DLSS Posted November 2, 2006 Share Posted November 2, 2006 ok today my avast updated its db ... and now it says thight vnc is a virus WTF ? why ? cos we used it in the hacksaw ?? lol :? Quote Link to comment Share on other sites More sharing options...
Schizma Posted November 2, 2006 Share Posted November 2, 2006 Maybe it thinks it is a virus, because it might think it's not installed by you. I had something like that with a simmiliar program. Quote Link to comment Share on other sites More sharing options...
DLSS Posted November 2, 2006 Author Share Posted November 2, 2006 but this one is installed by me , on hte legit way etc ... Quote Link to comment Share on other sites More sharing options...
VaKo Posted November 2, 2006 Share Posted November 2, 2006 Because 90% of there customer base have no use for VNC and thus the likeyhood is that there not aware of it being install. Hence the OMG! Virus warning. Might be worth rasing a flag with both TightVNC and Avast! about it though, as TightVNC will definatly want to know about this. Quote Link to comment Share on other sites More sharing options...
kickarse Posted November 2, 2006 Share Posted November 2, 2006 McAfee does the same thing... It's a false positive. Quote Link to comment Share on other sites More sharing options...
anyedie Posted November 2, 2006 Share Posted November 2, 2006 mml, is this a recent thing? Maybe the hacksaw got a little too much attention... has anyone else had this problem before a month or so ago? I use ZoneAlarm suite and have had no such problems. Quote Link to comment Share on other sites More sharing options...
Matt {Undead} Posted November 3, 2006 Share Posted November 3, 2006 Ive had this before with certain versions of vnc, norton goes in a paddy but its nothing to worry about. if you installed it i dout its infected with anything else, just the program itself being remotely installed on other pcs raises nortons eyebrow. Quote Link to comment Share on other sites More sharing options...
Spartain X Posted November 7, 2006 Share Posted November 7, 2006 macafee is the worst when something is detect it attempts to delete it and there's not quarintene function this the worst when i accidently leave a usb drive plugged in with switchblade over night and in the morning you find out that your switchblade is mangeled and completly screwed. the main reason it's doing this is because most average user's will never ever use such a function like VNC but it's damn irritating for power users and admins who use these tools and the stupid AV's black list it as a virus or a trojan but i guess it's always to protect the users Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted November 7, 2006 Share Posted November 7, 2006 I ran into the same problem at work. I was cleaning spyware off an employees pwned boxen :roll: using MS Anti-Spyware Beta, now renamed Windows Defender. It caught Tight VNC as a backdoor or something silly like that. Thing is, VNC and SSH is part of our default configuration. It's a lifesaver in a helpdesk scenario. Quote Link to comment Share on other sites More sharing options...
jalada Posted November 7, 2006 Share Posted November 7, 2006 I ran into the same problem at work. I was cleaning spyware off an employees pwned boxen :roll: using MS Anti-Spyware Beta, now renamed Windows Defender. It caught Tight VNC as a backdoor or something silly like that. Thing is, VNC and SSH is part of our default configuration. It's a lifesaver in a helpdesk scenario. Same, all versions of Antispyware/Defender detect TightVNC as a backdoor. I assume that the vnchooks.dll etc. are sometimes used in combination with genuine trojan backdoors, and so it unfortunately also flags up genuine installations. I've lost VNC a couple of times because Antispyware/Defender has pwned me... ¬_¬ Quote Link to comment Share on other sites More sharing options...
Famicoman Posted November 7, 2006 Share Posted November 7, 2006 It thinks its a RAT. Quote Link to comment Share on other sites More sharing options...
moonlit Posted November 7, 2006 Share Posted November 7, 2006 It is, though... that's probably why ;) Quote Link to comment Share on other sites More sharing options...
Sparda Posted November 7, 2006 Share Posted November 7, 2006 It is, though... that's probably why ;) and the same goes for Apache :P Quote Link to comment Share on other sites More sharing options...
Spartain X Posted November 8, 2006 Share Posted November 8, 2006 I ran into the same problem at work. I was cleaning spyware off an employees pwned boxen :roll: using MS Anti-Spyware Beta, now renamed Windows Defender. It caught Tight VNC as a backdoor or something silly like that. Thing is, VNC and SSH is part of our default configuration. It's a lifesaver in a helpdesk scenario. you can say that again it's brilliant for managing "closet server", computer farms and in general large amount of computer centrally. but i mean really calling it spyware is just stupid. but i guess i know why it is though, security auditing programs like Metasploit, Canvas and Core Impact have payloads where they can run VNC server and tunnel a connection back to the computer that exploited it, i guess those kind of payloads might use a modified version of tight vnc (or many of it variants) and therefore the stupid AV's just classify all vnc (and vnc like program) as spy ware Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.