• Content count

  • Joined

  • Last visited

About AnnMarie

  • Rank
    New Member

Contact Methods

  • ICQ
  1. Probably installed by Any Video Converter 2.6.2 but various other similar software on the users machine. Detected by heuristics. File attached. Malwarebytes' Anti-Malware 1.38 Database version: 2332 Windows 6.0.6001 Service Pack 1 25/06/09 2:05:21 p.m. mbam-log-2009-06-25 (14-05-21).txt Scan type: Quick Scan Objects scanned: 90082 Time elapsed: 3 minute(s), 54 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Windows\System32\libmpeg2-enc-1.2.5.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. [3857535134303627615674796980888461849084857078201961323232323232323232323232323 23211152215697777]
  2. Nice to see you here Annie

  3. Ok. Thanks for the clarification.
  4. I forgot to ask, does the new version repair the corruption on systems where the users are unaware their SecurityProviders value has been corrupted? We have been doing this manually so asking these users to run the new version will not make any difference.
  5. Excellent. Our site was down yesterday so I havent yet seen the results of running the latest version. I'll check it out later today.
  6. I and others on the CTH team have noticed this in a number of logs in the past few weeks (the difference depends on what utility you use for creatings logs and I have posted a couple of variations so that Helpers may know what to look for). It appears that MBAM is causing this. The logs were fine prior to running this software and the corruption appeared afterwards in at least three instances that I can personally vouch for. Example below: If you need more information I am happy to provide it.