Page 26 of 27
Re: PropertySystemView
Posted: Tue Feb 04, 2020 8:36 pm
by Specular
I took a peek at the edits page and noticed this was originally an entry for EaseUS Data Recovery Wizard Free, updated a few times between 2017-2018, including by webfork. Any particular reason this entry was completely repurposed (became adware, etc)?
Not sure if that also explains the half-star rating the current entry has (if it's a left-over from the original).
Re: New at NirSoft
Posted: Wed Feb 05, 2020 1:52 pm
by billon
Re: New at NirSoft
Posted: Wed Feb 05, 2020 3:21 pm
by Specular
billon wrote: ↑Wed Feb 05, 2020 1:52 pm
@
Specular
At least such entries are put to some good purpose.
Re: New at NirSoft
Posted: Thu Feb 06, 2020 5:55 am
by webfork
Re: New at NirSoft
Posted: Tue Mar 10, 2020 12:35 pm
by billon
Special wrote: ↑Mon Aug 26, 2019 7:13 am
InstalledAppView
InstalledAppView
InstalledAppView is a tool for Windows 10 that displays the details of Windows 10 apps installed on your system. For every Windows app, the following information is displayed: App Name, App Version, Registry Name, Registry Modified Time, Install Folder, Install Folder Owner, Uninstall Command, and more...
InstalledAppView allows you to load the Windows 10 apps list from your local system, remote computer on your network, and from external disk plugged to your computer.
InstalledAppView also allows you to view the XML files of the Windows app (AppxManifest.xml and AppxBlockMap.xml), uninstall apps, quietly uninstall apps, open the install folder of the app, and more...
InstalledAppView
Posted: Tue Mar 10, 2020 1:04 pm
by billon
Re: New at NirSoft
Posted: Tue Mar 10, 2020 2:10 pm
by Special
Seems safe...
Re: InstalledAppView
Posted: Fri Mar 13, 2020 7:11 pm
by webfork
Re: New at NirSoft
Posted: Fri Mar 27, 2020 12:57 pm
by billon
Special wrote: ↑Mon Aug 26, 2019 7:13 am
WinDefThreatsView
WinDefThreatsView
WinDefThreatsView is tool for Windows 10 that displays the list of all threats detected by Windows Defender Antivirus and allows you to easily set the default action (Allow, Quarantine, Clean, Remove, Block, or No Action) for multiple threats at once. You can use this tool on your local computer and also on remote computer, as long as you have permission to access WMI on the remote machine.
For every threat, the following information is displayed: Filename, Threat Name, Severity, Process Name, Initial Detect Time, Status Change Time, Remediation Time, Threat ID, Threat Status, Default Threat Action, and more...
System Requirements
This tool works only on Windows 10 and Windows 8.1.
WinDefThreatsView
Posted: Fri Mar 27, 2020 1:20 pm
by billon
Re: WinDefThreatsView
Posted: Sat Mar 28, 2020 7:46 am
by webfork
I love how the screenshot just has loads of Nirsoft false-positives. He made a really great tool to get around a Windows security problem specific to his software.
Re: New at NirSoft
Posted: Tue Apr 21, 2020 12:38 am
by SYSTEM
BTW, I ran into a blog post that explains how a malicious NPM package stole software developers' passwords with WebBrowserPassView.
https://blog.reversinglabs.com/blog/the ... -passwords
This is why many antiviruses detect NirSoft tools. If you have one in your system and it's not supposed to be there, it's likely an attack.
Re: New at NirSoft
Posted: Tue Apr 21, 2020 8:08 am
by Midas
Thanks, great read. And a real eye-opener -- leading to immediately (re-)set all my browsers master passwords, which unless one does so are just laying around in plaintext(
!) in a '
logins.json' file in your profile folder -- if you're a
Firefox user that is.
For general awareness (and
TL;DR), the article details how Nirsoft's
WebBrowserPassView can be a
PUA in certain contexts.
Also, please note the following highlights...
A single line of code that changes the logic of the program can be a backdoor that allows unauthorized access to the system. Similarly, a single line of code is all it takes for a script to reach out to a remote server and download instructions to execute on the infected machine. Because of this, such supply chain attacks are usually detected post-infection, by developers themselves, upon realization that something odd is going on in the system.
NPM, node package manager, aimed primarily at JavaScript developers, is one such behemoth. It hosts almost 9M packages, which in turn consist of 1.7 billion files, or just under 37.5TB worth of data - numbers that are only getting bigger with each passing day.
Re: New at NirSoft
Posted: Wed Jun 03, 2020 3:20 pm
by billon
Special wrote: ↑Mon Aug 26, 2019 7:13 am
SecurityQuestionsView
SecurityQuestionsView
SecurityQuestionsView is a tool for Windows 10 that allows you to view the security questions and their answers stored in the Registry by Windows 10 operating system.
SecurityQuestionsView can decrypt the security questions stored on your current running system (Requires elevation) and it can also decrypt the security questions stored on external hard drive.
SecurityQuestionsView displays the security questions of all users on your system that chose to set their security questions, for every user there are usually 3 questions.
SecurityQuestionsView
Posted: Wed Jun 03, 2020 3:23 pm
by billon