Conrad Sallian's community posts


MSE false positive detection: Trojan:Win32/Tilken.B!cl

Conrad, Support (Posts: 3074)
Sep 29, 2017 9:08:45 am EDT
We have sent a false positive report. I recommend that you also send FP reports to Microsoft just in case. This is easy, here is how:

1. Visit the Submit a file for malware analysis page on Microsoft website.

2. Fill out the form. You may need to sign in to your Microsoft account.

3. In the lower part of the form make sure that you fill out the fields as shown in the attached screenshot. You can also upload the file rfusclient.exe. You can find it in the C:\Program Files (x86)\Remote Utilities - Host\ directory. If it's not there - restore it from Quarantine in Windows Defender settings.

4. Click Continue. On the next page confirm form submission.

P.S. Microsoft has always been quick to resolve FP issues. Let's see if they manage to fix this one asap.

New (false positive??) detection of Trojan

Conrad, Support (Posts: 3074)
Sep 29, 2017 6:12:36 am EDT
Hi Marv,

Thank you. Another user also reported this false positive in this thread. We will contact MS asap and keep you updated.

MSE false positive detection: Trojan:Win32/Tilken.B!cl

Conrad, Support (Posts: 3074)
Sep 29, 2017 6:11:13 am EDT
Hi Bart,

Thank you for your message. We will immediately contact Microsoft regarding this issue.

Could you also add instructions for Microsoft Security Essentials to your troubleshooting page:
https://www.remoteutilities.com/support/docs/antivirus-issues/ Could you also add instructions for Microsoft Security Essentials to your troubleshooting page:
https://www.remoteutilities.com/support/docs/antivirus-issues/

Yes, of course.

High CPU usage on some machines

Conrad, Support (Posts: 3074)
Sep 28, 2017 3:10:25 pm EDT
Thank you!

(public ID server) Connections Constantly Dropping

Conrad, Support (Posts: 3074)
Sep 28, 2017 3:09:29 pm EDT
Hello Kerry,

Could you please create a support ticket and enclose the Host log. If there is not one Host but many that have this issue, you can attach logs from a few of other Hosts as well.

Thank you.

Problems with Agent

Conrad, Support (Posts: 3074)
Sep 26, 2017 8:09:32 am EDT
Hi Darrell,

Sorry, didn't understand the first time. It looks like the vanilla Agent file is ok, and it's a custom  Agent file (even a digitally signed one) which is falsely detected by AVG and Avast.

Ok, anyway we'll deal with this.

Problems with Agent

Conrad, Support (Posts: 3074)
Sep 26, 2017 7:32:09 am EDT

I have included a screen dump from Avast Anti-virus. I have also seen similar alersts on a number of free AV products.

Thank you, Darrell. We'll contact them immediately.

I have also seen similar alersts on a number of free AV products.



No surprise, as they often borrow virus definitions from each other. :)

Problems with Agent

Conrad, Support (Posts: 3074)
Sep 26, 2017 7:15:40 am EDT
Hello Darrell,

Thank you for your post.

Yes, we understand the problem. We have dedicated personnel that deals with false positives and regularly sends reports to a/v companies.

Currently, we are aware only of the AVG problem and we are already trying to contact them and resolve this issue. There haven't been reports about Avast and VirusTotal reports show that Avast detection is clean. Do you have any screenshots of Avast's detections?

P.S. I will move this topic to the Antivirus sub-forum.

Will RU Server be faster in this scenario?

Conrad, Support (Posts: 3074)
Sep 22, 2017 3:39:14 pm EDT
Hi Mike,

Another way to go would be using the callback/reverse connection. This is also a direct connection type, only in this case it is the Viewer that should be accessible externally rather than the Host (that's why it's "reverse"). Might not be an option if you travel often though with the laptop where the Viewer is installed.

Answering your question regarding where RU Server should/can be installed - it is highly recommended that RU Server is "stationary" , that is it is a dedicated computer with a static IP address, or a DNS name, running 24/7. Perhaps, it's an overkill for just accessing a single computer.

If you experience issues with speed/performance, you may try tweaking some settings. This article may help.

Installation path

Conrad, Support (Posts: 3074)
Sep 22, 2017 3:31:56 pm EDT
Hi Leo,

He knows I placed RUT on his computer but sometimes he wants to clean up his computer and does not follow the 'rules' for doing so and he just removes the folders fr om 'Program Files'.

This is a bad  way to clean up a PC. While there's no harm to delete traces of programs you no longer use, there's equally no harm NOT to delete everything in one's Program Files folder unless one desperately needs free disk space.

I put a shortcut on the desktop to start and stop the service, so only when he starts the service the connection is possible.

You can use Agent instead of Host then, if you only need unattended access. Perhaps, your brother-in-law deletes the Host because he doesn't like the idea of unattended access (which the Host provides). If you use Agent instead of Host and assure him that it's only when the Agent is running that you have access to his PC, perhaps he won't be deleting anything.

A good practice is to download Agent right on the desktop and run it from there. If the program isn't deleted after use, the ID and password stay the same, so you won't have to update the corresponding record in your Viewer address book.

Hope that helps.