Jump to content


Photo

Avenger on C: Drive


  • Please log in to reply
4 replies to this topic

#1 antd

antd

    New Member

  • Members
  • Pip
  • 2 posts

Posted 27 August 2009 - 10:27 AM

This is a weird one.
Last week I saw a folder named 'Documents' on my c: drive root. There was also a .txt file named avenger.txt.
I did not create these.

I thought I must've installed the anti-malware program 'avenger'. The avenger.txt file is attached. It merely contains a log as if it is an anti-malware program. In fact, the text file gives the website:
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com


I can say with 100% accuracy that I did not install this program, good or bad...

The folder 'documents' is empty.

Now fast-forward to today. I was looking in my C: drive as I moved a file there. And suddenly I see avenger.txt and the 'documents' folder appear again!

As I said, the only thing I run is malwarebytes.

What is this avenger thing? And why is it creating a log file without my knowledge?!

Attached Files



#2 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 27 August 2009 - 10:53 AM

Hello.

Are you the sole user of this system? Home pc?

Avenger.txt is only a log file, created after a run of the tool Avenger. This tool should only ever be used with the guided help of an expert.

One must ask, where is this system and is it in a secure environmnet? in a network setting?
More important, does it have antivirus and anti-malware apps current & installed, and scanned on a regular basis?
What is the make of the AV product?
Do a full scan with your AV in both normal mode, and in Safe mode. See what results are.

Also, scan with MBAM. what are the results?

I am not looking for logs, but just the general findings.

It would appear someone is using a "torrent" for downloads, and quite possibly using flash-drives on the G drive.
A last caution, someone may be using warez or crack software, since I notice usage of a keygen in the Avenger log.
If it turns out this system has warez or cracks, we cannot help you, until all that is removed.
I am assuming you are the owner of this system.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#3 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,033 posts
  • Gender:Male

Posted 28 August 2009 - 05:10 AM

It's also possible that the avenger.txt file was left behind by MBAM during a removal. Please see this thread for details.
Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#4 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 28 August 2009 - 08:24 AM

Good point, Exile360. Thank you for pointing that out.

@antd, Delete the file and rest easy.
Disregard my prior comments regarding downloads.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#5 antd

antd

    New Member

  • Members
  • Pip
  • 2 posts

Posted 28 August 2009 - 01:10 PM

Thanks guys for your replies.

I am the owner and only use MBAM as protection (but I run questionable programs inside virtual machines which I delete every so often).

I happen to collect keygens... lol - I collect them for their music! Normally I rip out the music and delete the .exe's since they may well contain trojans. (of course I do all of this in virtual machines and inside sandboxie program)


But the thing is, I deleted the Avenger files last week and they just reappeared. Maybe MBAM installed a new version and therefore uninstalled an old version of itself, causing the files to come back??
Thanks, I'll take a look at the thread in your post.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users