Gencontrol/winvnc
I'm sure that gencontrol (http://www.gensortium.com/products/gencontrol.html, http://www.gensortium.com/products/downloads/gencontrol.exe) and the version of WinVNC that it includes are present in all sorts of malware. However, it by itself is a legitimate network administration tool. Would it be possible to remove it from detection?
Comments
-
Thank you !
The guys from the LAB will take a look
0 -
Hello rcw,
This is just a warning because these tools can also be used by malware. The main purpose is to warn people that some off these tools are on there system. In this case it's a remote control software.By default BitDefender will take no action on these kind off tools detection. The user should decide itself.
Kind regards,
Niels0 -
By default BitDefender will take no action on these kind off tools detection. The user should decide itself.
Thanks for getting back to me on this!
Unfortunately, this is not the behavior I saw when using BitDefender Client Security installed via BitDefender Management Console 3.0. Until I manually created an exclusion policy for the folder I was running gencontrol.exe from (filename exclusions would be nice here), as well as the folder that gencontrol copies winvnc.exe to (c:\vnctemp\winvnc.exe), BitDefender would prevent gencontrol.exe from running, and would automatically quarantine c:\vnctemp\winvnc.exe.0 -
Hello rcw,
I am only familiar with the customer BitDefender products not the business editions. So that could be different.
You can disable riskware detection. This should be possible in version 3. See this topic. In the normal customer versiosn you can disable riskware detection as follow right click on the red BitDefender icon near the system tray press on open advanced settings. You will see the antivirus section and the shield section should be highlighted press on custom level expand scan accessed files and uncheck scan riskware press on ok to save the changes.
Kind regards,
Niels0
