Forum Discussion
Malware/Threat TrojanSpy:MSIL/AgentTesla.AQ!MTB: False positive?
Hello! Windows Defender (Windows 10 Pro x64 v1909 build 18363.1016) has blocked 3 times https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=TrojanSpy%3aMSIL%2fAgentTes...
After all this time, my educated guess is that Windows Defender has blocked the malware/threat via its capability of scan incoming network data - the same as other antivirus/firewall bundles do. Therefore, the infection was put aside (and destroyed) before it has reached its final destination e.g., Edge.
And since it was destroyed, this is the reason why I could not find it, no matter how hard I have tried.
And thanks Cymon_Skinner but there was nothing useful at that location on event log by time I wrote my initial message in September/20 - quite strange, wasn't it? It was the very first place I looked.