Hi,

I am running 5 computers at my home, and I am also trialing Ewido. All computers have RealVNC installed (version4).

While running Ewido on one of my desktops (win2k Sp4) I receive the popup messages "Infected object found!" referring to
File: wm_hooks.dll
Path: C:\Program Files\RealVNC\VNC4
Infection: Not-A-Virus.RemoteAdmin.Win32.WinVNC.4

It is not quite clear to me if Ewido identifies RealVNC as a remote administration application/server..

or..if "Infected object.." means the that the dll has been changed/infected/compromised by whatever kind of malware...

or ... if it means that the object is not infected but is considered as malware by Ewido?

In the latter situation I would prefer to receive an other message like "Remote Administration Object found" instead of "Infected Object"

Now I have the choice to Clean or do nothing... and I don't know what to do because in the first scenario.. I would like to clean... in the second... I would like to keep the dll as part of a good functioning application.

Looking forward to hear from you

Itsme

It always says infected object... We will remove this definition until version 4.0 comes out with much better infection handling... Sorry for the inconvenience.

Hi, thank you for this swift reply.

No need for me to remove it from the definition as I know what the program does. But many people will not and then... it could be better to be safe than sorry.

Hasta la vista.

Itsme