Hello-
I just got nailed by this on my other laptop. Windows vista. I'm using a thumb drive to go back and forth with logs- ok?
I ran malware bytes with this log-
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.20.04
Windows Vista Service Pack 2 x86 FAT32 (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Anthony X :: VKS-PERSONALPC [limited]
8/20/2013 10:53:29 AM
MBAM-log-2013-08-20 (11-10-15).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 161780
Time elapsed: 5 minute(s), 53 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DisplaySwitch (Trojan.Exploit.T2) -> Data: "C:\Users\Anthony X\AppData\Roaming\Microsoft\Windows\Templates\securitywindrv.exe" -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0F1F1Q1U1F1ItG1OtHyE -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Anthony X\AppData\Roaming\Microsoft\Windows\Templates\securitywindrv.exe (Trojan.Exploit.T2) -> No action taken.
(end)
I just got nailed by this on my other laptop. Windows vista. I'm using a thumb drive to go back and forth with logs- ok?
I ran malware bytes with this log-
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.20.04
Windows Vista Service Pack 2 x86 FAT32 (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Anthony X :: VKS-PERSONALPC [limited]
8/20/2013 10:53:29 AM
MBAM-log-2013-08-20 (11-10-15).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 161780
Time elapsed: 5 minute(s), 53 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DisplaySwitch (Trojan.Exploit.T2) -> Data: "C:\Users\Anthony X\AppData\Roaming\Microsoft\Windows\Templates\securitywindrv.exe" -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0F1F1Q1U1F1ItG1OtHyE -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Anthony X\AppData\Roaming\Microsoft\Windows\Templates\securitywindrv.exe (Trojan.Exploit.T2) -> No action taken.
(end)