Jump to content

Recommended Posts

About 4 weeks ago I noticed my computer (Win 10 Pro x64) running a bit slow and ran MBAM as a check. MBAM discovered and deleted two Trojan.Siredef.C files in the recycle bin.

Today a similar slow system and running MBAM again found two instances of Trojan.Siredef.C in the recycle bin. MBAM got them but I'm concerned that I'm not eliminating all vestiges of the problem. 

Can you help me confirm this trojan is not still lurking in my system?

Thank you,

Greg

Link to post
Share on other sites

Hello and :welcome:

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button. button.

    x5o4gh.png

  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.

  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Link to post
Share on other sites

FARBAR FRST.txt and Addition.txt attached.

I noticed in Addition.txt that there are two Russian files in the format

Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden

There are also two MS Visual Studio tools which are titled in Portuguese. Where do such files come from as I am an english-only installation?

Greg

FRST.txt

Addition.txt

Link to post
Share on other sites

These entries in Control Panel are hidden and I don't know why are they non-english. Probably something related to Microsoft.

 

 

FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif


icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

It is running quickly. Snappy performance loading browser tabs. It appears to be clean.

Do you believe the final vestiges of Trojan.Siredef.C are gone? Does it hide itself somewhere so as to reappear even after it was scrubbed by MBAM?

I read through the FARBAR text files and semi-understand that it was clearing out keys and extensions. Were any of those part of Siredef? Did FARBAR find anything or had MBAM already deleted the trojan?

Thanks for your help,

Greg

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.