Comodo Internet Security has detected this a malware, this started detecting on the date of 3-23-2009 but I have been usingUltraVNC for several months now… I add this to ‘My Own Safe Files’ each time it pops up but it re-captures this as a new malware each of time I start my computer. View attached screenshots of My Own Safe Files & Anti-Virus Events… UltraVNC version Win32 Server, link for this version of install is http://sc.uvnc.com/download/click.php?id=2

Product Web Site: http://www.uvnc.com/
Name of Detection: Unclassified Malware (or) Unclassified Malware[at]12274344
Virus Signature Database Version: 1087

If you need any further information please just ask, I will gladly provide.


[attachment deleted by admin]

Hi tazzin,

The reported file is an unsafe WinVNC application. It is a potentially unsafe application belonging to UltraVNC. Please add this file to your exclusion list if you really want to continue using the software.


Thanks, sriramp, i’m trying to find the Exclusion section now… thanks for the information, I haven’t had a issue until recently so something in the updates is triggering this… but thanks for the info…

Hi tazzin,

In CIS, You have an option in “AntiVirus” tab, select ScannerSettings-> Exclusions. From where you can exclude the sample from detection.

Thanks and Regards,

Well, I guess I’m just an idiot… :o I have added the exclusion to my machine and all is fine… I have added it to my wifes machine as an exclusion and it still keeps popping up as a threat, and the winvnc.exe is now added to the exclusions list about 5 or more times now (each time is pops up I add it to the exclusions list). I have tried removing and only adding it once and that is still no good… any other suggestions?

Thanks for all the help, let me know if you need any information, i’ll gladly provide to help troubleshoot…


You may need to add the folder location to the list of exclusions.

C:\Program Files\UltraVNC*.*

Did the trick for me (and I was even able to do it remotely :slight_smile: ). I just hope no malware writers are now poised to exploit this necessary “hiding place”. :o

You can add C:\Program Files\UltraVNC* to My Protected Files so that any change to that folder made by an unsafe application would be caught by Defense+.

Thanks fOrTy_7 for the extra advice.

So because CIS considers VNC software to be “unsafe” but can only deal with it as if was a virus, I have added its location to:

Antivirus,>Scanner Settings>Exclusions
Defense+>My own Safe Files

and in order to protect what CIS considers to be an unsafe application from any truly unsafe application, I’ve now also added it to:

Defense+>My Protected Files

I can’t help thinking that there needs to be a greater level of sophistiaction built-in to the CIS program, rather than relying so much on the user’s knowledge and diligence to control malware actions!