Knights of M.Bytes, I humbly request your consideration as I secure the machines that have until recently been under the exiguous care of my predecessor; Every device was running bare bones internet explorer(although I have heard many proclaim the redemption of MS's competence in the browser realm) and an inconsistent smattering of redundant antivirus', with no two machines running the same brand. As I assuage the chaos and foment a new zen in my jurisdiction I will post my inital malwarebytes .txt dymp here. I found this forum via google queries in the past month pertaining to specific species of malware. The user "Gringo" has proven to be a suitable search term since I have benefitted from his expertise several times with issues on my non-work projects. ____________________________________________________ It would appear that this first computer http://i.imgur.com/kpCcmud.jpg was host to at least two malicious objects (which is an improvement from 30+ last time around) and as soon as malwarebytes:anti-malware(fullscan) detected these two elements I recieved a pop up notification from my antivirus (Comodo Antivirus) indicating that it too had coincidentally noticed two malicious objects. I didn't really hesitate to select the "take care of it" button on the Comodo alert. Out of habit I was concurrently running an instance of Malwarebytes:Anti-Rootkit. It completed its scan shortly after I instructed Comodo to purge the offending objects and announced that there was no malware detected. at any rate here is the Malwarebytes log _____________________________________________________ Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.20.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Apex :: APEX-I3-02 [administrator] 6/20/2013 2:41:00 PM MBAM-log-2013-06-20 (15-29-34).txt Scan type: Full scan (C:\|Q:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 347355 Time elapsed: 48 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDFPerformer (PUP.BundleInstaller.IB) -> No action taken. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Program Files (x86)\Uninstall Information\Ib\34\3701\ib_uninstall.exe (PUP.BundleInstaller.IB) -> No action taken. (end) __________________________________________________________________________________ Following this scan I opted to strike the "Remove Selected" button (MalwareBytes:Anit-Malware), and I shall agree to restart my computer remove the active threats as soon as I have succesfully posted this message. Although I appear to have removed everything that is what I thought the first time around, hence; this thread. Thank you for your time -R.E.M.
