HEUR:Trojan.Script.Generic Outlook.exe in Virus and Ransomware related questions Posted December 13, 2023 Getting hammered with a notification every 20 minutes or so today. Malicious Object Detected and then Download Denied. First is this: Event: Malicious object detected User: XXXX User type: Active user Application name: OUTLOOK.EXE Application path: C:\Program Files (x86)\Microsoft Office\root\Office16 Component: Web Anti-Virus Result description: Detected Type: Trojan Name: HEUR:Trojan.Script.Generic Precision: Heuristic Analysis Threat level: High Object type: File Object name: ?MailboxId=*****@*****.tld Object path: https://outlook.office365.com/mapi/emsmdb MD5: 203106C1A3299CC92377335CE0325718 Reason: Expert analysis Databases release date: Today, 12/13/2023 1:16:00 PM Followed by this: Event: Download denied User: XXXX User type: Active user Application name: OUTLOOK.EXE Application path: C:\Program Files (x86)\Microsoft Office\root\Office16 Component: Web Anti-Virus Result description: Blocked Type: Trojan Name: HEUR:Trojan.Script.Generic Precision: Heuristic Analysis Threat level: High Object type: File Object name: ?MailboxId=*****@*****.tld Object path: https://outlook.office365.com/mapi/emsmdb MD5: 203106C1A3299CC92377335CE0325718 Reason: Expert analysis Databases release date: Today, 12/13/2023 1:16:00 PM How do I see what is being blocked or where it's from? How do I resolve this? Is there a report to upload for analysis?
HEUR:Trojan.Script.Generic Outlook.exe
in Virus and Ransomware related questions
Posted
Getting hammered with a notification every 20 minutes or so today.
Malicious Object Detected and then Download Denied.
First is this:
Event: Malicious object detected
User: XXXX
User type: Active user
Application name: OUTLOOK.EXE
Application path: C:\Program Files (x86)\Microsoft Office\root\Office16
Component: Web Anti-Virus
Result description: Detected
Type: Trojan
Name: HEUR:Trojan.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: ?MailboxId=*****@*****.tld
Object path: https://outlook.office365.com/mapi/emsmdb
MD5: 203106C1A3299CC92377335CE0325718
Reason: Expert analysis
Databases release date: Today, 12/13/2023 1:16:00 PM
Followed by this:
Event: Download denied
User: XXXX
User type: Active user
Application name: OUTLOOK.EXE
Application path: C:\Program Files (x86)\Microsoft Office\root\Office16
Component: Web Anti-Virus
Result description: Blocked
Type: Trojan
Name: HEUR:Trojan.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: ?MailboxId=*****@*****.tld
Object path: https://outlook.office365.com/mapi/emsmdb
MD5: 203106C1A3299CC92377335CE0325718
Reason: Expert analysis
Databases release date: Today, 12/13/2023 1:16:00 PM
How do I see what is being blocked or where it's from? How do I resolve this? Is there a report to upload for analysis?