Jump to content
thewild

VNC viewer detected as RemoteAdmin potential threat

Recommended Posts

Hi all !

 

We are running KAV for workstations 6.0.3.837 here.

 

Last week I changed KAV settings in the Admin Kit to alert for potential threats (someone had been infected by "Security Protection" and KAV did not catch it).

 

Now, KAV is reporting errors about vncviewer.exe being a potential threat of "not-a-virus:RemoteAdmin.Win32.WinVNC.1102"

 

But vncviewer is only the CLIENT application, there is not remote admin potential threat in this. It would be OK for KAV to report VNC SERVER as a potential threat, but why the client ?

 

How can I easily remove this alert ?

 

Thanks a lot !

Share this post


Link to post

Please add this into trusted zone:

 

%ProgramFiles%\ULTRAVNC\VNCVIEWER.EXE

%ProgramFiles(x86)%\ULTRAVNC\VNCVIEWER.EXE

%ProgramFiles%\ULTRAVNC\WINVNC.EXE

%ProgramFiles(x86)%\ULTRAVNC\WINVNC.EXE

 

and as Verdict: Invader (loader)

Share this post


Link to post

Thanks for your answer Helmut.

 

In my case, the exe is not in Program Files.

Isn't it possible to add vncviewer.exe to the trusted apps, whatever its location ?

Share this post


Link to post
Yes you can do this.

Just adding "vncviewer.exe", with no path information, is enough ?

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.