McAfee Antivirus is falsely detecting VNC remote control software as a malware and deleting it upon detection. This is causing a major problem for a lot of remote management tools that rely upon this popular open source software to operate.
If you are using McAfee on your network, you can use the following detection log as a checklist of files that need to be added to your “exclusion list” inside your antivirus properties.
You may also want to look into your McAfee settings for ways to change the default action from DELETE to LOG. We’ve notified McAfee of this problem and are awaiting a response. If this problem is affecting you, please contact them at vendor_questions@mcafee.com.
9/19/2008 11:30:01 AM Scan Started BMSANWS4LZ13D1SYSTEM (managed) VirusScan 8.5 on demand friday scan
9/19/2008 11:36:51 AM Deleted SYSTEM C:FASTPUSHVNC7REALVNC4LOGMESSAGES.DLL RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:51 AM Deleted SYSTEM c:fastpushvnc7realvnc4logmessages.dll RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:52 AM Deleted SYSTEM C:FASTPUSHVNC7REALVNC4VNCCONFIG.EXE RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:52 AM Deleted SYSTEM c:fastpushvnc7realvnc4vncconfig.exe RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:52 AM Deleted SYSTEM C:FASTPUSHVNC7REALVNC4WINVNC4.EXE RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:52 AM Deleted SYSTEM c:fastpushvnc7realvnc4winvnc4.exe RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:52 AM Deleted SYSTEM C:FASTPUSHVNC7REALVNC4WM_HOOKS.DLL RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:52 AM Deleted SYSTEM c:fastpushvnc7realvnc4wm_hooks.dll RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:53 AM Deleted SYSTEM C:FASTPUSHVNC7ULTRAWINVNC.EXE RemAdm-VNCView(Remote Admin Tool)
9/19/2008 11:36:53 AM Deleted SYSTEM c:fastpushvnc7ultrawinvnc.exe RemAdm-VNCView(Remote Admin Tool)