Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unknown application


  • Please log in to reply
2 replies to this topic

#1 doctorphibes

doctorphibes

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:10 PM

Posted 12 August 2010 - 10:13 AM

I noticed last night that I have an unknown (to me at least...not unusual) rar.Upon opening there is an application that has downloads from all torrent and file sharing sites but no description whatsoever.
Does anyone know what u996.exe is? The only info I could find on Google is that it is unknown from an unknown publisher and is not necessary but should not be removed if not causing problems. I did download the Sophos version of the vulnerability exploit that has recently been discovered, that MS's version of the patch apparently (according to Grinler's post), can or will remove the icons from your desktop, but I don't recall that as the name of the file. Any answers?
Many thanks in advance,
doc
I am enough of the artist to draw freely upon my imagination. Imagination is more important than knowledge. Knowledge is limited. Imagination encircles the world. Albert Einstein

BC AdBot (Login to Remove)

 


#2 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,250 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:04:10 PM

Posted 12 August 2010 - 01:54 PM

I found only scant information relating to known files by the name "u966.exe" and what I did find was rather perplexing. There is a project hosted on Google Code called bma-ebook, which appears to have something to do with the nation of Burma (which is called Myanmar and has been under an oppressive military junta for a long time. You may remember some rather severe protests there making the news in 2007. The Myanmarian Junta rather severely limits, filters and monitors the use of the Internet by its citizens.)

Anyhow, near as I can figure, u966.exe (or at least the one I found) is some sort of internet proxy application. That is, a means by which a person in Myanmar could access otherwise prohibited Internet locations and data, such as those relating to anti-government activists and the like.

This is all largely speculation on my part since, as I said, information was scant and perplexing.

Bearing the above in mind, and assuming that you are neither a Burmese dissident nor attempting to proxy your internet usage, I would say that this file (and the other, torrent, files) indicates that your machine may be compromised and being actively used as a dumpster for bittorrent data, the proxy tool being a facilitator to that. For that reason, I am moving your topic to the "Am I Hacked? What Do I Do?" forum so that a system security helper can either rule out a hack attack or help you to remove it.

Edited by Andrew, 12 August 2010 - 01:56 PM.


#3 doctorphibes

doctorphibes
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:10 PM

Posted 12 August 2010 - 03:12 PM

Thank you Andrew,
Now that you mention it I was reading a forum post about the oppressive way the Chinese Gov. prevents internet contact with the outside world, especially on social networking sites like Facebook, etc. I did some further reading but did not (at least knowingly) download any applications. I also did not install (again knowingly) this app. Other torrents I referred to were what came up when I tried to google it. All you see is that it's on every torrent and filesharing site imaginable. Although I'm not above using a proxy, I simply don't know which, if any, are trustworthy. So I refrain.

What got me started was looking for a way to browse privately without slowing down my browser, or using things like Tor, etc. which I don't trust. I'm just fed up with all the spam I get any time I visit a website, or accidentally open the wrong email (scam mail, once you've opened one...it's all over but the crying). Even the "In Private browsing option on this machine slows it down significantly. I've had no luck in finding a freeware option in any case.

So, I guess I'll delete it, turn off system restore, and scan baby scan. I keep myself fairly well protected (I think). Webroot ISE, Pro version of MBAM and SAS (I like the anti-hijacking option on SAS, it hasn't failed me yet).

This is the last Windows machine I have. My other two are Linux. I've kept this one because of the Speech recognition program installed on it, and I have to say it's pretty impressive. With minimal training it's every bit as good as Dragon, plus it can run the machine itself without so much as lifting a finger past the logon stage...literally.
It even has a mousegrid you can invoke and speak grid block numbers for mouse clicks.
Sorry, too much info.
Thanks again for your response, and have a good one.
doc
I am enough of the artist to draw freely upon my imagination. Imagination is more important than knowledge. Knowledge is limited. Imagination encircles the world. Albert Einstein




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users