Received: from resqmta-ch2-12v.sys.comcast.net ([188.8.131.52]:43992) ... for firstname.lastname@example.org; Tue, 16 Dec 2014 20:22:35 -0500 Date: Wed, 17 Dec 2014 01:22:36 +0000 From: Mail Delivery System <email@example.com> To: firstname.lastname@example.org Subject: Delivery status notification
This is an automatically generated Delivery Status Notification.
Delivery to the following recipients was aborted after 2 second(s):
After i've downloaded agent.exe to my PC, i used 7-zip to add it to a .zip file to make agent.zip
I upload the .zip file to my website, and point people to that.
Then when i download it in Firefox i did NOT get a warning. I could double click on agent.zip; it opened; and double clicking on agent.exe inside the windows view of the .zip file ran the program.
Note, the same trick did NOT work in Chrome. I still got the "dangerous" warning (because it detected as not commonly downloaded). But, in Chrome i (and people i help) dont even have to go into "Show all downloads"; the icon at the bottom of the window has a drop-down arrow that has a keep button.
Note 1: Internet Explorer (IE) let me download it.
Note 2: the workaround for downloading on Chrome (at least on this day, 12/12/2014--they change stuff over time) is:
In Chrome, after trying to download, Click "Show all downloads" in the lower right.
That pops up a list of all downloads. The top one should be the one we just tried to download. It is not marked in any way as agent.exe nor RemoteUtilities, just "This file is malicious, and Chrome has blocked it." with a big red scary icon.
Click "Recover malicious file" (the top one, if there is more than one).
I up-voted it, so now it has 4 up-votes, zero down. But still.
Some have "RemoteUtilities" right in the name of the detection. What's up with that? I mean, if they know exactly what program it is, why are they blocking it?
I suppose it's always possible that some malicious folk is trying to use the RemoteUtilities agent to spy on their machine. But agent requires user intervention before someone can do that, so, what gives?
The reason i looked this up is that Chrome would not let someone download it.