Jump to content

Over 50,000 detections (!)


Recommended Posts

About 3 hours ago, I ran MBAM on a Windows 7 Pro 32bit PC while in Safe Mode.  When it started the last step (heuristic analysis), the counter went from about 250 detections to well over 50,000.  When it completed, MBAM was hung up (not responding) and I had to shut it down via Task Manager. As far as I can tell, no scaN log was created so Iwasn't able to see the results of the scan..

 

Needless to say, I'm a bit wary of letting MBAM clear up such a large number of detections.  Is it possible to have that many traces of infections or was there a problem with the latest MBAM updates?

 

I subsequently ran SuperAntiSpyware, which uninstalled 12 unwanted programs and then found about 45 traces of malware.

 

--Don

Link to post
Share on other sites

Hi:

 

Just to be clear -- were those actual detections or was that the count of the files scanned?

 

Please open the GUI > History > Application Logs.

Then double-click the scan with the correct date/time stamp to open it > click "Export" > export to .txt file > save it to your desktop > attach the txt file log to your next reply here.

(I'm asking you to post it that way, rather than posting it directly into your topic, as it may be too large to copy/paste from the clipboard.)

 

There was a problem with a database 2 weeks ago (7/26/14 -- db 2014.07.26.09) that was fixed within 3 hours that day.

I *assume* you are scanning with a more recent database than that.

However, until we can see the scan log, do NOT delete any items from quarantine and do not reboot the computer.

 

I'm quite certain we will need to send you to the Malware removal section of the forum for further help, but the staff/experts will want to make sure that this scan was not run under the defective database from 2 weeks ago.....  Just a precaution.

 

Thanks,

Link to post
Share on other sites

Hi,
 
If there was no scan log, then that may be because you aborted the scan?
(Normally there would be a log, as shown in the screen shot.)

But, your issue does not appear to be related to the false positive from 2 weeks ago.
 
In any event, you have reported that the system is infected and we cannot work on malware diagnostics/removal here in this forum.
So, I suggest that you might want to obtain expert help.
To do so, please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
A malware analyst will guide you through the scanning and cleanup process.

Thanks,

post-29793-0-48402200-1407545593_thumb.p

Link to post
Share on other sites

I guess it's possible I aborted the scan.  Nothing I clicked on, including the X in the upper right corner, responded.  Perhaps it was under a strain trying to present the results of so many detections(?).

 

Anyway, I'll run some other tools and then try the scan again to see if there's an improvement.

 

Thanks for the suggestions.

Link to post
Share on other sites

Yes, the system might have locked up during the scan, if the system is badly infected.

(The fact that you were running in Windows Safe Mode suggests that was the case?  MBAM should normally be run in normal Windows mode, not Safe Mode, if at all possible.)

 

It's certainly up to you, of course.

But self-medication & running powerful malware removal tools on a badly infected system without expert help can cause further damage and make it hard to recover.

 

As such, I would again suggest that you might want to please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
A malware analyst will guide you -- for free -- through the scanning and cleanup process.

 

Your choice, though.

 

Cheers,

Link to post
Share on other sites

Yes, I was in Safe Mode because I saw many indications of malware and it was difficult to use the web browsers (IE and Chrome).

 

Previous installations of MBAM and other cleanup programs were no longer installed, although I can't be sure if was the infections or the user that accomplished that.  I was unable to reinstall MBAM in normal mode due to all the "interference".

 

I always check the scan results carefully before I give the go-ahead for removal.  Having said that, I can't imagine checking 50,000+ results.

 

I'll run MBAM in normal mode this time.  If I get similar results I'll return and follow the link you've provided.

 

Thanks, again.

Link to post
Share on other sites

UPDATE:  After successfully running other removal tools (SuperAntispyware, TDSSKiller, Dr.Web) I ran MBAM in normal mode. Before running it, I did another database update. 

 

It reached 53,823 detected objects, then stopped -- the Scanner Progress bar froze and there was "(Not Responding)" in the title bar. There was also another MBAM window that had opened but it was completely blank. I presume it was some kind of notification window. I gave it about 30 minutes to "recover".  It didn't. Again, I had to shut it down via Task Manager and, again, there was no scan log.  MBAM was using about 25% of the CPU cycles when I terminated it.

Link to post
Share on other sites

Thanks for the update.

 

You stated in your original post that the computer is infected.

I understand that you have run several malware removal tools on your own.

There may be malware remnants and/or system damage from the infection.

However, we are NOT permitted to work on infected or possibly infected systems in this area of the forum.

 

I would again suggest that you might want to please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.

It explains how to get free help, either in the malware removal section of the forum, or at the help desk.
A malware analyst will guide you -- for free -- through the scanning and cleanup process.

 

Thank you,

Link to post
Share on other sites

ANOTHER UPDATE: I'm providing this info in case it helps others with the same issue/mystery

 

I tried to reset Google Crome (their main browser) and got a "Preferences could not be read" message.  A little research turned up a manual way to reset Google Chrome:


 

The Chrome "Default" folder mentioned in the link above contained 242,339 files (!), which I permanently deleted.

 

Ran Kaspersky and Eset online scanners.

 

Ran MBAN yet again.  This time the Detected Objects totaled 934 and the scan completed.  (Still a major concern, but nothing like the original 50,000+)

Let MBAN quarantine all, rebooted, ran MBAM again. NO DETECTIONS!

 

Evidently, the vast majority of the detections were in Google Chrome's cache.  I normally use CCleaner to clear temporary files before scanning for gremlins but I must have skipped that step.
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.