Jump to content
Belahzur

avenger.exe again

Recommended Posts

Malwarebytes' Anti-Malware 1.37

Database version: 2296

Windows 5.1.2600 Service Pack 2

Files Infected:

c:\documents and settings\Chris\Desktop\avenger.exe (Trojan.Agent) -> No action taken. [41345241302017712023251770171724692619212623177169232222192169702023231718]

Thanks guys. :)

Share this post


Link to post
Share on other sites

Thanks for bringing that to our attention. It's been corrected. Sorry for any inconvenience caused.

Share this post


Link to post
Share on other sites

I actually just came here to start a thread about this.

A poster on 2+2 had a rootkit we got rid of with The Avenger and then MBAM removed Avenger.exe from his desktop.

Post:

http://forumserver.twoplustwo.com/showpost...mp;postcount=58

Entire thread:

http://forumserver.twoplustwo.com/48/compu...malware-509262/

The scan was today but it looks like it was an older database version.

Malwarebytes' Anti-Malware 1.37

Database version: 2289

Windows 6.0.6002 Service Pack 2

6/19/2009 6:06:12 AM

mbam-log-2009-06-19 (06-06-12).txt

Scan type: Full Scan (C:\|)

Objects scanned: 210833

Time elapsed: 2 hour(s), 15 minute(s), 52 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Users\sharukh shaw\Desktop\avenger.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Keep up the great work you guys are doing. MBAM is invaluable to us!

Share this post


Link to post
Share on other sites

First off, a big thanks to all the experts here. The Search button :P and all your knowledge helped me remove an msivx problem.

I know the MBAM team is working on the Avenger false positive, so I wanted to let you know that it's still around in the latest version. Here's my log:

Malwarebytes' Anti-Malware 1.38

Database version: 2323

Windows 5.1.2600 Service Pack 2

23/06/2009 10:54:11 AM

mbam-log-2009-06-23 (10-53-22).txt

Scan type: Full Scan (C:\|D:\|)

Objects scanned: 652109

Time elapsed: 3 hour(s), 45 minute(s), 26 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\documents and settings\Atrial13\Desktop\avenger.exe (Trojan.Agent) -> No action taken.

Share this post


Link to post
Share on other sites

Hello.

@ LirvA - Yes, version 1.37 db version 2289, this was already corrected, the user just needs to update.

@ Atrial - Looks like it's already been corrected too. My MBAM db version 2326 doesn't detect the avenger. Update your defs and it shouldn't be detected anymore.

Share this post


Link to post
Share on other sites
Hello.

@ LirvA - Yes, version 1.37 db version 2289, this was already corrected, the user just needs to update.

@ Atrial - Looks like it's already been corrected too. My MBAM db version 2326 doesn't detect the avenger. Update your defs and it shouldn't be detected anymore.

database 2332 still detecting avenger.exe

Malwarebytes' Anti-Malware 1.38

Database version: 2332

Windows 5.1.2600 Service Pack 2

6/25/2009 12:02:07 AM

mbam-log-2009-06-25 (00-01-58).txt

Scan type: Full Scan (C:\|)

Objects scanned: 234865

Time elapsed: 2 hour(s), 3 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\documents and settings\LirvA\my documents\theavenger\avenger\avenger.exe (Trojan.Agent) -> No action taken.

Share this post


Link to post
Share on other sites

Hope the MBAM guys don't mind me posting this, but I know how hard they work. :P

@ LirvA - I'm in college right now and can't test it myself, but if it is still happening, you'll need to run MBAM in developer mode.

See here

Plus, just use quick scan, more effective than full scan.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.