Nightwalker

Level 12
Verified
Joined
May 26, 2014
Messages
553
Operating System
Windows 10
Antivirus
Kaspersky
#3
It is detected as "Riskware" and "potentially unsafe", but not as malicious.
IMO the detection is correct, after all security vendors usually dont mark this detection by default and the software is indeed riskware.


Riskware covers legitimate programs (some of which are sold publicly and commonly used for legitimate purposes), which can cause damage when they fall into the hands of malicious users (and are used to delete, block, modify, or copy data, or disrupt the performance of computers or networks).

Programs in this class include remote administration utilities, IRC clients, dialer programs, file downloaders, software for monitoring computer activity, password management utilities, and numerous Internet server services such as FTP, web, proxy and telnet.

These programs are not malicious in themselves, although they do have functions that can be used for malicious purposes.

For example, a remote administration program such as WinVNC provides access to the interface of a remote computer and uses a remote machine to control or monitor it (...)

Riskware – Securelist – Information about Viruses, Hackers and Spam
 
H

hjlbx

Guest
#5
Reputation of Ammyy LLC partly figures into it. They have had problems protecting their website in the past; malicious downloads inserted.
 

TheMalwareMaster

Level 19
Verified
Joined
Jan 4, 2016
Messages
931
Operating System
Windows 10
Antivirus
#6
So, Why other programs like logmein (much more used by scammers) and teamviewer aren't detected?
 
H

hjlbx

Guest
#7
So, Why other programs like logmein (much more used by scammers) and teamviewer aren't detected?
Not sure.

Some comments on Virus Total indicate riskware while others state safe.

There is obvious disagreement.

You can always submit as false positive.
 
L

LabZero

Guest
#8
So, Why other programs like logmein (much more used by scammers) and teamviewer aren't detected?
The Ammyy detection is due to the fact that of course they are found malicious patterns in the code, typically similar to RAT and backdoors. The fact that Logmein and Teamviewer are not detected probably depends because they are listed as safe for a long time. Honestly I don't remember but they may be digitally signed.
This is a long story. When a user sees a red detection alarm about a software, he can do two things: understand the detection and process it or delete the software. Someone here has spoken of Nirsoft, and that's a good point.
 
Last edited by a moderator:
Joined
May 9, 2017
Messages
1
#9
The guys are from Russia, the software is Russian and with all hacking alleged to be coming from there, for me it's seems to be pretty obvious. I worked for a company that paid and used a lot Ammyy for helpdesk and they are not able to use it anymore. The clients doesn't trust to run the program, and disabling it on the antivirus, depending on what antivirus is being used, can be painful for the regular user. I believe they are using Teamviewer now. Not a single glitch with any antivirus product... Strange huh?