Jump to content

Trojan:Win32/Tiggre!rfn - What should I do now?

Go to solution Solved by AdvancedSetup,

Recommended Posts

Hi! I usually run quick scans with all of the programs suggested to me on here, but today I decided to run a full scan and MSERT found Trojan:Win32/Tiggre!rfn and now I'm terrified.

I don't know how long it's been on my system? And I'm wondering if there is anything I should do now, like change passwords or reset anything or if anyone knows what kind of Trojan that is exactly?

I have detailed all of the scan info I ran today here, which file should I find for the MSERT thing? I have a screenshot here though



As for everything else, it was all clean save for a cookie in chrome.

I've used MSERT, Eset online scanner, adwcleaner by malwarebytes, malwarebytes premium, Sophos Scan and Clean and they all came out completely clean and didn't find anything. Only MSERT found this trojan with a full scan.

I'm honestly terrified right now and have no idea where to begin sjhdsddjshd 


I use 64 not 32 I think, so I'm unsure if that is something off about it? And my computer hasn't been acting strange or anything. No popups, no oddly installed programs (as you all have seen from the FRST logs I keep coming here with, it's all normal stuff?) so I'm unsure of how this would be in here and where it would come from sjkhdhdkjdh 


FRST.txt Addition.txt

Edited by kelizabeth
Link to post
Share on other sites

@AdvancedSetupAbsolutely! I can't see where it was found or removed in the log at all, it's not showing it. I scanned twice today, one quick and one full, and I had to stop one full before it completed but the one I started back was the one where the trojan was found, so there may be 3 scan logs for the 17th. Thank you for your help! (removed this file as I found the correct one in reply to this)


Edited by kelizabeth
Link to post
Share on other sites

Sorry! I think I found the one with it here, it's attached I see it found and removed a 404.php page, which was code for a wordpress theme. Its an old backup of mine from forever ago, but it is indeed a wordpress file out of a wordpress theme. Maybe a false detection?


Also thank you for all of your help!




Edited by kelizabeth
Link to post
Share on other sites

  • Root Admin
  • Solution

Here are the results. Notice though the path where this was found on a FULL scan. A normal quick threat scan would not detect this as it's not in a known folder or path location on a live system. It's in a dormant folder from a back up of an old system and not an active threat.

The detected threat is within a zip file and a zip file by itself is not a threat unless an active process is reaching out to extract data from it which there are no signs that is happening on your system.



Microsoft Safety Scanner v1.367, (build 1.367.1279.0)
Started On Fri Jun 17 11:36:46 2022

Engine: 1.1.19200.7
Signatures: 1.367.1279.0
MpGear: 1.1.16330.1
Run Mode: Interactive Graphical Mode

Full Scan Results:
Threat Detected: Trojan:Win32/Tiggre!rfn and Removed!
  Action: Remove, Result: 0x00000000
    file://D:\OldHardDrive\Again\Files\Code and Design\Design Site Backup\public.zip->public_html/test/wp-content/themes/sketch/404.php
        SigSeq: 0x00001667EF8CC76C
    containerfile://D:\OldHardDrive\Again\Files\Code and Design\Design Site Backup\public.zip

Results Summary:
Found Trojan:Win32/Tiggre!rfn and Removed!
Successfully Submitted MAPS Report
Successfully Submitted Heartbeat Report
Microsoft Safety Scanner Finished On Fri Jun 17 15:40:52 2022




Basically, my guess is this was probably a False Positive but it also looks like you probably don't use that file either so no real harm in Windows Defender removing it.




I see no reason to be alarmed or concerned about this detection at this time.

Have a great weekend


  • Thanks 1
Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you



Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.