New
#1
WD says I have a trojan at every boot
Hello.
Windows Defender says I have a trojan on every boot buy when I check WD Security Center there is nothing there.
I haven't noticed anything weird but the message is getting on my nerves.
Ran AdwCleaner and it came up clean.
This is the report and suspected file via Powershell:
CategoryID : 8
DidThreatExecute : False
IsActive : False
Resources : {file:_C:\Users\LaBusqueda\AppData\Local\Microsoft\Windows\INetCache\IE\CRDA093Q\deploy[1].xml,
file:_C:\Users\LaBusqueda\AppData\Local\Microsoft\Windows\INetCache\IE\R5XBHIFN\deploy[1].xml,
file:_C:\Users\LaBusqueda\AppData\Local\Microsoft\Windows\INetCache\IE\XYO5Y5ZK\deploy[1].xml}
RollupStatus : 33
SchemaVersion : 1.0.0.0
SeverityID : 5
ThreatID : 2147722737
ThreatName : Trojan:JS/Runsas
TypeID : 0
PSComputerName :
ActionSuccess : True
AdditionalActionsBitMask : 0
AMProductVersion : 4.11.15063.447
CleaningActionID : 2
CurrentThreatExecutionStatusID : 1
DetectionID : {296FDAD3-8D05-4216-BD74-D3E87F3DB9C5}
DetectionSourceTypeID : 3
DomainUser : LABUSQUEDA\LaBusqueda
InitialDetectionTime : 26/07/2017 9:34:25
LastThreatStatusChangeTime : 26/07/2017 9:34:58
ProcessName : C:\Windows\System32\regsvr32.exe
RemediationTime : 26/07/2017 9:34:58
Resources : {file:_C:\Users\LaBusqueda\AppData\Local\Microsoft\Windows\INetCache\IE\R5XBHIFN\deploy[1].xml}
ThreatID : 2147722737
ThreatStatusErrorCode : 0
ThreatStatusID : 3
PSComputerName :
That file isn't present because I emptied all my browsers caches.
Any ideas on how to proceed?
TIA