This exploid was closed in 2006, by an update from v101 to 102.
From uvnc point i don't see a risk.
But what i find realy strange is the chineese ip address.
Attacking computer: 192.168.1.6,5900
Destination: 121.8.103.14, 3789
It actual tell your PC is attacking 121.8.103.14, this looks strange.
Are you sure your pc is isolated from the net? Are you forwaring port
3789 ?
Not to be paranoid, but something strange is going.
Possible i just mis interpret the symatec message, but if your pc try to make an external (outgoing) connection, something intruct vnc to do this.
You could try to run tcpview to see what programs make network connections
http://technet.microsoft.com/en-us/sysi ... s/bb897437
Also verify if the signature of the winvnc.exe is still valid and signed by
uvnc bvba.