Defender alerting or finding things?
Printable View
Defender alerting or finding things?
If I run a 'quick scan' I get nothing.
If I run a 'full scan' I get the following:
It says it is "removed" but every time I run it i get the same thing...
TrojanSpy:Win32/Keylogger.CD
The following error occurred: Error code 0x800700df. The file size exceeds the limit allowed and cannot be saved.
Category: Trojan Monitoring Software
Description: This program is dangerous and records user activity.
Recommended action: Remove this software immediately.
Items:
containerfile:C:\Users\Shane\Documents\OLK-120916.olm
file:C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Deleted Items/com.microsoft.__Attachments/<51A64DD6.108070@esedona.net>_0000->Auto refund report {DIGIT[9]}.exe
PWS:Win32/Fareit
The following error occurred: Error code 0x800700df. The file size exceeds the limit allowed and cannot be saved.
Category: Password Stealer
Description: This program is dangerous and captures user passwords.
Recommended action: Remove this software immediately.
Items:
containerfile:C:\Users\Shane\Documents\OLK-120916.olm
file:C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Inbox/WFPINFO/com.microsoft.__Attachments/<5PR09H-6N8FZ2-49@btc-bci.com>_0000->ADP_INVOICE_#0{DIGIT[6]}_052413.exe
file:C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Inbox/WFPINFO/com.microsoft.__Attachments/<8381942940.SQCO7E6O458675@hpsfrphxhsqpnkb.okclhuwvuwh.va>_0000->PP_04222013.exe
These alerts stem from your Outlook email folders.
https://tools.cisco.com/security/cen...?alertId=28320
C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Deleted Items/com.microsoft.__Attachments
@esedona.net>_0000->Auto refund report
You need to permanently delete.
~~~~~~~~~~~~~`
C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Inbox/WFPINFO/com.microsoft.__Attachments[/b]/<5PR09H-6N8FZ2-49@btc-bci.com>_0000->ADP_INVOICE_#0{DIGIT[6]}_052413.exe
file:C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Inbox/WFPINFO/com.microsoft.__Attachments/<8381942940.SQCO7E6O458675@hpsfrphxhsqpnkb.okclhuwvuwh.va>_0000->PP_04222013.exe
still need help?
Glad we could help.
Since this issue appears resolved ... this Topic is closed.