False Detection

Avast is detecting my TightVNC server application as a virus and has blocked the file and wont let me restore access. The file is WinVNC.exe

Can be found here:

www.tightvnc.com

Is there anyway to stop it from detecting this file? I have already added the path to the exclusion list but as it states the resident scanner still detects it and causes problems.

Send the file to the virus lab. :slight_smile:

Would love to… how does one go about doing that?

Sorry, I looked around and couldnt find anything

Well, this ruined a perfectly good evening for me, I was ready to relax at home when a customer called me and let me know that she had a virus (just ran boot-time scans last night). Of course the first thing I did was VNC into her machine so that I could fix it, when it told me that vnc was infected with a virus I of course didn’t want to continue using it, called the customer back and told her to unplug all her windows machines from the network and wait for me to come in, after just a few hours testing and clean up we ended up removing our only remote administration tool and sending an email to support. 3 people x 4 hours x consulting rate is a lot avast owes me for making up some joke about TightVNC. Its an open-source product, what passes for QA over there where they blackball software they can download the source to and see what it does.

I do hope that patric is an avast Pro user or working with one.

While I have no problems with any complaints about avast it seems to me that freeloaders of the avast product should think before they complain about the effects of problems on their hours and consulting rates.

Most of us in this forum could care less about their rates and “how much avast owes them”. Certainly makes me want to avoid offering any assistance to patric. I’ll save my time and effort for those with less whining about how important they are.

WoodroweBones

In the avast Standard Shield click the Customize button > Advanced tab …

There is a box where clicking the “Add” button will allow you to add the path and filename of a file that you want to be excluded from avast scanning. You can add the filename that you believe to be a false positive so that you can continue normal operation until the avast team have a chance to take care of a false positive in an upcoming VPS update.

If I am not mistaken - virus@avast.com :slight_smile:

Don’t forget to zip it with password and tell the password in the body of the letter. :wink:

i use winvnc, and my scanner doesint detect anything… ???

But the thing is, i use the real winvnc not tight vnc and it works great for me.

So yea if i were you i would do what my friend above is telling you to do because my winvnc.exe is clean as a whistle :wink:

I assume this is only available in the Pro version? I have the home version.

This is available in all versions of avast home/pro.

Why don’t you just post here at the beginning? ::slight_smile:

No, as said before, it’s on the Home version too…

Woav you suck at PC tech support then, use some common sense.

How hard is it to check the file with some online scanners, eg. through jotti and virustotal. There you would have seen that only avast flagged it incorrectly and therefore you could have assumed it was a fake positive, which happens for EVERY anti-virus product on the market from time to time.

Hmmm mine doesnt look like that at all. Its a little grey box type thing. shrug I’m not too worried about it now. they have fixed it :smiley:

You may be looking at the wrong thing. Left click the “a” ball, click details at the bottom of the pop up and you should have a screen like DavidR posted.

I suspected that, which is why I posted the screenshot, oldman has the solution, good luck. You might also want to check for updates there has been another VPS update today 0645-3, which probably has FP fixes as well.

Of course the users I support are Pro Users, there isn’t any unlicensed software on any of the machines I support as of the last audit I did, and I wasn’t whining over how important I was, and as avast often reports viruses well ahead of anyone else, having a file return that it isn’t a virus from another source doesn’t prove anything. The customer I consult for happens to need a relatively high degree of security, and a virus alert is a good enough excuse to drag me across town to check out each machine. So now that I have been insulted for exaggerating my overimportance, and for not being very good at tech support, oh and accused of being a freeloader, can one of you nice, well-educated, informed users let me know where the announcement from Avast! giving the all-clear for tightvnc might be (I have noted that while they haven’t responded to email, it is indeed no longer detected).

If it is not detected as a virus anymore then you have answered your own question. Sorry that the correction was not trumpeted from the rooftops. The avast team tend to fix the problem and then get on with working on the next threats to all users Pro & free.

We all, Pro & free live with such errors from time to time - and this forum is, I believe, one of the most responsive and friendly to most users. I hope that avast consumes no more hours of your valuable support time.