Just recently (since yesterday I think) Avast has been deleting VNCHOOKS.DLL and calling it WIN32-Radmin[Tool].
This is causing us some headaches as we use VNC in our support duties.
I’ve marked up an exception in the meantime, but it will take a couple of days for that to deseminate and take effect.

Is this a deliberated detection or a false positive?

same here— headache!

It is an intentional detection (VNC - remote admin). It’s marked as [Tool] - ie. potentially dangerous application…

However, given the feedback we’ve got from this, we’ve decided to remove the detection for now.

Hopefully, the headaches were not TOO hard - I mean, I hope you don’t have VNC installed on a large number of machines…

I apologize for this trouble. Seems that before we can add these remote admin tools into the database, we’ll have to provide you with a way to ignore them.

We do have it on all our machines, but it’s been modified to not be active unless we initiate a connection.
Just a thought, why target the DLL instead of the EXE in that case?

And the exe itself is not being detected?

It might be that the code that matters (i.e. the “backdoor” handling code) really resides in the DLL - hence the DLL is what gets detected…

only the dll - on all our pcs… 80 seats…

it shows up also as I am downloading opensuse 12.1