NEW BLOG POST: Windows Defender AV’s behavior monitoring coupled with cloud-powered machine learning models uncovered and blocked a massive Dofoil (Smoke Loader) coin mining campaign. Read the post
Alert level: Medium Detected with Windows Defender Antivirus
Also detected as: RemoteAdmin.Win32.WinVNC.c (Kaspersky)
RemoteAccess:Win32/UltraVNC is a detection for a commercial program that allows a remote user to fully control the system on which it is installed. This program was detected by definitions prior to 1.147.1889.0 as it violated the guidelines by which Microsoft identified unwanted software. Based on analysis using current guidelines, the program does not have unwanted behaviors. Microsoft has released definition 1.147.1889.0 which no longer detects this program.