UltraVNC FP? [Resolved]

Anyone else getting false positives on the vncviewer.exe today? Didn’t happen til today…

Just an update. I emailed Kevin about it and he said that rather than an FP, because of the nature of the file BOC SHOULD warn about it. He suggested that I exclude it, which I did. What is odd to me is that I have had both programs on my system for years and BOC has never gone off on UVNC until today, but, whatever.

Must be one of those things where they’ve started using some code or packer that is commonly used in the construction/delivery/execution of malware; if they were to drop it from the list as an FP, then malware using the same methodology would get right through.

Not using UVNC here, so I don’t have the issue; I’m hazarding a guess based on Kevin’s previous similar responses.


In a subsequent email from Kevin, there apparently WAS a change in the detections in the last couple days that included more VNC components due to them being abused for nefarious purposes. Sad as that may be (cause I have to exclude them), at least I know I’m not crazy… :wink:

It’s always good to know - - one way or the other… :wink:

Thanks for the followup and additional info.

I’ll go ahead and mark the topic as resolved and close it. If you need it reopened, just PM a Moderator (please include a link back here) and we’ll be glad to do so.