Jump to content

Recommended Posts

Hello,

Detection log (not scan)

09:29:33 User MESSAGE Protection started successfully

09:29:37 User MESSAGE IP Protection started successfully

09:30:06 User MESSAGE IP Protection stopped

09:30:08 User MESSAGE Database updated successfully

09:30:09 User MESSAGE IP Protection started successfully

09:37:22 User IP-BLOCK 91.197.130.247 (Type: outgoing, Port: 49598, Process: avp.exe)

09:37:54 User IP-BLOCK 91.197.130.247 (Type: outgoing, Port: 49773, Process: avp.exe)

09:57:44 User IP-BLOCK 91.197.130.247 (Type: outgoing, Port: 50682, Process: avp.exe)

15:04:32 User MESSAGE Protection started successfully

15:04:36 User MESSAGE IP Protection started successfully

15:05:07 User MESSAGE IP Protection stopped

15:05:09 User MESSAGE Database updated successfully

15:05:10 User MESSAGE IP Protection started successfully

15:07:02 User DETECTION C:\PROGRAM FILES\SolSuite\Sol2.rgf Trojan.Dropper QUARANTINE

15:07:15 User DETECTION C:\Program Files\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:07:15 User DETECTION C:\PROGRAM FILES\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:07:15 User DETECTION C:\Program Files\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:07:15 User DETECTION C:\Program Files\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:07:15 User DETECTION C:\PROGRAM FILES\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:07:16 User DETECTION C:\PROGRAM FILES\SOLSUITE\SOL2.RGF Trojan.Dropper DENY

15:07:16 User DETECTION C:\PROGRAM FILES\SOLSUITE\SOL2.RGF Trojan.Dropper DENY

15:08:14 User DETECTION C:\PROGRAM FILES\SOLSUITE\SOL2.RGF Trojan.Dropper DENY

15:38:28 User DETECTION C:\Program Files\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:38:28 User DETECTION C:\Program Files\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:38:29 User DETECTION C:\Program Files\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:38:29 User DETECTION C:\PROGRAM FILES\SolSuite\SolSuite.exe Trojan.Dropper ALLOW

15:38:29 User DETECTION C:\PROGRAM FILES\SolSuite\Sol2.rgf Trojan.Dropper DENY

15:38:31 User DETECTION C:\Program Files\SolSuite\Sol2.rgf Trojan.Dropper DENY

15:59:17 User DETECTION C:\PROGRAM FILES\SolSuite\Sol2.rgf Trojan.Dropper DENY

I restored the file Sol2.rgf from quarantine and ran the developers scan, this is the result :

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6192

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

28/03/2011 15:48:00

mbam-log-2011-03-28 (15-48-00).txt

Scan type: Quick scan

Objects scanned: 161072

Time elapsed: 1 minute(s), 9 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Finally the files went trough Virutotal and Jotti : these are the links :

http://www.virustotal.com/file-scan/reanalysis.html?id=e9b77da3ca87f64bc29fe3b6948367ccd54f163c0275c269b480be0e00295a96-1301320587

http://virusscan.jotti.org/en/scanresult/438ddf71b2079827c801b0efef5722a8af1b81a4

I also included the rar file containing the two files that were detected with Trojan Dropper.

Hope I did everything right.

Sol2.rgf and solsuite.rar

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.