Jump to content

NirSoft "False Positive"


Recommended Posts

pls. see here.......

http://www.nirsoft.net/false_positive_report.html

 

MBAM-Log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.20.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Michael :: MICHAEL-PC [Administrator]

20.10.2013 17:18:15
MBAM-log-2013-10-20 (17-35-37).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 211179
Laufzeit: 12 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 10
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\accesspv.exe (PUP.Password.Viewer) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\asterie.exe (PUP.Hacktool.PasswordHacker) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\iehv.exe (PUP.HistoryTool) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\LSASecretsView.exe (PUP.PwdDump) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\OperaPassView.exe (PUP.OperaPasswordTool) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\ProduKey.exe (PUP.PSWTool.ProductKey) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\SniffPass.exe (PUP.PswdSniffer) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\strun.exe (PUP.StartUpManager) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\VNCPassView.exe (PUP.VNCPasswordTool) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\NirSoft Utilities\WirelessNetView.exe (PUP.WirelessNetworkTool) -> Keine Aktion durchgeführt.

Thanks

 

Michael
 

Link to post
Share on other sites
  • Staff

These are not false positives though. These are detected correctly as PUP which means Potentially Unwanted Program. If you install these on purpose then they can be added to the ignore list.

 

Malware often uses these along with Legit users. That is why they are detected as PUP. Being sometimes we cannot tell which is using them. Malware or a legit user. 

Link to post
Share on other sites

They aren't False Positives. 

 

They are not flagged because they are malicious, they are flagged because they can be used maliciously and are flagged as Potentially Unwanted Programs (PUPs) and are not being flagged as malware.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.