Windows 10: What is trojan.siredef.c Solved


  1. Posts : 130
    Windows 10 Home ver 1803
       14 Nov 2017 #1

    What is trojan.siredef.c


    I just ran my monthly scan using Malwarebytes Free. It found 2 instances in Recycle bin. I have quarantined them.

    How did it get past Defender?

    What should I do next? Am I clean?
      My ComputerSystem Spec


  2. Posts : 388
    Windows 10 Professional 64bit
       14 Nov 2017 #2

    Can you upload the log that Malwarebytes created about the found Trojan?

    Microsoft Defender is an antivirus, whereas Malwarebytes is an anti-malware; two different products and beasts. Malwarebytes is a recommendation for most, because its goal is to stop treats as they are developed and released. Whereas Defender will take a little while to get a database update of new malware.

    To check the entire system, use a tool like ESET's Online Scanner to check for any malware present on the computer: Free Virus Scan | Online Virus Scan from ESET ESET

    If ESET is finding actual malware, we'll need a specialized malware tech to disinfect the system.
      My ComputerSystem Spec


  3. Posts : 21,235
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       15 Nov 2017 #3

    Trojan:Win32/Sirefef.C threat description - Windows Defender Security Intelligence

    Also detected as: Win-Trojan/Agent.36864.BUQ (AhnLab)Trojan-Spy.Win32.Agent.bdka (Kaspersky)W32/Suspicious_Gen2.EXVQM (Norman)Trojan.Sirefef!E7JTVcoretQ (VirusBuster)Trojan horse PSW.Agent.AEZK (AVG)BackDoor.Maxplus.6 (Dr.Web)Win32/Sirefef.E (ESET)Trojan-Spy.Win32.Agent (Ikarus)Trj/Downloader.MDW (Panda)


    Trojan:Win32/Sirefef.C is the detection for a component of the Win32/Sirefef family- a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.
      My ComputersSystem Spec


  4. Posts : 130
    Windows 10 Home ver 1803
    Thread Starter
       15 Nov 2017 #4

    I ran ESET - All clear.

    Next Step? Am I clean?
    @simrick - would really like some help here please?
      My ComputerSystem Spec

  5.    15 Nov 2017 #5

    Jeddie said: View Post
    I ran ESET - All clear.

    Next Step? Am I clean?
    @simrick - would really like some help here please?
    Hi.
    If you would, please download and run ADWCleaner, just to make sure.
    Downloads - AdwCleaner - ToolsLib

    If it finds anything, please upload the logs.

    I would really like to see the log file from MBAM - can you copy and paste here? Need to see what/where it found this trojan.

    It's possible that all the browsers on the system may need to be reset - even the ones that you don't use (Internet Explorer).
      My ComputerSystem Spec


  6. Posts : 130
    Windows 10 Home ver 1803
    Thread Starter
       16 Nov 2017 #6

    Heres Adwcleaner; I removed the PUP it found.

    # AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 16 05:35:04 2017# Updated on 2017/27/10 by Malwarebytes # Database: 11-15-2017.1# Running on Windows 10 Home (X64)# Mode: scan# Support: https://www.malwarebytes.com/support*****
    [ Services ] *****No malicious services found.*****
    [ Folders ] *****PUP.Optional.Legacy, C:\Users\Geoff\AppData\Local\AdvinstAnalytics*****
    [ Files ] *****No malicious files found.*****
    [ DLL ] *****No malicious DLLs found.*****
    [ WMI ] *****No malicious WMI found.*****
    [ Shortcuts ] *****No malicious shortcuts found.*****
    [ Tasks ] *****No malicious tasks found.*****
    [ Registry ] *****No malicious registry entries found.*****
    [ Firefox (and derivatives) ] *****No malicious Firefox entries.*****
    [ Chromium (and derivatives) ] *****No malicious Chromium entries.*************************
    C:/AdwCleaner/AdwCleaner[S0].txt - [1144 B] - [2017/5/20 7:44:8]
    C:/AdwCleaner/AdwCleaner[S1].txt - [1240 B] - [2017/6/12 6:30:44]
    C:/AdwCleaner/AdwCleaner[S2].txt - [1078 B] - [2017/10/6 7:47:57]
    C:/AdwCleaner/AdwCleaner[S3].txt - [1145 B] - [2017/10/8 5:57:23]

    Malwarebytes; This weird. The log says it found nothing and it ran for 20mins? Well it actually found 2 x Trojans & ran for a few hours because I always run a custom scan.

    Malwarebytes Anti-Malwarewww.malwarebytes.org
    Scan Date: 15-Nov-17Scan Time: 2:01
    PMLogfile:
    Scan Log.txtAdministrator:
    YesVersion: 2.2.1.1043
    Malware Database: v2017.11.15.01
    Rootkit Database: v2017.10.14.01
    License: FreeMalware
    Protection: DisabledMalicious
    Website Protection: DisabledSelf-protection:
    DisabledOS: Windows 10CPU: x64File
    System: NTFSUser: GeoffScan
    Type: Threat
    ScanResult: CompletedObjects Scanned: 315163Time Elapsed: 20 min, 14 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)
    Modules: 0(No malicious items detected)
    Registry Keys: 0(No malicious items detected)
    Registry Values: 0(No malicious items detected)
    Registry Data: 0(No malicious items detected)
    Folders: 0(No malicious items detected)
    Files: 0(No malicious items detected)
      My ComputerSystem Spec


  7. Posts : 19,393
    windows 10 professional version 1607 build 14393.969 64 bit
       16 Nov 2017 #7

    Windows defender is supposed to provide protection for this trojan: trojan.siredef.c
    Each AV product has false positives, false negatives, true positives, and true negatives.
    So another product checking is useful.
    Expand the sections in this link.
    There is an additional Microsoft scanner.
    Trojan:Win32/Sirefef.C threat description - Windows Defender Security Intelligence
    Prevent virus or malware infection - Windows Defender Security Intelligence
      My ComputerSystem Spec


  8. Posts : 130
    Windows 10 Home ver 1803
    Thread Starter
       16 Nov 2017 #8

    @simrick I've just done a Malwarebytes Threat scan. All ok.

    Also performed SFC/ Scannow - all ok.
    Last edited by Jeddie; 16 Nov 2017 at 03:28.
      My ComputerSystem Spec

  9.    16 Nov 2017 #9

    Jeddie said: View Post
    @simrick I've just done a Malwarebytes Threat scan. All ok.

    Also performed SFC/ Scannow - all ok.
    Sounds good! Go ahead and mark the thread as solved.
      My ComputerSystem Spec


 

Related Threads
Solved WD says I have a trojan at every boot in AntiVirus, Firewalls and System Security
Hello. Windows Defender says I have a trojan on every boot buy when I check WD Security Center there is nothing there. I haven't noticed anything weird but the message is getting on my nerves. Ran AdwCleaner and it came up clean. This is...
Solved Trojan, Trojan.Generic? in AntiVirus, Firewalls and System Security
Hi! Today i might have got a trojan. I did indeed install a program that redirected me to a site where i think the website downloaded unwanted malware to my PC. The malware that has got control over my PC has completely blacked out my access to...
Solved Trojan or not ? in AntiVirus, Firewalls and System Security
Hi all, Not quite sure when this started but roughly somewhere around July I noticed a file called NTUSER.rhk that resides in "Users\My username". Googling for the .rhk file extension gave me a bit of a scare as most sites suggest this is...
Solved Do I Have A Trojan? in AntiVirus, Firewalls and System Security
Hello, First post here :) Lately my Windows Defender is finding a Trojan in the Recovery D (Trojan:Win32/Dynamer!ac) It only shows up after a full 3 hour search and not in the fast search A full search with Malwarebytes, Adware and Hitman...
Trojan in My Registry in AntiVirus, Firewalls and System Security
I have an older 15 inch HP with W10 that I recently updated. I have always had McAfee on the computer, it has never lapsed. I have also run Spybot, Malwarebytes, Google Ghostery and ABP Adblock Popup. When I recently bought a new printer...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 08:50.
Find Us