Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Was this a malware attack?


  • Please log in to reply
1 reply to this topic

#1 crkjames

crkjames

  • Members
  • 1 posts
  • OFFLINE
  •  

Posted 07 January 2015 - 12:51 PM

This is the first time I've seen this one. Over 1,000 files have had their contents replaced by a single repeated text character. For example a word document was replaced with "L" repeated enough times so it has the same size as the original file, or a.BMP file filled with "ü". The files and location seems to be random including doc, bmp, mp3, db, htm, exe, etc. All the replacements occurred within approximately 3 minutes on 9/18/10 (02:43 - 02:46) according to the modified timestamp. (I'm not sure whether the replacements actually happened 4 years ago and not noticed since then or if it happened at a different time with a hacked timestamp.
I know this machine has had malware issues in the past; but I'm not sure exactly when.
Has anyone else seen this? I assume that all the affected files are nonrecoverable. I have run a number of malware scans against the system - all come up clean.
Thanks in advance for any insight into this issue.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:04 AM

Posted 07 January 2015 - 01:36 PM


I have advised our Security Colleagues who specialize in crypto malware ransomware with a link to this topic.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users