Help - Search - Members - Calendar
Full Version: New Record For Total Infections?
Malwarebytes Forum > Malwarebytes' Anti-Malware Support > General Malwarebytes' Anti-Malware Forum
TeMerc
Jul 8 2009, 12:03 AM
I had a user in support send me a scan log from MBAM that had 42,979 infected files!

Below are the details and the log is attached for anyone who wants to view it, no doubt it would not fit in the post due to character limitations.
CODE
Scan type: Quick Scan
Objects scanned: 127017
Time elapsed: 5 hour(s), 23 minute(s), 46 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 48
Registry Values Infected: 6
Registry Data Items Infected: 1
Folders Infected: 20
Files Infected: 42,979

Talking to Bruce he says P2P worms typically do this and he's seen scans with over 60K worth of files.
Alex_computer
Jul 8 2009, 12:12 AM
Wow, this is amazing. Wonder how long it would take Malwarebytes to Quarantine and delete all of those files. Did they give any other details?
AdvancedSetup
Jul 8 2009, 12:13 AM
Yes, Ade has come across a few as well. It does say something well for MBAM that it ran and completed the scan and did not choke on it.
TeMerc
Jul 8 2009, 12:17 AM
The guy did run a couple of more scans both full and quick and is sure the system is clean.
B-boy/StyLe/
Jul 8 2009, 12:47 AM
Hehe notepad is going to stop responding...Amazing log... laugh.gif biggrin.gif tongue.gif
Alex_computer
Jul 8 2009, 01:24 AM
Wow it is amazing that you could recover a PC that is that infected! But MBAM always does the Job no matter what the issue!
JeffD
Jul 8 2009, 09:19 AM
QUOTE (Alex_computer @ Jul 8 2009, 02:24 AM) *
Wow it is amazing that you could recover a PC that is that infected! But MBAM always does the Job no matter what the issue!


Guys, I'm the record breaker:-) Actually Malwarebytes is the record breaker!! Yes I thought the only cure was "Fdisk" but Malwarebytes came up trumps again. It did take 5 hours or to do a quick scan and it did "choke" when doing the removal - got runtime error. Did another scan and again 5 hours or so later repeated the same and got same runtime error. Did a reboot and disabled the heuristics bit and anonymous reporting. This time the scan only took around 20 mins and removal went as normal. After reboot, enabled the heuristics and did full scan - found some more and again removal went as normal. I am absolutely gobsmacked I thought it was going to be terminal. I've done a system file check/repair and defrag and all looks good. I'm hoping to pursuade the owner of the PC to make a very large donation and least purchase Malwarebytes protection - that's on top of the bottle of something nice for me :-)
Fatdcuk
Jul 8 2009, 12:23 PM
Worm.Archive is my mark in action biggrin.gif

http://www.malwarebytes.org/malwarenet.php?name=Worm.Archive

The longer the P2P worm is active the bigger(amount) of files it builds up in its hidden repository.


JeffD, you might want to tweak their P2P settings so the share folder destination points back to their desired share folder and not the folder(s) where the worm had been mass storing copies of itself wink.gif
DaChew
Jul 8 2009, 01:25 PM
QUOTE
There Will Be Blood 2007 DVDRip Xvid-aXXo


The naming mechanism must rely on P2P sources, interesting
mountaintree16
Jul 8 2009, 07:59 PM
@ TeMerc:

Wow! All I can say is wow! I hope his/her computer is clean now! That sure is a lot of infections, eyy yeii yeii
mountaintree16
Jul 8 2009, 08:00 PM
@ AdvancedSetup

I agree! biggrin.gif

QUOTE (AdvancedSetup @ Jul 7 2009, 08:13 PM) *
Yes, Ade has come across a few as well. It does say something well for MBAM that it ran and completed the scan and did not choke on it.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2010 Invision Power Services, Inc.