1.    1 Week Ago #1
    Join Date : Aug 2016
    Posts : 94
    windows 10 Home ver 1709

    What is trojan.siredef.c


    I just ran my monthly scan using Malwarebytes Free. It found 2 instances in Recycle bin. I have quarantined them.

    How did it get past Defender?

    What should I do next? Am I clean?
      My ComputerSystem Spec
  2.    1 Week Ago #2
    Join Date : Nov 2017
    Wisconsin, USA
    Posts : 75
    Windows 10 Professional 64bit

    Can you upload the log that Malwarebytes created about the found Trojan?

    Microsoft Defender is an antivirus, whereas Malwarebytes is an anti-malware; two different products and beasts. Malwarebytes is a recommendation for most, because its goal is to stop treats as they are developed and released. Whereas Defender will take a little while to get a database update of new malware.

    To check the entire system, use a tool like ESET's Online Scanner to check for any malware present on the computer: Free Virus Scan | Online Virus Scan from ESET ESET

    If ESET is finding actual malware, we'll need a specialized malware tech to disinfect the system.
      My ComputerSystem Spec
  3.    1 Week Ago #3
    Join Date : Feb 2015
    Bamberg Germany
    Posts : 17,709
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu

    Trojan:Win32/Sirefef.C threat description - Windows Defender Security Intelligence

    Also detected as: Win-Trojan/Agent.36864.BUQ (AhnLab)Trojan-Spy.Win32.Agent.bdka (Kaspersky)W32/Suspicious_Gen2.EXVQM (Norman)Trojan.Sirefef!E7JTVcoretQ (VirusBuster)Trojan horse PSW.Agent.AEZK (AVG)BackDoor.Maxplus.6 (Dr.Web)Win32/Sirefef.E (ESET)Trojan-Spy.Win32.Agent (Ikarus)Trj/Downloader.MDW (Panda)


    Trojan:Win32/Sirefef.C is the detection for a component of the Win32/Sirefef family- a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.
      My ComputersSystem Spec
  4.    1 Week Ago #4
    Join Date : Aug 2016
    Posts : 94
    windows 10 Home ver 1709
    Thread Starter

    I ran ESET - All clear.

    Next Step? Am I clean?
    @simrick - would really like some help here please?
      My ComputerSystem Spec
  5.    1 Week Ago #5
    Join Date : Apr 2015
    Posts : 12,849
    W10Prox64

    Quote Originally Posted by Jeddie View Post
    I ran ESET - All clear.

    Next Step? Am I clean?
    @simrick - would really like some help here please?
    Hi.
    If you would, please download and run ADWCleaner, just to make sure.
    Downloads - AdwCleaner - ToolsLib

    If it finds anything, please upload the logs.

    I would really like to see the log file from MBAM - can you copy and paste here? Need to see what/where it found this trojan.

    It's possible that all the browsers on the system may need to be reset - even the ones that you don't use (Internet Explorer).
      My ComputerSystem Spec
  6.    1 Week Ago #6
    Join Date : Aug 2016
    Posts : 94
    windows 10 Home ver 1709
    Thread Starter

    Heres Adwcleaner; I removed the PUP it found.

    # AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 16 05:35:04 2017# Updated on 2017/27/10 by Malwarebytes # Database: 11-15-2017.1# Running on Windows 10 Home (X64)# Mode: scan# Support: https://www.malwarebytes.com/support*****
    [ Services ] *****No malicious services found.*****
    [ Folders ] *****PUP.Optional.Legacy, C:\Users\Geoff\AppData\Local\AdvinstAnalytics*****
    [ Files ] *****No malicious files found.*****
    [ DLL ] *****No malicious DLLs found.*****
    [ WMI ] *****No malicious WMI found.*****
    [ Shortcuts ] *****No malicious shortcuts found.*****
    [ Tasks ] *****No malicious tasks found.*****
    [ Registry ] *****No malicious registry entries found.*****
    [ Firefox (and derivatives) ] *****No malicious Firefox entries.*****
    [ Chromium (and derivatives) ] *****No malicious Chromium entries.*************************
    C:/AdwCleaner/AdwCleaner[S0].txt - [1144 B] - [2017/5/20 7:44:8]
    C:/AdwCleaner/AdwCleaner[S1].txt - [1240 B] - [2017/6/12 6:30:44]
    C:/AdwCleaner/AdwCleaner[S2].txt - [1078 B] - [2017/10/6 7:47:57]
    C:/AdwCleaner/AdwCleaner[S3].txt - [1145 B] - [2017/10/8 5:57:23]

    Malwarebytes; This weird. The log says it found nothing and it ran for 20mins? Well it actually found 2 x Trojans & ran for a few hours because I always run a custom scan.

    Malwarebytes Anti-Malwarewww.malwarebytes.org
    Scan Date: 15-Nov-17Scan Time: 2:01
    PMLogfile:
    Scan Log.txtAdministrator:
    YesVersion: 2.2.1.1043
    Malware Database: v2017.11.15.01
    Rootkit Database: v2017.10.14.01
    License: FreeMalware
    Protection: DisabledMalicious
    Website Protection: DisabledSelf-protection:
    DisabledOS: Windows 10CPU: x64File
    System: NTFSUser: GeoffScan
    Type: Threat
    ScanResult: CompletedObjects Scanned: 315163Time Elapsed: 20 min, 14 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)
    Modules: 0(No malicious items detected)
    Registry Keys: 0(No malicious items detected)
    Registry Values: 0(No malicious items detected)
    Registry Data: 0(No malicious items detected)
    Folders: 0(No malicious items detected)
    Files: 0(No malicious items detected)
      My ComputerSystem Spec
  7.    1 Week Ago #7
    Join Date : Apr 2017
    Posts : 8,907
    windows 10 professional version 1607 build 14393.969 64 bit

    Windows defender is supposed to provide protection for this trojan: trojan.siredef.c
    Each AV product has false positives, false negatives, true positives, and true negatives.
    So another product checking is useful.
    Expand the sections in this link.
    There is an additional Microsoft scanner.
    Trojan:Win32/Sirefef.C threat description - Windows Defender Security Intelligence
    Prevent virus or malware infection - Windows Defender Security Intelligence
      My ComputerSystem Spec
  8.    1 Week Ago #8
    Join Date : Aug 2016
    Posts : 94
    windows 10 Home ver 1709
    Thread Starter

    @simrick I've just done a Malwarebytes Threat scan. All ok.

    Also performed SFC/ Scannow - all ok.
    Last edited by Jeddie; 1 Week Ago at 03:28.
      My ComputerSystem Spec
  9.    1 Week Ago #9
    Join Date : Apr 2015
    Posts : 12,849
    W10Prox64

    Quote Originally Posted by Jeddie View Post
    @simrick I've just done a Malwarebytes Threat scan. All ok.

    Also performed SFC/ Scannow - all ok.
    Sounds good! Go ahead and mark the thread as solved.
      My ComputerSystem Spec

 


Similar Threads
Thread Forum
Solved WD says I have a trojan at every boot
Hello. Windows Defender says I have a trojan on every boot buy when I check WD Security Center there is nothing there. I haven't noticed anything weird but the message is getting on my nerves. Ran AdwCleaner and it came up clean. This is...
AntiVirus, Firewalls and System Security
Solved Trojan, Trojan.Generic?
Hi! Today i might have got a trojan. I did indeed install a program that redirected me to a site where i think the website downloaded unwanted malware to my PC. The malware that has got control over my PC has completely blacked out my access to...
AntiVirus, Firewalls and System Security
Solved Trojan or not ?
Hi all, Not quite sure when this started but roughly somewhere around July I noticed a file called NTUSER.rhk that resides in "Users\My username". Googling for the .rhk file extension gave me a bit of a scare as most sites suggest this is...
AntiVirus, Firewalls and System Security
Solved Do I Have A Trojan?
Hello, First post here :) Lately my Windows Defender is finding a Trojan in the Recovery D (Trojan:Win32/Dynamer!ac) It only shows up after a full 3 hour search and not in the fast search A full search with Malwarebytes, Adware and Hitman...
AntiVirus, Firewalls and System Security
Trojan in My Registry
I have an older 15 inch HP with W10 that I recently updated. I have always had McAfee on the computer, it has never lapsed. I have also run Spybot, Malwarebytes, Google Ghostery and ABP Adblock Popup. When I recently bought a new printer...
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 23:11.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums