Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Eicar.mod On Activescan Pro, Please Help?


  • Please log in to reply
3 replies to this topic

#1 barlow

barlow

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:17 AM

Posted 14 August 2007 - 11:02 AM

I have run all the prelims, SBot A&D, Adaware SE, Stinger, cleaned up w/ run cleanmgr updated NAV, all that..
When I did a Panda ActiveScan Pro check it gave me this.


Incident Status Location

Spyware:Cookie/Doubleclick Disinfected C:\Documents and Settings\Precious Piggy\Application Data\Mozilla\Firefox\Profiles\4h3odm1f.default\cookies.txt[]
Virus:Eicar.Mod No disinfected C:\Documents and Settings\Rick\My Documents\Help.chm[HowCanITestDetection.html]
Potentially unwanted tool:Application/NirCmd.A No disinfected C:\fixwareout\FindT\nircmd.exe
Spyware:Cookie/PointRoll Disinfected C:\RECYCLER\NPROTECT\00748238.TXT
Spyware:Cookie/QuestionMarket Disinfected C:\RECYCLER\NPROTECT\00748252.TXT
Potentially unwanted tool:Application/Processor No disinfected C:\WINDOWS\system32\Process.exe


Here is my latest HJT log, can someone tell me if I have a problem please?

Attached Files


Edited by barlow, 14 August 2007 - 11:05 AM.


BC AdBot (Login to Remove)

 


#2 Blender

Blender

    I will eat your Malware


  • Malware Response Team
  • 2,363 posts
  • OFFLINE
  •  
  • Location:Ontario
  • Local time:02:17 PM

Posted 24 August 2007 - 02:43 AM

Hi and welcome.

Sorry for delay.

If you still need assistance please post a fresh hijackthis log here.
Copy/paste it into your post please. Not attach.

Thanks :thumbsup:

Regarding EICAR...

It is a special text string specifically designed to test antivirus software.
What your Panda is detecting is that text string within the help file you have in "my documents" (for Rick)
Eicar is not a true virus and is not malicious.

You can read about EICAR here:

http://www.eicar.org/anti_virus_test_file.htm

Your AV might yell becuase the eicar test string is displayed on the above page.
The site is not infecting your computer.... your AV is simply responding to the test string it was programmed to.
You can tell Norton to ignore that page.

Blender
I'll have an order of massive trojan attack please with a side order of rootkit and virus dip.
Pre-course order of fresh spyware salad please with a side order of polymorphic dressing.
And to drink...a nice tall glass of adware!

For dessert; can I have a bowl of the freshest worms you have please?.

Never Give Up!

If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware Posted Image

#3 barlow

barlow
  • Topic Starter

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:17 AM

Posted 26 August 2007 - 12:13 PM

Mahalo (Thanks) Blender,
After some online researching on my own, I came to that conclusion, but you just confirmed it. Appreciate the reply.

Aloha,
Barlow

#4 Blender

Blender

    I will eat your Malware


  • Malware Response Team
  • 2,363 posts
  • OFFLINE
  •  
  • Location:Ontario
  • Local time:02:17 PM

Posted 27 August 2007 - 12:53 AM

Hi,

You're welcome.

You should remove this though as it is part of a tool that is updated too often to keep around.
If ever you get "wareout" again a new copy of the tool would be needed.

C:\fixwareout <-- delete folder

Since the HJT log is clean, here is some great information to help you stay clean and safe online:
http://users.telenet.be/bluepatchy/miekiem...prevention.html
http://forums.spywareinfo.com/index.php?sh...mp;#entry549685
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml
http://temerc.com/hddncounttuts.html


If you want to help speed up your system Miekiemoes has some great information here:
http://users.telenet.be/bluepatchy/miekiem...owcomputer.html

Take care & surf safe!

Blender
I'll have an order of massive trojan attack please with a side order of rootkit and virus dip.
Pre-course order of fresh spyware salad please with a side order of polymorphic dressing.
And to drink...a nice tall glass of adware!

For dessert; can I have a bowl of the freshest worms you have please?.

Never Give Up!

If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users