Community


Trojan.Gamaredon Activity 2

Links used in this discussion
Dan Schroeder, User (Posts: 2)
Dec 06, 2017 9:15:57 pm EST
Support level: Free or trial
Hi Everyone,

I'm new to Remote Utilities and testing for use in my managed services business. When I tried to run the agent after customizing according to this article, Norton Antivirus is blocking the agent - It says that an intrusion attempt by server.remoteutilities.com was blocked. It does not give me an option to allow.

Does anybody know if there is anything I can do so that I can use this to support my clients?

Thanks!

-Dan
Attached Files
Trojan.Gamaredon Activity 2
Conrad, Support (Posts: 3074)
Dec 07, 2017 5:28:53 am EST
Hello Dan,

Thank you for your message.

Unfortunately, modern antivirus software is incapable of distinguishing between good and bad software. They prefer to be on the safe side and block just everything which even remotely resembles an "intrusion attempt". They couldn't care less about the fact that their "detections" wreak havoc on the work and infrastructure of their own customers.

I recommend that you use this form on the Symantec website to report the issue. We will send a false positive report through that form too. The more reports they receive the better chance that they fix this false positive issue sooner.

Let me know if you need any other assistance.
Dan Schroeder, User (Posts: 2)
Dec 07, 2017 11:38:19 am EST
Support level: Free or trial
False Positive submitted.

I'm also seeing an error message that reads "Cannot send e-mail message. Check your Internet connection." Screen grab is attached.

Again, this is after after customizing according to this article.

Is there anything I can do about that?
Attached Files
Trojan.Gamaredon Activity 2
Edited:Dan Schroeder - Dec 07, 2017 11:38:57 am EST
Conrad, Support (Posts: 3074)
Dec 07, 2017 11:44:18 am EST
Hello Dan,

I'm also seeing an error message that reads "Cannot send e-mail message.

This is expected in this case because Norton blocks the URL that points to the mailsend php script on our website. The Agent/Host cannot get a response from the site and notifies the user (you) that it cannot send an email.

* Website time zone: America/New_York (UTC -5)