AlBlon
-
Posts
13 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by AlBlon
-
-
Hi Tammy. Yes, I installed MBAM3 with CryptoPrevent on. I didn't get any warnings that group policy blocked anything. I am using Windows 10 Home so maybe this is the difference.
-
I am using the free version with it set on maximum protection. Did you try it there?
-
FYI - Removing the key...
HKEY_USERS\S-1-5-21-3954850271-3684721423-1578709394-1001_Classes\WOW6432NODE\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}
prevents all 2300 + warnings from showing up and results in a clean scan. I just thing that key is put there by legitimate software in my case.
-
Hi Tammy. Here they are.
-
I don't see that key in HKEY_USERS. The only relevant keys there are
S-1-5-21-3954850271-3684721423-1578709394-1001
S-1-5-21-3954850271-3684721423-1578709394-1001_Classes
but I don't have any that long.
-
Hi Tammy. Logs attached. Those other 3 reg keys I don't have. Thanks.
-
Thanks for the info. It will be a little bit before I can get back to you.
-
Thanks for your help. I never had an infection but Malwarebytes 2.0 detected that key only. I had to add it to the exceptions list as I learned that that key is also a legitimate Microsoft key used for CD burning. I've read about this key being reported as a false positive before.
-
Key attached.
-
Hi Tammy. Nothing strange is happening here. No popups, advertisements or audio of any kind. Files attached.
-
Hi Tammy. Zip attached.
-
A full scan with Rootkit Scan enabled yields over 2300 Hijack.Trojan.Siredef.C issues. I couldn't find anything about Siredef but I did find information about Sirefef. Perhaps there is a spelling error here. Anyways, scans with Windows Defender, TDSSKiller, ESET Sirefef Removal Tool and Bitdefender Sirefef Removal Tool report the system as clean.
Scanning with Rootkit Scan disabled does not find anything. Report attached.
Over 2300 Hijack.Trojan.Siredef.C found with 3.0
in File Detections
Posted
Well...if you do, I'll have to rerun it. I already deleted that folder when I saw it was left behind.