False positive: ApplicUnsaf.Win32.HAckTool.Agent.~BACB[at]731140

[Guest]

[EricJH]

I believe this to be a false positive. It is a key generator and that makes it a potentially dangerous program.

I have CIS installed with Proactive settings and get 340/340 score on the Comodo Leak Test program. The program runs as isolated application. When watching it step by step it only gets flagged by CIS once for starting its self.

Here is the Virus Total analysis: http://www.virustotal.com/analisis/6e4305c1a379c3af75a28fb0d6ff4613 .

I submitted it by email.

[idem]

Hello.
This is not false positive.
This is key generator for Ahead Nero products developed by one of hackers groups, main purpose of this program - break software copy protection of legitimate commercial applications - so it was properly calssified as ApplicUnsaf.Win32.HackTool.Agent.
You can use it on your own risk.

[EricJH]

Thank you for your reply. I can see why it can be classified as riskware or potentially unsafe given the very background of the tool.

The name suggests it to be a hacktool (Which it is not as far as my assessment goes (it even works happily as limited application)).

May be I am misunderstanding the name of the category. Is the category a broad one for riskware in general even if the program is not compromising the system's integrity?

[JNavas]

Thank you for your reply. I can see why it can be classified as riskware or potentially unsafe given the very background of the tool.
The name suggests it to be a hacktool (Which it is not as far as my assessment goes (it even works happily as limited application)).
May be I am misunderstanding the name of the category. Is the category a broad one for riskware in general even if the program is not compromising the system's integrity?

I think that's the idea (hackware included in malware), and I personally think it compromises the malware mission to mix in other issues like hackware, but there you have it.

John

[Tags:]