Q&A Ammyy admin detected as malicious

Discussion in 'Media Players and Editors' started by TheMalwareMaster, Mar 13, 2016.

  1. TheMalwareMaster

    TheMalwareMaster Level 19
    Trusted

    Jan 4, 2016
    931
    5,464
    Europe
    Windows 10
    Default-Deny
  2. Kate_L

    Kate_L Former Member

    Jun 21, 2014
    1,003
    3,430
    Computer Security
    The same reason why "nirsoft" products are detected as malware, you can see the double-standards (teamviewer does the same thing and it's "clean"). It's funny how the file is signed by Symantec and detected as malware at the same time.
     
  3. Nightwalker

    Nightwalker Level 7

    May 26, 2014
    325
    1,287
    Lawyer
    Windows 10
    Emsisoft
    It is detected as "Riskware" and "potentially unsafe", but not as malicious.
    IMO the detection is correct, after all security vendors usually dont mark this detection by default and the software is indeed riskware.



    Riskware – Securelist – Information about Viruses, Hackers and Spam
     
    OokamiCreed, frogboy, safe1st and 3 others like this.
  4. Tornado

    Tornado New Member

    Nov 22, 2015
    1,080
    3,722
    Undisclosed
    It is riskware and some detect it as = RemoteAccess[Not.A.Virus!!]
    Meaning it CAN be risky and unsafe, the more 'security smart' of us can exclude it and use it safely.
     
    safe1st and Der.Reisende like this.
  5. hjlbx

    hjlbx Guest

    Reputation of Ammyy LLC partly figures into it. They have had problems protecting their website in the past; malicious downloads inserted.
     
  6. TheMalwareMaster

    TheMalwareMaster Level 19
    Trusted

    Jan 4, 2016
    931
    5,464
    Europe
    Windows 10
    Default-Deny
    So, Why other programs like logmein (much more used by scammers) and teamviewer aren't detected?
     
  7. hjlbx

    hjlbx Guest

    Not sure.

    Some comments on Virus Total indicate riskware while others state safe.

    There is obvious disagreement.

    You can always submit as false positive.
     
  8. LabZero

    LabZero Guest

    #8 LabZero, Mar 14, 2016
    Last edited by a moderator: Mar 14, 2016
    The Ammyy detection is due to the fact that of course they are found malicious patterns in the code, typically similar to RAT and backdoors. The fact that Logmein and Teamviewer are not detected probably depends because they are listed as safe for a long time. Honestly I don't remember but they may be digitally signed.
    This is a long story. When a user sees a red detection alarm about a software, he can do two things: understand the detection and process it or delete the software. Someone here has spoken of Nirsoft, and that's a good point.
     
  9. Tobias Cesar

    Tobias Cesar New Member

    May 9, 2017
    1
    0
    Brazil
    The guys are from Russia, the software is Russian and with all hacking alleged to be coming from there, for me it's seems to be pretty obvious. I worked for a company that paid and used a lot Ammyy for helpdesk and they are not able to use it anymore. The clients doesn't trust to run the program, and disabling it on the antivirus, depending on what antivirus is being used, can be painful for the regular user. I believe they are using Teamviewer now. Not a single glitch with any antivirus product... Strange huh?
     
Loading...
Similar Threads Forum Date
Undetected cerber3 in ammyy setup General Security Discussions Sep 14, 2016
SOLVED need help on the aa_v3 from ammyy. i think i downloaded a virus. Malware Removal Assistance For Windows Jan 16, 2015
SOLVED Browser Hijacked by Malware, Adware, and Trojan with Ammyy scam background. Malware Removal Assistance For Windows Nov 9, 2014