I was posting on another forum about an install that I was doing and a budy showed me http://www.ultimatebootcd.com/ . It sounds like a top notch set of tools and I can't wait to ad it to my collection. I'm posting here today as an FYI sort of as a thank you for such great work.
I downloaded UBCD4Win from generalcomputersupport.com and got a
Trojan.PWS.Ras.A
Found it with Bitdefender
Found a Trojan (Not)
Moderators: Icecube, StopSpazzing
Found a Trojan (Not)
Last edited by BGH on Tue Jan 09, 2007 2:40 pm, edited 1 time in total.
Noobe with a cause
Well, 2 things :
- these here website and forum are not affiliated in any way with UBCD4Win
- this may be a false positive... but you're not supposed to download UBCD4Win, you're supposed to build it using tools provided. I'd recommend to download from the official website or one of its official mirrors, listed here : http://ubcd4win.com/downloads.htm
Do not trust any other website about this, unless you know it's a website you can trust in general.
You may also compare the md5 hash for the file you already downloaded with the one written on the page I provided a link to, to check if your download is ok or corrupted by any mean...
See also : http://ubcd4win.com/faq.htm#false
- these here website and forum are not affiliated in any way with UBCD4Win
- this may be a false positive... but you're not supposed to download UBCD4Win, you're supposed to build it using tools provided. I'd recommend to download from the official website or one of its official mirrors, listed here : http://ubcd4win.com/downloads.htm
Do not trust any other website about this, unless you know it's a website you can trust in general.
You may also compare the md5 hash for the file you already downloaded with the one written on the page I provided a link to, to check if your download is ok or corrupted by any mean...
See also : http://ubcd4win.com/faq.htm#false
Hammerite Compendium of Precepts, Regimens and Rules of Conduct, Vol. 113 :
A stroke of thy chisel, once made, canst be undone, but a stroke thou dost not make from fear is a worse flaw.
Be not cautious - be correct.
A stroke of thy chisel, once made, canst be undone, but a stroke thou dost not make from fear is a worse flaw.
Be not cautious - be correct.
Well, did your anti-virus tell you in which precise file it supposedly had found this trojan ?
Looks like there is something about this particular "trojan" in their FAQ.
Anyway, I downloaded the file from the website you said and checked the MD5 hash using Hashtab : seems ok, so the file isn't corrupted.
Looks like there is something about this particular "trojan" in their FAQ.
Anyway, I downloaded the file from the website you said and checked the MD5 hash using Hashtab : seems ok, so the file isn't corrupted.
Hammerite Compendium of Precepts, Regimens and Rules of Conduct, Vol. 113 :
A stroke of thy chisel, once made, canst be undone, but a stroke thou dost not make from fear is a worse flaw.
Be not cautious - be correct.
A stroke of thy chisel, once made, canst be undone, but a stroke thou dost not make from fear is a worse flaw.
Be not cautious - be correct.
-
baronvonfoxbat7734
- Posts: 90
- Joined: Thu Sep 29, 2005 5:44 am
Due to several of the utilities that are included in the UBCD4Win, many times a year several AV vendors accidentally detect trojans and such when there is none. Another thing that pops up is that some files are flagged as hacktools and some people confuse that for trojans as well. Not that you have, just a info statement.
As Constance mentioned, if in doubt double check the hash before running to double check it has not been tampered with. If it says exactly what file is offensive, you can upload the file to http://virusscan.jotti.org/ and have it check the file against all the other AV vendors out there. Sometimes it is just one that flags that file and sometimes several vendors flag the file. It is a good benchmark to test the file.
As Constance mentioned, if in doubt double check the hash before running to double check it has not been tampered with. If it says exactly what file is offensive, you can upload the file to http://virusscan.jotti.org/ and have it check the file against all the other AV vendors out there. Sometimes it is just one that flags that file and sometimes several vendors flag the file. It is a good benchmark to test the file.
I believe it was a keystroke logger of some kind. I'll see if I can't find some reference to it. I've had false positives before and no big deal. What made me curious about this one was that windows would not delete it to the recycle bin. I had to use the virus software to yank it out.
k:\temp folder\plugin\system-info\information\keyfinderpe\keyfinder.exe infected: Trojan.PWS.Ras.A
I am not a programmer and what I know about computers can fit into a thimble. By that, I'm saying that I know way more than Forest Gump, but less than a motivated teenager.
Thanks for the help.
k:\temp folder\plugin\system-info\information\keyfinderpe\keyfinder.exe infected: Trojan.PWS.Ras.A
I am not a programmer and what I know about computers can fit into a thimble. By that, I'm saying that I know way more than Forest Gump, but less than a motivated teenager.
Thanks for the help.
Noobe with a cause
-
baronvonfoxbat7734
- Posts: 90
- Joined: Thu Sep 29, 2005 5:44 am
keyfinder... gotcha. What that nice little tool is all about is simply allowing you to see what product keys are installed for your MS products and maybe a few others as well. It is not malicious by itself. If in the wrong hands (1337 h4x0rz) it can be used to steal the product keys of valid products and post them on warez sites.
Summary, no worries big buddy on that little gem of a file. It is not going to harm you more than M$ already has.
-=EDIT=-
It can also be used by SysAdmins to copy out a key that someone has lost the key to. Such as if the system is dead and needs to be rebuilt but the office key is missing, this little tool can get the key to re-install the office product back onto the machine and such. Very handy in those types of situations and of which is why it is included.
Summary, no worries big buddy on that little gem of a file. It is not going to harm you more than M$ already has.
-=EDIT=-
It can also be used by SysAdmins to copy out a key that someone has lost the key to. Such as if the system is dead and needs to be rebuilt but the office key is missing, this little tool can get the key to re-install the office product back onto the machine and such. Very handy in those types of situations and of which is why it is included.
Constance wrote:Well, 2 things :
- these here website and forum are not affiliated in any way with UBCD4Win
- this may be a false positive... but you're not supposed to download UBCD4Win, you're supposed to build it using tools provided. I'd recommend to download from the official website or one of its official mirrors, listed here : http://ubcd4win.com/downloads.htm
Do not trust any other website about this, unless you know it's a website you can trust in general.
You may also compare the md5 hash for the file you already downloaded with the one written on the page I provided a link to, to check if your download is ok or corrupted by any mean...
See also : http://ubcd4win.com/faq.htm#false
After doing some reading on one of the links you posted, I realized that the solution was there for me to find. I just didn't look close enough. Thumbs up Cola.
Noobe with a cause
