Gencontrol/winvnc

rcw

I'm sure that gencontrol (http://www.gensortium.com/products/gencontrol.html, http://www.gensortium.com/products/downloads/gencontrol.exe) and the version of WinVNC that it includes are present in all sorts of malware. However, it by itself is a legitimate network administration tool. Would it be possible to remove it from detection?

rootkit

Thank you !

The guys from the LAB will take a look

Niels

Hello rcw,

This is just a warning because these tools can also be used by malware. The main purpose is to warn people that some off these tools are on there system. In this case it's a remote control software.By default BitDefender will take no action on these kind off tools detection. The user should decide itself.

Kind regards,

Niels

rcw

By default BitDefender will take no action on these kind off tools detection. The user should decide itself.

Thanks for getting back to me on this!

Unfortunately, this is not the behavior I saw when using BitDefender Client Security installed via BitDefender Management Console 3.0. Until I manually created an exclusion policy for the folder I was running gencontrol.exe from (filename exclusions would be nice here), as well as the folder that gencontrol copies winvnc.exe to (c:\vnctemp\winvnc.exe), BitDefender would prevent gencontrol.exe from running, and would automatically quarantine c:\vnctemp\winvnc.exe.

Niels

Hello rcw,

I am only familiar with the customer BitDefender products not the business editions. So that could be different.

You can disable riskware detection. This should be possible in version 3. See this topic. In the normal customer versiosn you can disable riskware detection as follow right click on the red BitDefender icon near the system tray press on open advanced settings. You will see the antivirus section and the shield section should be highlighted press on custom level expand scan accessed files and uncheck scan riskware press on ok to save the changes.

Kind regards,

Niels