Advice Request Ammyy admin detected as malicious

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
It is detected as "Riskware" and "potentially unsafe", but not as malicious.
IMO the detection is correct, after all security vendors usually dont mark this detection by default and the software is indeed riskware.


Riskware covers legitimate programs (some of which are sold publicly and commonly used for legitimate purposes), which can cause damage when they fall into the hands of malicious users (and are used to delete, block, modify, or copy data, or disrupt the performance of computers or networks).

Programs in this class include remote administration utilities, IRC clients, dialer programs, file downloaders, software for monitoring computer activity, password management utilities, and numerous Internet server services such as FTP, web, proxy and telnet.

These programs are not malicious in themselves, although they do have functions that can be used for malicious purposes.

For example, a remote administration program such as WinVNC provides access to the interface of a remote computer and uses a remote machine to control or monitor it (...)


Riskware – Securelist – Information about Viruses, Hackers and Spam
 
D

Deleted Member 333v73x

It is riskware and some detect it as = RemoteAccess[Not.A.Virus!!]
Meaning it CAN be risky and unsafe, the more 'security smart' of us can exclude it and use it safely.
 
H

hjlbx

Reputation of Ammyy LLC partly figures into it. They have had problems protecting their website in the past; malicious downloads inserted.
 

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
So, Why other programs like logmein (much more used by scammers) and teamviewer aren't detected?
 
H

hjlbx

So, Why other programs like logmein (much more used by scammers) and teamviewer aren't detected?

Not sure.

Some comments on Virus Total indicate riskware while others state safe.

There is obvious disagreement.

You can always submit as false positive.
 
L

LabZero

So, Why other programs like logmein (much more used by scammers) and teamviewer aren't detected?
The Ammyy detection is due to the fact that of course they are found malicious patterns in the code, typically similar to RAT and backdoors. The fact that Logmein and Teamviewer are not detected probably depends because they are listed as safe for a long time. Honestly I don't remember but they may be digitally signed.
This is a long story. When a user sees a red detection alarm about a software, he can do two things: understand the detection and process it or delete the software. Someone here has spoken of Nirsoft, and that's a good point.
 
Last edited by a moderator:

Tobias Cesar

New Member
May 9, 2017
1
The guys are from Russia, the software is Russian and with all hacking alleged to be coming from there, for me it's seems to be pretty obvious. I worked for a company that paid and used a lot Ammyy for helpdesk and they are not able to use it anymore. The clients doesn't trust to run the program, and disabling it on the antivirus, depending on what antivirus is being used, can be painful for the regular user. I believe they are using Teamviewer now. Not a single glitch with any antivirus product... Strange huh?
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top