Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: Fareit and keylogger

  1. #11
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    Defender alerting or finding things?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  2. #12
    Junior Member
    Join Date
    Jan 2017
    Posts
    7

    Default

    If I run a 'quick scan' I get nothing.

    If I run a 'full scan' I get the following:

    It says it is "removed" but every time I run it i get the same thing...


    TrojanSpy:Win32/Keylogger.CD
    The following error occurred: Error code 0x800700df. The file size exceeds the limit allowed and cannot be saved.

    Category: Trojan Monitoring Software

    Description: This program is dangerous and records user activity.

    Recommended action: Remove this software immediately.

    Items:
    containerfile:C:\Users\Shane\Documents\OLK-120916.olm
    file:C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Deleted Items/com.microsoft.__Attachments/<51A64DD6.108070@esedona.net>_0000->Auto refund report {DIGIT[9]}.exe


    PWS:Win32/Fareit
    The following error occurred: Error code 0x800700df. The file size exceeds the limit allowed and cannot be saved.

    Category: Password Stealer

    Description: This program is dangerous and captures user passwords.

    Recommended action: Remove this software immediately.

    Items:
    containerfile:C:\Users\Shane\Documents\OLK-120916.olm
    file:C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Inbox/WFPINFO/com.microsoft.__Attachments/<5PR09H-6N8FZ2-49@btc-bci.com>_0000->ADP_INVOICE_#0{DIGIT[6]}_052413.exe
    file:C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Inbox/WFPINFO/com.microsoft.__Attachments/<8381942940.SQCO7E6O458675@hpsfrphxhsqpnkb.okclhuwvuwh.va>_0000->PP_04222013.exe

  3. #13
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    These alerts stem from your Outlook email folders.
    https://tools.cisco.com/security/cen...?alertId=28320

    C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Deleted Items/com.microsoft.__Attachments

    @esedona.net>_0000->Auto refund report

    You need to permanently delete.
    ~~~~~~~~~~~~~`
    C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Inbox/WFPINFO/com.microsoft.__Attachments[/b]/<5PR09H-6N8FZ2-49@btc-bci.com>_0000->ADP_INVOICE_#0{DIGIT[6]}_052413.exe
    file:C:\Users\Shane\Documents\OLK-120916.olm->Local/com.microsoft.__Messages/Inbox/WFPINFO/com.microsoft.__Attachments/<8381942940.SQCO7E6O458675@hpsfrphxhsqpnkb.okclhuwvuwh.va>_0000->PP_04222013.exe
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  4. #14
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    still need help?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #15
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    Glad we could help.
    Since this issue appears resolved ... this Topic is closed.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •