![]() I probably found it (I noticed an email received at the exact moment of detection), but it is a supposition: my user has 10 email accounts… it’s very hard to find infected emails in such cases. So I have again no information about the original infected email. This behavior makes hard to find the original infected email.Įset email policy is configured to move infected email in a specific folder. So I think that, if Eset detected a virus, the only explanation is that the worm has been not detected by Office 365 scan… the problem is that Eset should report the real name of attachment/email subject, not “ATP scan in progess” that is always safe (because it does not have NEVER infected files). ![]() msg Office 365 template, that should be safe. The subject reported in xml data is the same of the attached. da: Office 365 ATP con oggetto ATP Scan In Progress » MIME » JS/Kryptik.BMZ trojan horse eliminato 3CDC6AD46BEF3A9DA6F7DC5519329B4EFC7BD53C This is the export of the events: da: Office 365 ATP con oggetto ATP Scan In Progress JS/Kryptik.BMZ trojan horse conteneva file infetti Si è verificato un evento in seguito alla ricezione di un’e-mail da parte dell'applicazione: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE. Yesterday I received a notification about a worm contained in incoming email. When the scan is complete and if attachments are clean, the original email replaces the previous one. msg format that represents a standard Office365 template with a list of scanning files. This email contains an attached email in. If a user receives a suspicious email with attachments, Office 365 delivers an email that has the original subject and text message BUT without attachments (that are scanned in cloud). I would like to discuss about a possible incompatibility between Eset plugin for Outlook and Office Advanced Threat Protection with Dynamic relay.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |