Jump to content
remoteutilities

False Positive

Recommended Posts

Hi,

 

This is Josh, account manager for Usoris System, LLC. The developers of "[ENG]Remote Utilities" and "[RUS]RMS Remote Access" software. I'm writing here today for the removal of the riskware detections on our Russian Version.

 

Official Sites:

 

[ENG] Remote Utilities:  https://www.remoteutilities.com/

[RUS] RMS REmote Access: https://rmansys.ru/

 

Please note that RU and RMS are both legitimate software used by thousands of commercial clients for their day-to-day operations. All downloadable and executable files on our official sites are all signed with a valid DigiCert [ENG] and Thawte [RUS] code issued to Usoris System LLC (ENG) a.k.a TektonIT(RUS). 

 

The files being currently falsely detected can be directly download below on our Russian site: 

 

https://rmansys.ru/files/

Share this post


Link to post
Share on other sites

Hi,

 

This is no false positive. We detect correctly as RiskWare.RemoteAdmin, the same as other AVs flag this one as well.

https://www.virustotal.com/en/file/b6daf91fc45307fff001a61b9402ad19bd59dd72541427d39207991be6679219/analysis/

Main reason is because malware occasionally bundle these as well in order to get remote access to the victims pc. Hence why we call it Riskware as we cannot know if this was part of a malicious bundle, or if the user willingly installed this, so we alert the user here, just in case.

If they have willingly installed this, they can add to their ignore list.

We can however tweak our detection, so it won't detect the above ones.

Share this post


Link to post
Share on other sites

Please reconsider,

 

After reporting this False Positive for our Russian Version, it seems you guys also started to detect our English Version as "PUP.Optional.RemoteAdmin". We found out about this detection after one of our commercial clients that also happen to use Malwarebytes and Remote Utilities for their day-to-day operations raised this issue to our attention.

 

For now we've suggested to our client as a temporary fix to include our software to  Malwarebyte Ignore list until we've come into a resolutions with your A/V software. 

A Riskware or even a PUP detection on our software is unacceptable since majority of our users are commercial and enterprise clients that uses multiple hundreds of  operator and remote PCs. Suggesting the above as a permanent fix to our client/s that also uses Malwarebytes for their A/V protection to add our software to the ignore list individually per work PC is unprofessional and unimaginable. 

Share this post


Link to post
Share on other sites

Hi,

Normally this shouldn't be detected anymore after latest database updates. Can you verify this on your end as well?

Share this post


Link to post
Share on other sites

I haven't installed any software by "remoteutilities" company.

Malwarebytes scan revelead it was on my hard disk.

Can't find how it got there. 

 

Share this post


Link to post
Share on other sites

This is a couple year old thread. If you need assistance with checking out your computer please visit the malware removal forums.

 

Thanks.

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.