Community
RU removed by Bitdefender
Links used in this discussion
Links used in this discussion
- https://www.remoteutilities.com/download/beta.php
- https://www.virustotal.com/#/file/f900ad70e290d8cd748504ca835694d7b406c0b6afe3630e9b3bef3b6010b790/detection
- https://www.virustotal.com/#/file/7f5612e1933c3393f14d495202399f41fad681ee8ed164a4781e2a6e7f45050d/detection
- https://www.virustotal.com/#/file/4f627d0f03f8fdb98352aea1e6cce07515ee5ddbd061031f96b95a6b011265c7/detection
- https://www.virustotal.com/#/file/ceb30120363ea8af03e88e121e4e38d926ea390af8c876aae0046ab500730f86/detection
- https://www.remoteutilities.com/support/forums/forum5/1034-trojan-viewer-6.9
- https://www.virustotal.com/en/file/8a0254dae0ef28ab17baa7bf2954b5df08542fcd7a42e623731efb06394df46e/analysis/1542078254/
westmindltd,
User (Posts: 9)
Oct 28, 2018 4:57:08 pm EDT
Support level: Starter
Because all of the AV programs we use across different networks flag RU as a dangerous software, we gave up on it months ago. License paid, unable to use the software, lesson learnt.
Conrad,
Support (Posts: 3053)
Oct 28, 2018 5:38:32 pm EDT
Hello,westmindltd wrote:
Because all of the AV programs we use across different networks flag RU as a dangerous software, we gave up on it months ago. License paid, unable to use the software, lesson learnt.
I can only agree with you. Many antivirus software today are extremely unreliable. If they cannot distinguish between legitimate software signed with an EV Code Signing certificate from unsigned and patched malware no one can guarantee that they can do their main job of protecting their customers from real viruses and trojans.
David Roudebush,
User (Posts: 8)
Nov 12, 2018 8:34:33 pm EST
Support level: Free or trial
I've got Webroot SecureAnywhere trying to remove rwln.dll (the RU host) on our machines as a remote access hacker tool. Is there any third-party validation of the security of these program components?
Conrad Sallian,
Support (Posts: 3053)
Nov 13, 2018 1:13:35 am EST
Hello David,
This is a false positive detection. According to VirusTotal our signed rwln.dll file is being detected only by Webroot and Eset https://www.virustotal.com/en/file/8a0254dae0ef28ab17baa7bf2954b5df08542fcd7a42e623 731efb06394df46e/analysis/1542078254/
We will send a false positive report to them and ask to remove the detection.
This is a false positive detection. According to VirusTotal our signed rwln.dll file is being detected only by Webroot and Eset https://www.virustotal.com/en/file/8a0254dae0ef28ab17baa7bf2954b5df08542fcd7a42e623
We will send a false positive report to them and ask to remove the detection.
David Roudebush,
User (Posts: 8)
Nov 13, 2018 1:36:32 am EST
Support level: Free or trial
Thank you. That was a fast and useful response.
Since putting in this comment, Webroot responded to me that they had seen RU used as a hacking tool, and that's why they were treating it that way. They advised me to white-list it on each machine. (!)
Since putting in this comment, Webroot responded to me that they had seen RU used as a hacking tool, and that's why they were treating it that way. They advised me to white-list it on each machine. (!)
Conrad Sallian,
Support (Posts: 3053)
Nov 13, 2018 1:41:58 am EST
Hello David,
Instead, they just found an easy way and decided to block the legitimate files too. You can write them that and ask them to do their job instead of trying to save their time by abusing legitimate software such as Remote Utilities.
That was a lazy answer. Just about any remote access tool can be used (and is used) for malicious purposes. Our legitimate and digitally signed files have nothing to do with patched builds or various other malware builds (such as droppers, loaders, etc). Isn't it the job of antivirus software to stop such malware?Since putting in this comment, Webroot responded to me that they had seen RU used as a hacking tool, and that's why they were treating it that way.
Instead, they just found an easy way and decided to block the legitimate files too. You can write them that and ask them to do their job instead of trying to save their time by abusing legitimate software such as Remote Utilities.
* Website time zone: America/New_York (UTC -5)