It is a loud static only while there is a sound file playing. For example, if I play a 3 second audio file, there will be loud static for 3 seconds. Or, if I change the volume on the host computer (you know there is that 1-second ding sound when you change the volume by the clock, the remote computer will have a loud static sound for 1 second instead of the ding sound. If I try to play a video on the host, the remote will have a loud static sound as long as the video is playing.
Yes, Single Password is checked, just like your screenshot. Also, the OLD password works. When it tells me the password is wrong, I can put in the OLD password and login.
It seems like the password from the new install does not overwrite the old password. If I put the MSI on a new computer, everything works fine, and if I erase the reg settings on the existing computer and do the upgrade, everything works fine.
If I simply do an upgrade without erasing the registry settings, it keeps the OLD password and does not use the NEW password from the new MSI.
This happens on every computer that I upgrade the Remote Utilities to the newest version. I create a new MSI, with only a new single password. Then, I use Remote Install within the 22.214.171.124 viewer to update the host using Windows Authentication. Then after it updates, Remote Utilities host will not accept the new password. I have to manually delete (in the registry) HKEY_LOCAL_MACHINE\SOFTWARE\Usoris on the host and then I do the remote update again and it works. It's like the old settings inside the registry are conflicting with the new version. Again, this happens on every computer that I update.
Using the newest host and viewer 126.96.36.199. The remote sound is a very loud static sound. You can barely hear some (very little) of the original sound within the static, but it mostly sounds like a radio tuned to a station that doesn't exist and turned all the way up.
Any idea why Windows Defender is seeing the Beta as a severe malware app with remote command execution?
Yeah, it's heuristics. The software (code) is new, so it'll take time for the antivirus companies to mark it as safe.
That's not how heuristics works. Heuristics looks at the construction of the code, such as the calls used and the jumps made, instead of using signatures. Heuristic scanning of code generally only reports a false positive if there is something seriously funky being done in the code, and rarely reports it as a known malicious piece of code - which is what happened here.
Now, admittedly, any app that allows remote access to a computer by definition has some "seriously funky code", but with it being recognised as a particular piece of malicious code, that's the issue.
And as to scanners not seeing it yet, therefore not building signatures in their databases, the app has been out for a week and I'm sure I'm not in the first handful of people who have downloaded it who are running Windows Defender - so that isn't really a valid reason for this detection.
Windows Defender is awful about this. I have custom programs that I run in a business. About once or twice a year, without any changes have been made to my software, Windows Defender calls them a virus and deletes them, can't reinstall because they are immediately flagged again. Wait a few days, install, and everything is good again... for 6-12 months. I've gotten where I always add exceptions now, because at any moment in the future, all of the computers I have my software installed on is going to delete it at the same time.
One more thing I've found: If you remotely update, and include a new password in the msi, and the previous version is 188.8.131.52, you cannot login because the old settings are still on the client. Even if you go to the client, and uninstall first, the remote install still cannot be logged into with the simple password from the msi because the old settings are still in the registry. I found that if I delete HKEY_LOCAL_MACHINE\SOFTWARE\Usoris, then the remote installation will work properly after that. Perhaps the installer msi should check for that and remove it. I have reproduced this on several computers. I always have to delete HKEY_LOCAL_MACHINE\SOFTWARE\Usoris for the remote install to work properly.
You are correct, it goes back to the prefilled simple password instead of going back to the one time password. It's confusing because the simple password is saved with the address and it doesn't prompt for it initially because of that, but then it goes to it if the one time password is wrong or close to expiration.
I am using simple password + 2 factor authy. If I put a wrong one-time password in, it says the password is wrong, and then it goes to the simple password entry box, so it you then type in the correct one-time password, you are actually changing the simple password. Then, of course, it really doesn't work, you have to fix the simple password and then put in the one-time password. What makes it worse is that it won't accept a one-time password that is a few seconds away from expiration, so many times the one-time password is wrong. Most implementations will allow you to use a one-time password for a few more seconds so that you don't have to sit and wait for the next password to be generated if you are near the end of the 30 second window.
When I create an MSI and tell it to auto-generate an ID and use the custom server, it seems that when the MSI is ran, it grabs a default/public server ID. The ID on the client does not show on my ru server. If I go to the ID on the client and tell it to generate a new ID, then the new ID shows up on my server.
1. Do you use online or legacy option? 2. What is the type of installer that you choose (standard, one click or agent)? 3. Could you please send us the Host log ? Feel free to send it to email@example.com as an attachment. This issue might also mean that the Host simply doesn't connect the first time for some reason, the log should reflect that.
Looking forward to your reply.
Okay, I think it just wasn't connecting yet, but later it did on further testing.