|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| General Computer Security Get Help With System Security - This forum is not for malware removal assistance. For malware removal assistance, read the sticky topic at the top of the Virus/Trojan/Spyware Help forum, or the "First Steps" link at the top right of each page. |
 |
|
|
LinkBack | Thread Tools |
02-03-2007, 11:35 AM
|
#1 (permalink) |
|
Moderator Hardware Team
Join Date: Oct 2006
Location: Brit living in Greece
Posts: 7,526
OS: WinME, WinXP Pro SP3, Win7 Beta, Ubuntu 9.04 & Netbook Remix & CD2USB, Mepis 6.5, Fedora 10
|
Info Please - Infected UBCD?
I ran Zonealarms "spyware" check and it brought up some points that I would like to clear up.
Inside the folders that I have been using to create UBCD in English & Greek I have been givena warning about a program called TIGHTVNC 1.2.9 saying that I should quarantine it because it says it's a RAT! Since I have been doing various stuff on a couple of different drives & partitions It hads suggested that I quarantine the following: What do you guys think .. is it genuine or one of those situations where a diagnosis program is highlighted because of certain context or performance! I have a program which has been highlighted by another program because it has picked out my passwords for sites (ones that I had long forgotten but are stored on the PC) The files below seem to be the same ones over and over but in different guises that I was setting up for my diagnostics CD. File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\winvnc.exe File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\winvnc.exe File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\winvnc.exe File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\winvnc.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\winvnc.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\winvnc.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\winvnc.exe File: S:\Computer stuff\FM1_D\PC Diagnostics\UBCD_CD\plugin\Network\ultravnc\files\winvnc.exe File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\vncviewer.exe File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\vncviewer.exe File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\vncviewer.exe File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\vncviewer.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\vncviewer.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\vncviewer.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\vncviewer.exe File: S:\Computer stuff\FM1_D\PC Diagnostics\UBCD_CD\plugin\Network\ultravnc\files\vncviewer.exe File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\vnchooks.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\vnchooks.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\vnchooks.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\vnchooks.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\vnchooks.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\vnchooks.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\vnchooks.dll File: S:\Computer stuff\FM1_D\PC Diagnostics\UBCD_CD\plugin\Network\ultravnc\files\vnchooks.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\ldapauth.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\ldapauth.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\ldapauth.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\ldapauth.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\ldapauth.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\ldapauth.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\ldapauth.dll File: S:\Computer stuff\FM1_D\PC Diagnostics\UBCD_CD\plugin\Network\ultravnc\files\ldapauth.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\workgrpdomnt4.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\workgrpdomnt4.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\workgrpdomnt4.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\workgrpdomnt4.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\workgrpdomnt4.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\workgrpdomnt4.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\workgrpdomnt4.dll File: S:\Computer stuff\FM1_D\PC Diagnostics\UBCD_CD\plugin\Network\ultravnc\files\workgrpdomnt4.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\authadmin.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\authadmin.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\authadmin.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\authadmin.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\authadmin.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\authadmin.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\authadmin.dll File: S:\Computer stuff\FM1_D\PC Diagnostics\UBCD_CD\plugin\Network\ultravnc\files\authadmin.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\logging.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\logging.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\logging.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\logging.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\logging.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\logging.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\logging.dll File: S:\Computer stuff\FM1_D\PC Diagnostics\UBCD_CD\plugin\Network\ultravnc\files\logging.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\authSSP.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\authSSP.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\authSSP.dll File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\authSSP.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\authSSP.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\authSSP.dll File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\authSSP.dll File: S:\Computer stuff\FM1_D\PC Diagnostics\UBCD_CD\plugin\Network\ultravnc\files\authSSP.dll File: N:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\MSLogonACL.exe File: N:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\MSLogonACL.exe File: P:\WinXP_SP2 & BART_UBCD4\BartPE\PROGRAMS\ultravnc\MSLogonACL.exe File: P:\WinXP_SP2 & BART_UBCD4\BartPE_GK\PROGRAMS\ultravnc\MSLogonACL.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE\PROGRAMS\ultravnc\MSLogonACL.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\BartPE_GK\PROGRAMS\ultravnc\MSLogonACL.exe File: P:\WinXP_SP2 & BART_UBCD4\UBCD_CD\plugin\Network\ultravnc\files\MSLogonACL.exe
__________________
.  . I'm not old!! I'm age impaired  .. D_F I DON'T PLAY GAMES How to mark your thread as solved  HDD DIAG UTILS TSF's Photographer's Corner |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
02-03-2007, 12:22 PM
|
#2 (permalink) | |
|
Moderator Hardware Team
Join Date: Oct 2006
Location: Brit living in Greece
Posts: 7,526
OS: WinME, WinXP Pro SP3, Win7 Beta, Ubuntu 9.04 & Netbook Remix & CD2USB, Mepis 6.5, Fedora 10
|
I applied the first file to virus total
this is the response I got Quote:
__________________
. . I'm not old!! I'm age impaired .. D_F I DON'T PLAY GAMES How to mark your thread as solved HDD DIAG UTILS TSF's Photographer's Corner |
|
|
|
|
|
02-03-2007, 12:48 PM
|
#3 (permalink) |
|
Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic
|
Hi DF
As you say, it's highlighted because it's function is to allow remote access to a system. Therefore there is a possibility of this being exploited by hackers etc. But of course, all you have there is genuine, so make of that what you will...
__________________
Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums.   PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner |
|
|
|
|
02-03-2007, 01:04 PM
|
#4 (permalink) |
|
Moderator Hardware Team
Join Date: Oct 2006
Location: Brit living in Greece
Posts: 7,526
OS: WinME, WinXP Pro SP3, Win7 Beta, Ubuntu 9.04 & Netbook Remix & CD2USB, Mepis 6.5, Fedora 10
|
Thanks to another link raised by GG I have been doing some self help by checking out one of each of these similar files to the same virus scan engine.
So far I have scanned another 6 files (DLL's) & found that NONE are suspected of being infected. Not even by M$ !! The only conclusion that I can come up with is that someone wants to blacken the reputation of certain "EXEcutable" files. I would hazard a guess that I will find none yet a reputable company has now told me that these files are suspect .. where do they get their info from?
__________________
. . I'm not old!! I'm age impaired .. D_F I DON'T PLAY GAMES How to mark your thread as solved HDD DIAG UTILS TSF's Photographer's Corner |
|
|
|
|
02-03-2007, 01:50 PM
|
#5 (permalink) |
|
Moderator Hardware Team
Join Date: Oct 2006
Location: Brit living in Greece
Posts: 7,526
OS: WinME, WinXP Pro SP3, Win7 Beta, Ubuntu 9.04 & Netbook Remix & CD2USB, Mepis 6.5, Fedora 10
|
Confirmed that only one file was suspected of being a virus & ONLY by M$. The rest are considered to be virus free.
__________________
. . I'm not old!! I'm age impaired .. D_F I DON'T PLAY GAMES How to mark your thread as solved HDD DIAG UTILS TSF's Photographer's Corner |
|
|
|
|
02-04-2007, 12:45 AM
|
#7 (permalink) |
|
Moderator Hardware Team
Join Date: Oct 2006
Location: Brit living in Greece
Posts: 7,526
OS: WinME, WinXP Pro SP3, Win7 Beta, Ubuntu 9.04 & Netbook Remix & CD2USB, Mepis 6.5, Fedora 10
|
THanks Kalim, I believe I already grabbed that download too .. one just can't have too many diagnostics & boot programs
__________________
. . I'm not old!! I'm age impaired .. D_F I DON'T PLAY GAMES How to mark your thread as solved HDD DIAG UTILS TSF's Photographer's Corner |
|
|
|
|
| Thread Tools | |
|
|
