UBCD4Win Forums: Threat alert - UBCD4Win Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Threat alert

#1 User is offline   Glee Icon

  • Newbie
  • Pip
    • Group: Members
    • Posts: 2
    • Joined: 26-February 05

    Posted 28 December 2007 - 03:20 PM

    I am creating the .iso file using the UBCD4Win CD that I purchased (it is Version 3.10). After clicking the "click here to install" button in the UBCD4Win Installation window, things are proceeding normally. Then, AVG Pro opens a red "Threat Warning" window that flags the file 0bfustat.ADQY in the directory c:\UBCD4Win\plugin\network\nwdskpe. I would normally think this is a false positive; however, that is a very suspicious filename. If I tell AVG to ignore the threat, a series of error windows pop up listing path errors (Error #75) and the .iso file is not written. Does anyone know if the file being flagged (0bfustat.ADQY ) is "safe" -- if it is, I'll just disable AVG. Thanks for any advice.
    0

    #2 User is offline   thomasjk Icon

    • Advanced Member
    • PipPipPipPip
      • Group: Members
      • Posts: 372
      • Joined: 09-November 05

      Posted 28 December 2007 - 03:56 PM

      View PostGlee, on Dec 28 2007, 03:20 PM, said:

      I am creating the .iso file using the UBCD4Win CD that I purchased (it is Version 3.10). After clicking the "click here to install" button in the UBCD4Win Installation window, things are proceeding normally. Then, AVG Pro opens a red "Threat Warning" window that flags the file 0bfustat.ADQY in the directory c:\UBCD4Win\plugin\network\nwdskpe. I would normally think this is a false positive; however, that is a very suspicious filename. If I tell AVG to ignore the threat, a series of error windows pop up listing path errors (Error #75) and the .iso file is not written. Does anyone know if the file being flagged (0bfustat.ADQY ) is "safe" -- if it is, I'll just disable AVG. Thanks for any advice.
      Read this http://www.ubcd4win.com/faq.htm#false.
      Tom K.
      0

      #3 User is offline   rdsok Icon

      • rdsok
      • PipPipPipPipPipPipPipPip
        • Group: Admin
        • Posts: 6,037
        • Joined: 02-October 05
        • Gender:Male
        • Location:Norman, Ok. USA

        Posted 28 December 2007 - 04:48 PM

        Hmm... I'd just tested that the other day after another AV had detected the file as a threat and AVG had showed it as clean that day... just goes to show you it changes day to day with all of the antivirus programs.

        These instructions are actually for AVG Free users but it will also work for Pro... see http://forum.grisoft...um/read.php...0,backpage=,sv=

        I'm not certain, but in the Pro version, you may even be able to do the reporting of the false directly from within AVG itself... but its been so long since I ran the Pro version that I can't remember for certain.
        Plan A is always more effective when the device you are working on understands that Plan B involves either a large hammer or screwdriver....
        0

        #4 User is offline   Glee Icon

        • Newbie
        • Pip
          • Group: Members
          • Posts: 2
          • Joined: 26-February 05

          Posted 28 December 2007 - 05:14 PM

          Thanks much for the grisoft clue. I'd still like to know what this file is.
          0

          #5 User is offline   rdsok Icon

          • rdsok
          • PipPipPipPipPipPipPipPip
            • Group: Admin
            • Posts: 6,037
            • Joined: 02-October 05
            • Gender:Male
            • Location:Norman, Ok. USA

            Posted 29 December 2007 - 01:17 AM

            View PostGlee, on Dec 28 2007, 04:14 PM, said:

            Thanks much for the grisoft clue. I'd still like to know what this file is.


            Perhaps you may try reading the [UBCD4Win]\plugin\Network\nwdskpe\nwdskpe.htm file... as it states its part of the Netware Client package
            Plan A is always more effective when the device you are working on understands that Plan B involves either a large hammer or screwdriver....
            0

            #6 User is offline   rdsok Icon

            • rdsok
            • PipPipPipPipPipPipPipPip
              • Group: Admin
              • Posts: 6,037
              • Joined: 02-October 05
              • Gender:Male
              • Location:Norman, Ok. USA

              Posted 30 December 2007 - 03:05 PM

              Grisoft has resolved this false postive in their Free and Pro versions... the beta's definitions they have still has the false.
              Plan A is always more effective when the device you are working on understands that Plan B involves either a large hammer or screwdriver....
              0

              #7 User is offline   SteelTrepid Icon

              • Administrator
              • PipPipPipPipPipPipPipPip
                • Group: Admin
                • Posts: 6,191
                • Joined: 27-April 04
                • Gender:Male
                • Location:Ohio

                Posted 30 December 2007 - 03:26 PM

                That file also looks like a temporary file, InnoSetup creates several temporary files while extracting UBCD4Win. I've seen this a few times and have always wondered if it's the AV that is picking up the "riskware" or if it's caused by the way InnoSetup extracts??
                "I play Russian roulette everyday, a man's sport, with a bullet called life"

                "My cause is noble, my power is pure"
                0

                Page 1 of 1
                • You cannot start a new topic
                • You cannot reply to this topic

                1 User(s) are reading this topic
                0 members, 1 guests, 0 anonymous users