Jump to content

New Record For Total Infections?

TeMerc
 Share

Recommended Posts

  • Staff
TeMerc

TeMerc

Posted
  • Staff
Posted

I had a user in support send me a scan log from MBAM that had 42,979 infected files!

Below are the details and the log is attached for anyone who wants to view it, no doubt it would not fit in the post due to character limitations.

Scan type: Quick ScanObjects scanned: 127017Time elapsed: 5 hour(s), 23 minute(s), 46 second(s)Memory Processes Infected: 0Memory Modules Infected: 1Registry Keys Infected: 48Registry Values Infected: 6Registry Data Items Infected: 1Folders Infected: 20Files Infected: 42,979

Talking to Bruce he says P2P worms typically do this and he's seen scans with over 60K worth of files.

mbam_log_2009_07_06__07_53_50_.txt

mbam_log_2009_07_06__07_53_50_.txt

Link to post
Share on other sites
JeffD

JeffD

Posted
Posted
Wow it is amazing that you could recover a PC that is that infected! But MBAM always does the Job no matter what the issue!

Guys, I'm the record breaker:-) Actually Malwarebytes is the record breaker!! Yes I thought the only cure was "Fdisk" but Malwarebytes came up trumps again. It did take 5 hours or to do a quick scan and it did "choke" when doing the removal - got runtime error. Did another scan and again 5 hours or so later repeated the same and got same runtime error. Did a reboot and disabled the heuristics bit and anonymous reporting. This time the scan only took around 20 mins and removal went as normal. After reboot, enabled the heuristics and did full scan - found some more and again removal went as normal. I am absolutely gobsmacked I thought it was going to be terminal. I've done a system file check/repair and defrag and all looks good. I'm hoping to pursuade the owner of the PC to make a very large donation and least purchase Malwarebytes protection - that's on top of the bottle of something nice for me :-)

Link to post
Share on other sites
Fatdcuk

Fatdcuk

Posted
Posted

Worm.Archive is my mark in action :P

http://www.malwarebytes.org/malwarenet.php?name=Worm.Archive

The longer the P2P worm is active the bigger(amount) of files it builds up in its hidden repository.

JeffD, you might want to tweak their P2P settings so the share folder destination points back to their desired share folder and not the folder(s) where the worm had been mass storing copies of itself :lol:

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

@ TeMerc:

Wow! All I can say is wow! I hope his/her computer is clean now! That sure is a lot of infections, eyy yeii yeii

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

@ AdvancedSetup

I agree! :lol:

Yes, Ade has come across a few as well. It does say something well for MBAM that it ran and completed the scan and did not choke on it.
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.