Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

geisenhorn

Members
  • Posts

    12
  • Joined

Converted

  • -OS -Security_Software -IObit_Software +Computer_Details
    Windows 10 Pro Technical Preview
    IOBit Malware Fighter Pro 4.3
    Free versions of most of the IObit products

Converted

  • Native Language
    english

geisenhorn's Achievements

Newbie

Newbie (1/14)

10

Reputation

  1. IObit Malware Fighter OS: Windows 10 Version: 5.3.0.4078 Database Version: 1698 Scan Mode: AutoCare-Idle Scan Type: Smart Scan Time Elapsed: 00:34:05 Objects Scanned: 202713 Threats Found: 2 Save Time: 03.11.2017 21:07:50 Scan Status: Complete |Name|Type|Description|ID| Gen:Variant.Graftor.272731, file, C:\Program Files (x86)\Ubisoft Game Launcher\upc.exe, 0 Gen:Variant.Graftor.272517, file, C:\Program Files (x86)\Ubisoft Game Launcher\UplayService.exe, 0 https://www.virustotal.com/#/file/5b...9341/detection https://www.virustotal.com/#/file/fc...c2ad/detection http://wikisend.com/download/371830/Downloads.7z
  2. It WAS set 7 days dowload (it's the default afterall) but this wikiasend site is buggy as heck, I tried to upload few times, first was successful (the link below, when I changed default 7 days to 90 days) 3 more tries ended with instead on showing the links on the site after it refreshed, it showed error that file was deleted DESPITE the fact I received each time download links via email. RouterPassView.7z
  3. RouterPassView is a software for recovering Wifi password from our own's Router's configuration file http://www.nirsoft.net/utils/router_..._recovery.html <--author's site IObit Malware Fighter OS: Windows 10 Version: 4.4.0.3072 Database Version: 1602 Scan Mode: Manual Scan Type: Right Scan Scan Path: C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Network\RouterPassView Time Elapsed: 00:00:00 Objects Scanned: 20 Threats Found: 1 Save Time: 12/4/2016 3:58:41 AM Scan Status: Complete |Name|Type|Description|ID| Gen:Application.Heur.emLfkeoW2PeO, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Network\RouterPassView\RouterPassView.exe, 0 zipped file for analysis RouterPassView.7z
  4. I ALREADY attached the report, but sure I can add new report with the same results (despite slight database update) ziped as well as the false positive file. false positive- Utility.7z weirdly enough wikiasend did not accept the log file, whether zipped or not (after supposedly correct upload, instead of showing correct download links, it would show " We are sorry, but the requested file doesn't exist or has expired and is no longer available." Hence yet again I'm coping the report below. IObit Malware Fighter OS: Windows 10 Version: 4.4.0.3072 Database Version: 1597 Scan Mode: Manual Scan Type: Right Scan Scan Path: C:\Program Files (x86)\Clover Time Elapsed: 00:00:01 Objects Scanned: 48 Threats Found: 1 Save Time: 11/17/2016 1:08:46 PM Scan Status: Complete |Name|Type|Description|ID| Adware.Generic.1704083, file, C:\Program Files (x86)\Clover\3.1\Utility.exe, 0
  5. IObit Malware Fighter OS: Windows 10 Version: 4.4.0.3072 Database Version: 1596 Scan Mode: Manual Scan Type: Right Scan Scan Path: C:\Program Files (x86)\Clover Time Elapsed: 00:00:01 Objects Scanned: 25 Threats Found: 1 Save Time: 11/14/2016 11:34:56 PM Scan Status: Complete |Name|Type|Description|ID| Adware.Generic.1704083, file, C:\Program Files (x86)\Clover\3.1\Utility.exe, 0 Clover is a hugely usefull chinese windows explorer enchancer, I did not notice any Adware behavior, zero ad stuff popping up.
  6. It IS a false positive, since: Those "attacks" (by no chance malicius) can only be initiated from those programs by a concious action of a knowledgeable users (and only by those users who CONCIOUSLY downloaded that software to use it for it's intended purposes), NOT otherwise, moreover, those tools serve the purpose of strengthening the network security by performing aforementioned network penetration tests, and again blocking this software serves no purpose, since IOBIT Malware fighter CANNOT protect FROM those attacks, since its not a firewall, and it TRIES to no avail to delete the files on the PC of the users that consciously perform the "attacks" (penetration testing) on other devices<--which again CANNOT be protected by IOBIT Malware fighter since its not a firewall. I hope you can see the logic of how pointless attempts of blocking this software are,
  7. It is UTTERLY impossible to "not find" the link to download that software since using ANY search engine will find in miliseconds just using the names I provided, so...really? Scan report for mimikatz network penetration tool for network security specialists IObit Malware Fighter OS: Windows 10 Version: 4.3.1.2873 Database Version: 1587 Scan Mode: Manual Scan Type: Right Scan Scan Path: C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz Time Elapsed: 00:00:01 Objects Scanned: 9 Threats Found: 7 Save Time: 10/12/2016 10:48:00 PM Scan Status: Complete |Name|Type|Description|ID| Application.Hacktool.NJ, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\x64\mimidrv.sys, 0 Trojan.GenericKD.3465565, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\x64\mimilib.dll, 0 Application.Generic.1665721, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\x64\mimikatz.exe, 0 Gen:Variant.Application.Hacktool.Mimikatz.1, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\Win32\mimikatz.exe, 0 Gen:Variant.Application.Hacktool.Mimikatz.1, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\Win32\mimilib.dll, 0 Application.PassView.BS, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\Win32\mimilove.exe, 0 Gen:Variant.Application.Hacktool.Mimikatz.1, file, C:\Users\dawid.EISENHORN\Google Drive\Oprogramowanie\Pentesting\mimikatz\Win32\mimidrv.sys, 0 Scan report for Metasploit network penetration tool for network security specialists IObit Malware Fighter OS: Windows 10 Version: 4.3.1.2873 Database Version: 1587 Scan Mode: Manual Scan Type: Right Scan Scan Path: C:\Metasploit Time Elapsed: 00:04:47 Objects Scanned: 80622 Threats Found: 115 Save Time: 10/12/2016 10:57:32 PM Scan Status: Complete |Name|Type|Description|ID| Win32.Virus.Dropper, FILE, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\eicar.com, 3023093 Trojan.Generic, FILE, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_dotnetmem.dll, 4172490 Trojan.Generic, FILE, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_windows.exe, 4115813 Trojan.Backdoor, FILE, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_windows_svc.exe, 4046401 Gen:Variant.Zusy.146326, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-payloads-1.1.13\data\meterpreter\ext_server_kiwi.x86.dll, 0 Trojan.Generic.17815165, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-payloads-1.1.13\data\meterpreter\metsrv.x64.dll, 0 Generic.XPL.ADODB.DE32A0B2, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\payloads\singles\cmd\windows\download_exec_vbs.rb, 0 Generic.XPL.ADODB.272FC7C6, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\scada\scadapro_cmdexe.rb, 0 Trojan.Script.609715, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\fileformat\adobe_libtiff.rb, 0 Exploit.CVE-2008-2551.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\c6_messenger_downloaderactivex.rb=>(OCX), 0 JS:Exploit.JS.Agent.GL, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\mozilla_firefox_xmlserializer.rb=>(INFECTED_JS), 0 Trojan.Script.473686, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\ms10_042_helpctr_xss_cmd_exec.rb, 0 JS:Exploit.CVE-2014-0322.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\ms14_012_cmarkup_uaf.rb=>(INFECTED_JS), 0 Trojan.Exploit.HTML.Agent.Z, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\ms10_090_ie_css_clip.rb, 0 Generic.XPL.ADODB.7B16C75D, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\windows\browser\real_arcade_installerdlg.rb, 0 JS:Exploit.BlackHole.QD, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\multi\browser\firefox_queryinterface.rb=>(INFECTED_JS), 0 JS:Exploit.JS.Agent.GK, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\modules\exploits\multi\browser\mozilla_navigatorjava.rb=>(INFECTED_JS), 0 JS:Exploit.Shellcode.AQ, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\lib\rex\exploitation\heaplib.js.b64=>(BASE64)=>(INFECTED_JS), 0 EICAR-Test-File (not a virus), file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\eicar.com, 0 Gen:Variant.Trojan.MAC.ShellCode.1, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_armle_darwin.bin, 0 MAC.OSX.GetShell.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_ppc_darwin.bin, 0 Application.MAC.OSX.GetShell.D, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x64_darwin.bin, 0 Gen:Variant.Razy.46074, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_windows.dll, 0 MAC.OSX.Exploit.GetShell.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_darwin.bin, 0 Gen:Trojan.Heur.FU.auW@aazp7nc, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\templates\template_x86_windows_svc.exe, 0 Trojan.Generic.11843463, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\post\bypassuac-x86.exe, 0 JS:Exploit.BlackHole.RV, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\js\memory\property_spray.js=>(INFECTED_JS), 0 Application.Metasploit.3603, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-5499.swf, 0 Trojan.Exploit.ANUR, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2009-3867.jar=>AppletX.class, 0 Exploit.CVE-2009-3869.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2009-3869.jar=>AppletX.class, 0 Exploit.CVE-2008-5353.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-5353.jar=>msf/x/AppletX.class, 0 Exploit.CVE-2008-5353.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-5353.jar=>msf/x/LoaderX.class, 0 Exploit.CVE-2008-5353.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-5353.jar=>msf/x/PayloadX.class, 0 Exploit.SWF.CVE-2010-1297.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2010-1297.swf, 0 Exploit.CVE-2010-3654.SWF.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2010-3654.swf, 0 Application.Metasploit.4837, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-0609.swf, 0 Script.SWF.C04, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-0611.swf, 0 Exploit.SWF.BB, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-2110.swf, 0 Exploit.Java.CVE-2012-0507.N, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0507.jar=>msf/x/Exploit.class, 0 Exploit.Java.CVE-2012-0507.N, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0507.jar=>msf/x/PayloadX$StreamConnector.class, 0 Exploit.Java.CVE-2012-0507.N, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0507.jar=>msf/x/PayloadX.class, 0 Exploit.Java.CVE-2012-0507.N, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0507.jar=>msf/x/Help.class, 0 Application.Metasploit.4345, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0754.swf, 0 Application.Metasploit.4127, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0779.swf, 0 Java.Exploit.CVE-2012-1723.AR, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-1723.jar=>cve1723/Attacker.class, 0 Application.Metasploit.3586, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-1723.jar=>cve1723/Confuser.class, 0 Java.Exploit.CVE-2012-0507.AI, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-1723.jar=>msf/x/PayloadX.class, 0 Exploit.CVE-2011-0097.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-0105.xlb, 0 Exploit.CVE-2014-1761.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2014-1761.rtf, 0 Exploit.CVE-2010-0188.D, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\iphone_libtiff.bin, 0 Application.Metasploit.3596, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\mp4player.swf, 0 Application.Metasploit.4130, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\mp4player.fla, 0 MAC.OSX.Exploit.TPwn.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\tpwn\tpwn, 0 Exploit.CVE-2010-3653.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\shockwave_rcsl.dir, 0 Trojan.GenericKD.2565544, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\ntapphelpcachecontrol\exploit.dll, 0 Java.Exploit.CVE-2013-2423.F, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\jre7u17\Exploit.class, 0 Exploit.CVE-2016-3714.Gen.3, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\imagemagick\delegate\msf.svg, 0 Trojan.Generic.18367893, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2016-0189\ielocalserver.dll, 0 Trojan.Generic.17957662, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2016-0189\ieshell32.dll, 0 Script.SWF.CVE-2015-5122+.C262, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-5122\msf.swf, 0 MAC.CVE-2015-1130.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-3673\exploit.daplug, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-3113\msf.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-3105\msf.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-3090\msf.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0359\msf.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0336\msf.swf, 0 Script.SWF.C240, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0318\Main.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0313\msf.swf, 0 Script.SWF.CVE-2015-5122+.C262, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-5119\msf.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2015-0311\msf.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-8440\msf.swf, 0 Exploit.CVE-2014-6352.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-6352\template_run_as_admin\ppt\slides\slide1.xml, 0 Exploit.CVE-2014-6352.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-4114\template\ppt\slides\slide1.xml, 0 Trojan.Generic.14608111, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-4113\cve-2014-4113.x86.dll, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0569\msf.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0556\msf.swf, 0 Script.SWF.C318, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0515\msf.swf, 0 Script.SWF.C80, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0497\Vickers.swf, 0 Script.SWF.C317, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-0322\AsXploit.swf, 0 Trojan.Generic.14500379, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2014-4113\cve-2014-4113.x64.dll, 0 Exploit.CVE-2013-3906.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2013-3906\word\media\image1.jpeg, 0 Gen:Trojan.Heur.LP.ku4@aikJN5ni, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2013-5045\CVE-2013-5045.dll, 0 Java.Exploit.CVE-2013-2465.G, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2013-2465\Exploit.class, 0 Exploit.CVE-2013-1493.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-1493\MyBufferedImage.class, 0 Java.Exploit.CVE-2013-1488.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-1488\FakeDriver.class, 0 Java.Exploit.CVE-2013-1488.B, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-1488\FakeDriver2.class, 0 Java.Exploit.CVE-2013-2460.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-2460\Exploit.class, 0 Java.Exploit.CVE-2013-0431.F, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-0431\Exploit.class, 0 Java.Exploit.CVE-2013-0422.M, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2013-0422\Exploit.class, 0 Java.Exploit.CVE-2013-0422.P, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2012-5076_2\Exploit.class, 0 Java.Exploit.CVE-2012-5076.F, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2012-5076\Exploit.class, 0 Java.Exploit.CVE-2012-4681.D, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-4681\Exploit.class, 0 Application.Metasploit.3389, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-1535\Main.swf, 0 Java.Exploit.CVE-2013-0422.P, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2012-5088\Exploit.class, 0 Exploit.Java.CVE2011-3544.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2011-3544\Exploit.class, 0 Exploit.MSOffice.Gen, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2011-3400\CVE-2011-3400.vsd, 0 Application.Metasploit.3996, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-4452\AppletX.class, 0 Java.Exploit.CVE-2010-0842.E, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2010-0842\MixerMidiApplet.class, 0 Application.Metasploit.4803, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2012-0013\word\embeddings\oleObject1.bin, 0 Exploit.Java.CVE-2010-0840.AB, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-0840\vuln\Link.class, 0 Java.Exploit.CVE-2010-0094.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-0094\payload.ser, 0 Java.Exploit.CVE-2010-0094.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-0094\PayloadCreater.class, 0 Java.Exploit.CVE-2010-0094.A, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\cve-2010-0094\PayloadClassLoader.class, 0 Application.Metasploit.3602, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\CVE-2008-6508\lib\plugin-metasploit.jar, 0 Win32.Virus.Dropper, FILE, C:\Metasploit\apps\pro\ui\config\build\installer\eicar\eicar.com, 3023093 Application.Metasploit.3757, file, C:\Metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\metasploit-framework-4.12.17\data\exploits\batik_svg\Exploit$1.class, 0 Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x64_windows.dll, 4011935 Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x64_windows.exe, 4011935 Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x64_windows_svc.exe, 4011935 Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x86_windows.dll, 4011935 Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x86_windows.exe, 4011935 Trojan.Agent, FILE, C:\Metasploit\apps\pro\data\exe_templates\template_x86_windows_svc.exe, 4011935 Win32.Virus.Dropper, FILE, C:\Metasploit\apps\pro\data\eicar\eicar.com, 3023093 EICAR-Test-File (not a virus), file, C:\Metasploit\apps\pro\ui\config\build\installer\eicar\eicar.com, 0 EICAR-Test-File (not a virus), file, C:\Metasploit\apps\pro\data\eicar\eicar.com, 0
  8. So that's that, there's no point in posting reports, you can just download and install those LEGITIMATE pentesting programs, from their LEGITIMATE websites, and open their folders, few files in each, like ruby gems, treated as false positives, hope IOBIT Malware Fighter team can deal with it faster than with whitelisting legitimate SSH server program (Bitvise SSH server). Regards GE
  9. BvShell.7z <--it's a copy, since original after whitelisting was in use by the SSH serwer software which aforementioned file is part of After program update (btw, how come no popup about update appeared from the program, heck, even when I clicked update, I got "no new versions available"), after update it stills gets detected but as a DIFFERENT threat 0.o IObit Malware Fighter OS: Windows 10 Version: 4.3.1.2873 Database Version: 1586 Scan Mode: Manual Scan Type: Right Scan Scan Path: C:\Program Files\Bitvise SSH Server Time Elapsed: 00:00:04 Objects Scanned: 101 Threats Found: 1 Save Time: 10/10/2016 12:27:17 PM Scan Status: Complete |Name|Type|Description|ID| Gen:Variant.Adware.Ghokswa.4, file, C:\Program Files\Bitvise SSH Server\BvShell.exe\BvShell.exe, 0 BTW Kaspersky Online Scanner [TABLE=class: tbli, width: 518] [TR] [TD]Scan result[/TD] [TD]File is safe[/TD] [/TR] [TR] [TD]File size[/TD] [TD]2,92MB[/TD] [/TR] [TR] [TD]File type[/TD] [TD]PE32/EXE[/TD] [/TR] [TR] [TD]Date of scan[/TD] [TD]2016-10-10 12:36:49[/TD] [/TR] [TR] [TD]Bases release date[/TD] [TD]2016-10-10 09:22:27 UTC[/TD] [/TR] [TR] [TD]MD5[/TD] [TD]8a0c3c97574c49d7625e9d2931a7e36f[/TD] [/TR] [TR] [TD]SHA1[/TD] [TD]2d2a6067505e70c183b267b2be49bc63f498c6a1[/TD] [/TR] [TR] [TD]SHA256[/TD] [TD=class: long-word]963dc35388ae51e9945f5099597eb98ff91eb3f96b01696413264572fe107343[/TD] [/TR] [/TABLE]
  10. IObit Malware Fighter OS: Windows 10 Version: 4.3.0.2688 Database Version: 1586 Scan Mode: Manual Scan Type: Smart Scan Time Elapsed: 00:53:34 Objects Scanned: 104474 Threats Found: 1 Save Time: 10/9/2016 2:00:45 PM Scan Status: Complete |Name|Type|Description|ID| Gen:Variant.Graftor.308577, file, C:\Program Files\Bitvise SSH Server\BvShell.exe, 0 This file was last analysed by VirusTotal on 2016-09-01 00:46:28 UTC (1 miesi?c, 1 tydzie?ago) it was first analysed by VirusTotal on 2016-08-04 00:37:08 UTC. Wspó?czynnik wykrycia: 0/58
×
×
  • Create New...