Community
Virus detected while executing viewer-7.6.2.0.exe
Links used in this discussion
Links used in this discussion
- https://www.microsoft.com/en-us/wdsi/filesubmission
- https://www.remoteutilities.com/support/kb/remote-utilities-is-mistakenly-detected-as-malware/
- https://www.remoteutilities.com/blog/is-virustotal-the-right-tool/#The_Empty_File_Experiment
- https://i.imgur.com/rAwWdJF.png
- https://www.microsoft.com/en-us/wdsi/defenderupdates
- https://i.imgur.com/AQ7KhO5.png
- https://i.imgur.com/4kihZFl.png
Information Technology,
User (Posts: 6)
Feb 03, 2025 1:19:15 pm EST
Support level: Pro
We downloaded viewer-7.6.2.0.exe from remoteutilities.com/download and are receiving the following from Defender:
Trojan:Win32/Suschil!rfn
This program is dangerous and executes commands from an attacker.
file: [redacted]\AppData\Local\Temp\{98323EAD-B807-4D12-963D-5C8A7E41EDA8}\viewer-7.6.2.0.msi
Any help would be appreciated
Trojan:Win32/Suschil!rfn
This program is dangerous and executes commands from an attacker.
file: [redacted]\AppData\Local\Temp\{98323EAD-B807-4D12-963D-5C8A7E41EDA8}\viewer-7.6.2.0.msi
Any help would be appreciated
Conrad Sallian,
Support (Posts: 3123)
Feb 03, 2025 1:40:33 pm EST
Hello,
Thank you for your message.
Unfortunately, we’re not sure if we can provide much assistance in case antivirus software is incapable to distinguish between malware and a legitimate program that has been digitally signed with an EV Code Signing certificate and has been on the market for 15 years.
This specific file (version 7.6.2.0) has been available for several months. Moreover, it is the Viewer (a client), which, even in theory, cannot be used to grant access.
We can only suggest that you submit a false positive report to Microsoft using this link:
https://www.microsoft.com/en-us/wdsi/filesubmission.
Hope that helps.
Thank you for your message.
Unfortunately, we’re not sure if we can provide much assistance in case antivirus software is incapable to distinguish between malware and a legitimate program that has been digitally signed with an EV Code Signing certificate and has been on the market for 15 years.
This specific file (version 7.6.2.0) has been available for several months. Moreover, it is the Viewer (a client), which, even in theory, cannot be used to grant access.
We can only suggest that you submit a false positive report to Microsoft using this link:
https://www.microsoft.com/en-us/wdsi/filesubmission.
Hope that helps.
David Silvera,
User (Posts: 25)
Feb 03, 2025 6:48:18 pm EST
Support level: Pro
You can also restore it from Quarantine in Windows Defender and tell it to mark the application as safe, so that it won't block it the next time you try to install it.Information Technology wrote:
We downloaded viewer-7.6.2.0.exe from remoteutilities.com/download and are receiving the following from Defender:
Trojan:Win32/Suschil!rfn
This program is dangerous and executes commands from an attacker.
file: [redacted]\AppData\Local\Temp\{98323EAD-B807-4D12-963D-5C8A7E41EDA8}\viewer-7.6.2.0.msi
Any help would be appreciated
Support level: Starter
I have the same, windows defender :/
Conrad Sallian,
Support (Posts: 3123)
Mar 02, 2025 6:43:58 am EST
Hello,
We continuously submit false positive reports to Microsoft (and other antivirus vendors), but it would be tremendously helpful if affected users also did the same. Submitting a report takes only a minute, and the more complaints the a/v vendors receive, the faster they are likely to act.
We provide relevant false positive submission links for all major antivirus vendors on this page: https://www.remoteutilities.com/support/kb/remote-utilities-is-mistakenly-detected-as-malware/.
Thank you for your support!
We continuously submit false positive reports to Microsoft (and other antivirus vendors), but it would be tremendously helpful if affected users also did the same. Submitting a report takes only a minute, and the more complaints the a/v vendors receive, the faster they are likely to act.
We provide relevant false positive submission links for all major antivirus vendors on this page: https://www.remoteutilities.com/support/kb/remote-utilities-is-mistakenly-detected-as-malware/.
Thank you for your support!
Support level: Starter
Are there such problems on Hosts too?
Or only on Viewer?
Or only on Viewer?
Conrad Sallian,
Support (Posts: 3123)
Mar 03, 2025 2:55:53 am EST
Unfortunately, with modern antivirus software anything can be declared a 'threat', even an empty file.D L wrote:
Are there such problems on Hosts too?
Or only on Viewer?
Since recently, perhaps it doesn't make sense to even bother with checking Virustotal results because they don't have anything to do with reality.
Support level: Starter
Do you get virus messages when installing or use app Host
For me it's not a problem (Viewer), but at the ends (Host) it will be....
I want to upgrade to a newer version, but I don't know if I should :/
For me it's not a problem (Viewer), but at the ends (Host) it will be....
I want to upgrade to a newer version, but I don't know if I should :/
Shane Farmer,
User (Posts: 5)
Apr 03, 2025 8:33:55 pm EDT
Support level: Free or trial
I just disabled Realtime Protection, Cloud, and Tamper Protection and install went fine. Then re-enabled said protections.
Shane Farmer,
User (Posts: 5)
Apr 03, 2025 8:40:31 pm EDT
Support level: Free or trial
Side note: https://i.imgur.com/rAwWdJF.png
* Website time zone: America/New_York (UTC -4)