So that's that, there's no point in posting reports, you can just download and install those LEGITIMATE pentesting programs, from their LEGITIMATE websites, and open their folders, few files in each, like ruby gems, treated as false positives, hope IOBIT Malware Fighter team can deal with it faster than with whitelisting legitimate SSH server program (Bitvise SSH server).

Regards

GE

Link to comment
Share on other sites
Cicely Mentor

Cicely

Posted
Posted

Hi geisenhorn,

 

Thanks for your feedback.

 

 

Could you please send us report after the scan so that we can do further analysis? Because we can not find the link to download the software and we can not do a test.

 

Thanks in advance.

 

Link to comment
Share on other sites
geisenhorn Newbie

geisenhorn

Posted
  • Author
Posted
Hi geisenhorn,

 

Thanks for your feedback.

 

 

Could you please send us report after the scan so that we can do further analysis? Because we can not find the link to download the software and we can not do a test.

 

Thanks in advance.

 

 

 

It is UTTERLY impossible to "not find" the link to download that software since using ANY search engine will find in miliseconds just using the names I provided, so...really?

 

Scan report for mimikatz network penetration tool for network security specialists

 

IObit Malware Fighter

 

OS: Windows 10

Version: 4.3.1.2873

Database Version: 1587

Scan Mode: Manual

Scan Type: Right Scan

Scan Path: C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz

Time Elapsed: 00:00:01

Objects Scanned: 9

Threats Found: 7

Save Time: 10/12/2016 10:48:00 PM

Scan Status: Complete

 

|Name|Type|Description|ID|

Application.Hacktool.NJ, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\x64\mimidrv.sys, 0

Trojan.GenericKD.3465565, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\x64\mimilib.dll, 0

Application.Generic.1665721, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\x64\mimikatz.exe, 0

Gen:Variant.Application.Hacktool.Mimikatz.1, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\Win32\mimikatz.exe, 0

Gen:Variant.Application.Hacktool.Mimikatz.1, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\Win32\mimilib.dll, 0

Application.PassView.BS, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\Win32\mimilove.exe, 0

Gen:Variant.Application.Hacktool.Mimikatz.1, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\Win32\mimidrv.sys, 0

 

 

Scan report for Metasploit network penetration tool for network security specialists

 

IObit Malware Fighter

 

OS: Windows 10

Version: 4.3.1.2873

Database Version: 1587

Scan Mode: Manual

Scan Type: Right Scan

Scan Path: C:\Metasploit

Time Elapsed: 00:04:47

Objects Scanned: 80622

Threats Found: 115

Save Time: 10/12/2016 10:57:32 PM

Scan Status: Complete

 

|Name|Type|Description|ID|

Win32.Virus.Dropper, FILE, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\eicar.com, 3023093

Trojan.Generic, FILE, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_dotnetmem.dll, 4172490

Trojan.Generic, FILE, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_windows.exe, 4115813

Trojan.Backdoor, FILE, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_windows_svc.exe, 4046401

Gen:Variant.Zusy.146326, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-payloads-1.1.13\data\meterpreter\ext_server_kiwi.x86.dll, 0

Trojan.Generic.17815165, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-payloads-1.1.13\data\meterpreter\metsrv.x64.dll, 0

Generic.XPL.ADODB.DE32A0B2, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\payloads\singles\cmd\windows\download_exec_vbs.rb, 0

Generic.XPL.ADODB.272FC7C6, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\scada\scadapro_cmdexe.rb, 0

Trojan.Script.609715, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\fileformat\adobe_libtiff.rb, 0

Exploit.CVE-2008-2551.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\c6_messenger_downloaderactivex.rb=>(OCX), 0

JS:Exploit.JS.Agent.GL, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\mozilla_firefox_xmlserializer.rb=>(INFECTED_JS), 0

Trojan.Script.473686, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\ms10_042_helpctr_xss_cmd_exec.rb, 0

JS:Exploit.CVE-2014-0322.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\ms14_012_cmarkup_uaf.rb=>(INFECTED_JS), 0

Trojan.Exploit.HTML.Agent.Z, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\ms10_090_ie_css_clip.rb, 0

Generic.XPL.ADODB.7B16C75D, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\real_arcade_installerdlg.rb, 0

JS:Exploit.BlackHole.QD, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\multi\browser\firefox_queryinterface.rb=>(INFECTED_JS), 0

JS:Exploit.JS.Agent.GK, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\multi\browser\mozilla_navigatorjava.rb=>(INFECTED_JS), 0

JS:Exploit.Shellcode.AQ, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\lib\rex\exploitation\heaplib.js.b64=>(BASE64)=>(INFECTED_JS), 0

EICAR-Test-File (not a virus), file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\eicar.com, 0

Gen:Variant.Trojan.MAC.ShellCode.1, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_armle_darwin.bin, 0

MAC.OSX.GetShell.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_ppc_darwin.bin, 0

Application.MAC.OSX.GetShell.D, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x64_darwin.bin, 0

Gen:Variant.Razy.46074, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_windows.dll, 0

MAC.OSX.Exploit.GetShell.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_darwin.bin, 0

Gen:Trojan.Heur.FU.auW@aazp7nc, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_windows_svc.exe, 0

Trojan.Generic.11843463, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\post\bypassuac-x86.exe, 0

JS:Exploit.BlackHole.RV, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\js\memory\property_spray.js=>(INFECTED_JS), 0

Application.Metasploit.3603, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-5499.swf, 0

Trojan.Exploit.ANUR, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2009-3867.jar=>AppletX.class, 0

Exploit.CVE-2009-3869.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2009-3869.jar=>AppletX.class, 0

Exploit.CVE-2008-5353.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-5353.jar=>msf/x/AppletX.class, 0

Exploit.CVE-2008-5353.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-5353.jar=>msf/x/LoaderX.class, 0

Exploit.CVE-2008-5353.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-5353.jar=>msf/x/PayloadX.class, 0

Exploit.SWF.CVE-2010-1297.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2010-1297.swf, 0

Exploit.CVE-2010-3654.SWF.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2010-3654.swf, 0

Application.Metasploit.4837, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-0609.swf, 0

Script.SWF.C04, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-0611.swf, 0

Exploit.SWF.BB, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-2110.swf, 0

Exploit.Java.CVE-2012-0507.N, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0507.jar=>msf/x/Exploit.class, 0

Exploit.Java.CVE-2012-0507.N, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0507.jar=>msf/x/PayloadX$StreamConnector.class, 0

Exploit.Java.CVE-2012-0507.N, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0507.jar=>msf/x/PayloadX.class, 0

Exploit.Java.CVE-2012-0507.N, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0507.jar=>msf/x/Help.class, 0

Application.Metasploit.4345, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0754.swf, 0

Application.Metasploit.4127, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0779.swf, 0

Java.Exploit.CVE-2012-1723.AR, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-1723.jar=>cve1723/Attacker.class, 0

Application.Metasploit.3586, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-1723.jar=>cve1723/Confuser.class, 0

Java.Exploit.CVE-2012-0507.AI, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-1723.jar=>msf/x/PayloadX.class, 0

Exploit.CVE-2011-0097.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-0105.xlb, 0

Exploit.CVE-2014-1761.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2014-1761.rtf, 0

Exploit.CVE-2010-0188.D, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\iphone_libtiff.bin, 0

Application.Metasploit.3596, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\mp4player.swf, 0

Application.Metasploit.4130, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\mp4player.fla, 0

MAC.OSX.Exploit.TPwn.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\tpwn\tpwn, 0

Exploit.CVE-2010-3653.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\shockwave_rcsl.dir, 0

Trojan.GenericKD.2565544, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\ntapphelpcachecontrol\exploit.dll, 0

Java.Exploit.CVE-2013-2423.F, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\jre7u17\Exploit.class, 0

Exploit.CVE-2016-3714.Gen.3, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\imagemagick\delegate\msf.svg, 0

Trojan.Generic.18367893, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2016-0189\ielocalserver.dll, 0

Trojan.Generic.17957662, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2016-0189\ieshell32.dll, 0

Script.SWF.CVE-2015-5122+.C262, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-5122\msf.swf, 0

MAC.CVE-2015-1130.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-3673\exploit.daplug, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-3113\msf.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-3105\msf.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-3090\msf.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0359\msf.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0336\msf.swf, 0

Script.SWF.C240, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0318\Main.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0313\msf.swf, 0

Script.SWF.CVE-2015-5122+.C262, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-5119\msf.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0311\msf.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-8440\msf.swf, 0

Exploit.CVE-2014-6352.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-6352\template_run_as_admin\ppt\slides\slide1.xml, 0

Exploit.CVE-2014-6352.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-4114\template\ppt\slides\slide1.xml, 0

Trojan.Generic.14608111, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-4113\cve-2014-4113.x86.dll, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0569\msf.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0556\msf.swf, 0

Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0515\msf.swf, 0

Script.SWF.C80, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0497\Vickers.swf, 0

Script.SWF.C317, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0322\AsXploit.swf, 0

Trojan.Generic.14500379, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-4113\cve-2014-4113.x64.dll, 0

Exploit.CVE-2013-3906.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2013-3906\word\media\image1.jpeg, 0

Gen:Trojan.Heur.LP.ku4@aikJN5ni, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2013-5045\CVE-2013-5045.dll, 0

Java.Exploit.CVE-2013-2465.G, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2013-2465\Exploit.class, 0

Exploit.CVE-2013-1493.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-1493\MyBufferedImage.class, 0

Java.Exploit.CVE-2013-1488.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-1488\FakeDriver.class, 0

Java.Exploit.CVE-2013-1488.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-1488\FakeDriver2.class, 0

Java.Exploit.CVE-2013-2460.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-2460\Exploit.class, 0

Java.Exploit.CVE-2013-0431.F, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-0431\Exploit.class, 0

Java.Exploit.CVE-2013-0422.M, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-0422\Exploit.class, 0

Java.Exploit.CVE-2013-0422.P, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2012-5076_2\Exploit.class, 0

Java.Exploit.CVE-2012-5076.F, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2012-5076\Exploit.class, 0

Java.Exploit.CVE-2012-4681.D, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-4681\Exploit.class, 0

Application.Metasploit.3389, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-1535\Main.swf, 0

Java.Exploit.CVE-2013-0422.P, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2012-5088\Exploit.class, 0

Exploit.Java.CVE2011-3544.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2011-3544\Exploit.class, 0

Exploit.MSOffice.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-3400\CVE-2011-3400.vsd, 0

Application.Metasploit.3996, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-4452\AppletX.class, 0

Java.Exploit.CVE-2010-0842.E, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2010-0842\MixerMidiApplet.class, 0

Application.Metasploit.4803, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0013\word\embeddings\oleObject1.bin, 0

Exploit.Java.CVE-2010-0840.AB, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-0840\vuln\Link.class, 0

Java.Exploit.CVE-2010-0094.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-0094\payload.ser, 0

Java.Exploit.CVE-2010-0094.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-0094\PayloadCreater.class, 0

Java.Exploit.CVE-2010-0094.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-0094\PayloadClassLoader.class, 0

Application.Metasploit.3602, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-6508\lib\plugin-metasploit.jar, 0

Win32.Virus.Dropper, FILE, C:\Metasploit\apps\pro\ui\config\build\installer\eicar\eicar.com, 3023093

Application.Metasploit.3757, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\batik_svg\Exploit$1.class, 0

Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x64_windows.dll, 4011935

Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x64_windows.exe, 4011935

Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x64_windows_svc.exe, 4011935

Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x86_windows.dll, 4011935

Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x86_windows.exe, 4011935

Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x86_windows_svc.exe, 4011935

Win32.Virus.Dropper, FILE, C:\Metasploit\apps\pro\data\eicar\eicar.com, 3023093

EICAR-Test-File (not a virus), file, C:\Metasploit\apps\pro\ui\config\build\installer\eicar\eicar.com, 0

EICAR-Test-File (not a virus), file, C:\Metasploit\apps\pro\data\eicar\eicar.com, 0

 

 

 

Link to comment
Share on other sites
Cicely Mentor

Cicely

Posted
Posted

Hi geisenhorn,

 

After deep analysis, we found that the two programs you mentioned have malicious attacks. So it is not false positive. If you want to use them, you can add these items into whitelist. For your safety, it is suggested to remove them.

 

If you have any other issues, please feel free to tell us.

 

Have a nice day.

Link to comment
Share on other sites
geisenhorn Newbie

geisenhorn

Posted
  • Author
Posted
Hi geisenhorn,

 

After deep analysis, we found that the two programs you mentioned have malicious attacks. So it is not false positive. If you want to use them, you can add these items into whitelist. For your safety, it is suggested to remove them.

 

If you have any other issues, please feel free to tell us.

 

Have a nice day.

 

It IS a false positive, since:

Those "attacks" (by no chance malicius) can only be initiated from those programs by a concious action of a knowledgeable users (and only by those users who CONCIOUSLY downloaded that software to use it for it's intended purposes), NOT otherwise, moreover, those tools serve the purpose of strengthening the network security by performing aforementioned network penetration tests, and again blocking this software serves no purpose, since IOBIT Malware fighter CANNOT protect FROM those attacks, since its not a firewall, and it TRIES to no avail to delete the files on the PC of the users that consciously perform the "attacks" (penetration testing) on other devices<--which again CANNOT be protected by IOBIT Malware fighter since its not a firewall.

I hope you can see the logic of how pointless attempts of blocking this software are,

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...