False Positive on R-ADMIN Tool?

Hello my company uses Avast Pro, We currently have a good amount of pc’s with it installed. We use Radmin Tool to remote into Machines, but as of recently (since 9/11) it seems to be putting the EXE for Radmin (when we goto connect) into the Chest and then we can no longer remote into the machine.

the file name : Famltrf2.Exe
Localtion : C:\Windows\SysWOW64\rserver30

for now, we’ve been having people disable Shields for 10 mins and hit yes to confirm BEFORE we remote in so that it doesn’t block us from getting in. Is there a way around this?

http://www.radmin.com/

This is the website for the tool we use.

have you tested the file at www.virustotal.com

You can upload files and report to avast here: http://www.avast.com/contact-form.php

you can also use mail

send to virus@avast.com in a password protected zip file
mail subject: False Positive / undetected sample (select subject according to your case)
zip password: infected

or you can send files from avast chest
how to use the chest. http://www.avast.com/faq.php?article=AVKB21

thats hard to do in reality. I mean it installs that file on the server / client version of the pc… and when we use the “viewer” it connects to the server on their machine activating that file. It seems to stop the remote tools ability to move the mouse and keyboard. but continues to let us view whats going on… But once we disconnect. you can no longer even view or remote into the machine. (because it moves it into the chest AFTER we get the view ability for the first time). So we can actually see it popping up in RED and going into chest on the users machine.

So we can actually see it popping up in RED and going into chest on the users machine.
then report the file from avast chest as false positive .... se how to in my post above

https://www.virustotal.com/en/file/64bbbc6701652dc2aa34dc110b02f98e086e1619a37c8d5f51f3feb7d947a04f/analysis/

the analysis.

So will this be corrected?

not sure … as it is not detected as virus but PUP Win32:PUP-gen [PUP] according to your virustotal scan
PUP = not a virus / Possible Unwanted Program

is this the detection name you see when it happens?

not sure i understand what your asking.

Are you seeing Win32:PUP-gen [PUP] under Infection in the Avast Alert?

when avast detect and remove this file from your computer … what malware name does it give the file?
is it the one seen in my post above?.. Win32:PUP-gen [PUP]

Win32:PUP-gen [PUP] yes this is exactly what i see

http://prntscr.com/1s99o7

PUP scan is default off … have you turned that on ?

OK i se in your pic that it is detected by filerep … so i guess it it bc it is a file not known and have a low score

have you reported it to avast lab as shown in my first post?

The FileRep Feature in Avast 7 Accelerates The Malware Detection
http://techdows.com/2012/02/avast-filerep.html
http://avast.en.softonic.com/video/avast-free-antivirus-avast-filerep-12959

No i’m not sure how to do that… but it’s time to go home, I’ll pick this thread back up in the morning. thanks for your time in helping! I’ll be sure to try to figure how to report it tomorrow morning.