Cisco Sec Agent Message - Content.MBO

By PubPlayer
Sep 8, 2008
  1. Good Day - when receiving emails from a family member, I'm getting the following message from Cisco Security Agent. Is this an actual threat? I've been Googling, etc and can't find much.

    9/8/2008 3:47:37 PM: The process 'C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE' (as user ESI\TOMK) attempted to access 'C:\Documents and Settings\tomk\Local Settings\Temporary Internet Files\Content.MSO\'. The attempted access was a write (operation = OPEN/CREATE). The operation was denied.

    After \Content.MBO\ the "" is different every time - apparently randomly generated. So "" will be replaced the next time I open that same email w/ a different ".com" file.

    I want to alert my sister and help her if she's infected. I'm suspecting it's a trojan of somesort. Any input?

    Thanks Very Much
    - Tom
  2. PubPlayer

    PubPlayer TS Rookie Topic Starter

    And actually - There's a second part to the message from Security Agent ....

    9/8/2008 4:03:28 PM: The process 'C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE' (as user ESI\TOMK) attempted to accept a connection as a server on UDP port 6004 from The operation was denied.
  3. rf6647

    rf6647 TS Maniac Posts: 829

    Here is a bump.

    Here is a lecture.
    Insufficient details in your explanation  to give a helpful response.
    At some level, your machine is infected or missing a security patch for Outlook. [assumes Cisco Security Agent is YOUR internet security program]

    Why are you complaining about Cisco Security Agent? Are you suspecting a fake alert?

    User= esi/tomk does not match "documents and settings\tomk\" is in a block of IP addresses registered to

    It appears your protection does not scan emails.

    Does the message contain some sort of 'greeting card' or other such active attachment?

    Without more details, then yes, recommend that you & sister follow Malware Removal Procedure.

    MBO seems to refer to internet content classified as "back office" - whatever that means.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...