Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> malware scanner triggered?
fuzzynco
post Sat, Jul 27 2013, 01:24
Post #1


Board Newbie
*

Group: Visitor
Posts: 1
Joined: 27-July 13
Member No.: 360



Is this an issue?




Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.26.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
fuzzy :: OWL [administrator]

Protection: Enabled

7/26/2013 11:40:43 AM
MBAM-log-2013-07-26 (19-28-19).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 768652
Time elapsed: 3 hour(s), 23 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Istaria\HCC_Plugin_CD.exe (Trojan.Agent) -> No action taken.
C:\Istaria\HCC_v2.30.exe (Trojan.Agent) -> No action taken.
C:\Program Files (x86)\HCC2\Plugins\HCC Public Order Database\curl.exe (Trojan.Agent) -> No action taken.

(end)
Go to the top of the page
 
+Quote Post
Arcat
post Sat, Jul 27 2013, 08:37
Post #2


Fletcher
*******

Group: Admin
Posts: 1.651
Joined: 22-March 04
From: Vienna, Austria
Member No.: 155



Hi fuzzynco,

I've re-downloaded the latest release (v2.30) from the official site (http://hcc.reclamation.dk/?tag=download) and sent the two binaries to Jotti's malware scan (http://virusscan.jotti.org/en). Jotti is a website that allows you to upload files and run multiple virus scans (avast, clamAV, eset, kaspersky, etc.) for free.

The result looks good, see Screenshot.

HCC.exe (MD5: 0A3477299A9921F734A2C558A997872F) - No viruses detected
curl.exe (MD5: 47489D8CC362ECF1D4BD01DD8A75BF49) - No viruses detected

I don't know what "HCC_Plugin_CD.exe" is, that file isn't part of my release. If you are using a 3rd party plugin, you might wanna contact them for additional support.

It could still be possible that your local installation is infected, try comparing the MD5 values with a checksum tool like http://www.winmd5.com, send your three files to Jotti or simply re-install HCC to make sure you get the latest official release.


Edit: The checksum of the installer (HCC_v2.30.exe, MD5: 8961F567F8021AC3335B9FF1A200166B) matches my original release (I kept the value stored on my local machine). Therefore I'm 100% certain that the binary on my server wasn't tampered or modified! However you'll still need to scan your local installation and check where HCC_Plugin_CD.exe comes from.


best,
Arcat


--------------------
Arcat - (Cleric 100, Warrior 100) - Live Stats (v2.1) | Resources | Need Armor?
Carpenter 100, Enchanter 100, Weaver 78, Fitter 41, Mason 22 - Gatherer 86, Miner 51
Alchemist 100, Fletcher 100, Outfitter 100, Tinkerer 37, Rest at 20+

Critter of Arcat - (Adult Dragon 37)
Dragon Crafter 53, Hoard ~5mio, Path of the Helian

8-Ball: Reply hazy, try again.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version | Default Theme | Dark Theme | Credits, Terms and Rules Time is now: 21st November 2017 - 03:53