Getting hammered with a notification every 20 minutes or so today.
Malicious Object Detected and then Download Denied.
First is this:
Event: Malicious object detected
User: XXXX
User type: Active user
Application name: OUTLOOK.EXE
Application path: C:\Program Files (x86)\Microsoft Office\root\Office16
Component: Web Anti-Virus
Result description: Detected
Type: Trojan
Name: HEUR:Trojan.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: ?MailboxId=*****@*****.tld
Object path: https://outlook.office365.com/mapi/emsmdb
MD5: 203106C1A3299CC92377335CE0325718
Reason: Expert analysis
Databases release date: Today, 12/13/2023 1:16:00 PM
Followed by this:
Event: Download denied
User: XXXX
User type: Active user
Application name: OUTLOOK.EXE
Application path: C:\Program Files (x86)\Microsoft Office\root\Office16
Component: Web Anti-Virus
Result description: Blocked
Type: Trojan
Name: HEUR:Trojan.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: ?MailboxId=*****@*****.tld
Object path: https://outlook.office365.com/mapi/emsmdb
MD5: 203106C1A3299CC92377335CE0325718
Reason: Expert analysis
Databases release date: Today, 12/13/2023 1:16:00 PM
How do I see what is being blocked or where it's from? How do I resolve this? Is there a report to upload for analysis?