Jump to content

AnnMarie

Experts
  • Content Count

    10
  • Joined

  • Last visited

Posts posted by AnnMarie


  1. Probably installed by Any Video Converter 2.6.2 but various other similar software on the users machine. Detected by heuristics. File attached.

    Malwarebytes' Anti-Malware 1.38

    Database version: 2332

    Windows 6.0.6001 Service Pack 1

    25/06/09 2:05:21 p.m.

    mbam-log-2009-06-25 (14-05-21).txt

    Scan type: Quick Scan

    Objects scanned: 90082

    Time elapsed: 3 minute(s), 54 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 1

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    c:\Windows\System32\libmpeg2-enc-1.2.5.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. [3857535134303627615674796980888461849084857078201961323232323232323232323232323

    23211152215697777]

    libmpeg_2_enc_1.2.5.zip

    libmpeg_2_enc_1.2.5.zip


  2. I and others on the CTH team have noticed this in a number of logs in the past few weeks (the difference depends on what utility you use for creatings logs and I have posted a couple of variations so that Helpers may know what to look for).

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders]

    "msapsspc.dll schannel.dll digest.dll msnsspc.dll" - File not found

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

    SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

    It appears that MBAM is causing this. The logs were fine prior to running this software and the corruption appeared afterwards in at least three instances that I can personally vouch for. Example below:

    http://www.cybertechhelp.com/forums/showthread.php?t=186979

    If you need more information I am happy to provide it.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.