P
pixelbotz
Hello there,
I ran an online scan today using one recognized AV provider and found 6 trojans/malwares in my machine where some of them were not able to detect by Defender.
The windows 10 is up-to-date with latest updates. (Build 1909). I have enabled UAC and protected folder access.
Just looking for help in these areas.
1. In protected folder access, will specifying a drive letter i.e C: or D: protect the entire drive from malicious program access or do I have to specify folder path as well ?
2. C:\Users\Username\Appdata\local\packages\ > This folder contains several folders with long names most of them starting with Windows and Microsoft. One of the infected files were inside these folders called <microsoft.windowscommunicationsapps_8wekyb3d8bbwe>. The file was a paypal scam PDF. I ran a manual Defender scan on the folder but it was not detected by it but the online scanner detected same as PDF/Phishing.A.Gen trojan.
Inside <microsoft.windowscommunicationsapps_8wekyb3d8bbwe> folder there were other folders and the infected file was inside <microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Localstate\Files\S0\4\Attachments\.
Similar path exist for other users too on the same machine. And all the files seems to be related to email attachments but in duplicate form with incremental number at the end of the filename;
Q1: Is the folders and files inside \\packages folder is required by the system or can they be deleted ?
Q2: If I have marked email attachments as spam using my mobile email app, how it has been delivered to my local machine's attachments folder ? In this case, I suspect the above path relates to email attachments, namely Windows 10 Mail app.
Thank you in advance.
Pixel
Continue reading...
I ran an online scan today using one recognized AV provider and found 6 trojans/malwares in my machine where some of them were not able to detect by Defender.
The windows 10 is up-to-date with latest updates. (Build 1909). I have enabled UAC and protected folder access.
Just looking for help in these areas.
1. In protected folder access, will specifying a drive letter i.e C: or D: protect the entire drive from malicious program access or do I have to specify folder path as well ?
2. C:\Users\Username\Appdata\local\packages\ > This folder contains several folders with long names most of them starting with Windows and Microsoft. One of the infected files were inside these folders called <microsoft.windowscommunicationsapps_8wekyb3d8bbwe>. The file was a paypal scam PDF. I ran a manual Defender scan on the folder but it was not detected by it but the online scanner detected same as PDF/Phishing.A.Gen trojan.
Inside <microsoft.windowscommunicationsapps_8wekyb3d8bbwe> folder there were other folders and the infected file was inside <microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Localstate\Files\S0\4\Attachments\.
Similar path exist for other users too on the same machine. And all the files seems to be related to email attachments but in duplicate form with incremental number at the end of the filename;
Q1: Is the folders and files inside \\packages folder is required by the system or can they be deleted ?
Q2: If I have marked email attachments as spam using my mobile email app, how it has been delivered to my local machine's attachments folder ? In this case, I suspect the above path relates to email attachments, namely Windows 10 Mail app.
Thank you in advance.
Pixel
Continue reading...