Jump to content

Recommended Posts

I had this problem this morning and here is the solution!

The problem is that Nod32 is not able to delete or move the infected email, so it continously dowloads the same email via IMAP, every minute.
But you don't see the email in your email client, because it is still on the server.

You have 2 solutions:

  1. Use the web interface of your email provider and delete the email directly on the server.
  2. If your email provider does not offer you a web interface, disable the antivirus, let the infected email to be dowloaded to your client, delete it and restore the antivirus.
Edited by IgorDR
Link to post
Share on other sites

I also had the same problem with the same virus (HTML/Fraud.EK).

I discovered that the offending email was sent to my Gmail account, which I have set up as an IMAP account in my Outlook client.

I logged on my Gmail account via the Gmail web interface and searched the various folders for the offending email. I located it in the Gmail Spam folder. I was then able to delete the email. Problem resolved. 

Hope this helps. 

Link to post
Share on other sites

Just in case this helps 😉 I use Outlook 365

Same problem here - log:

Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
27/08/2020 12:23:37;IMAP filter;email message;from: "MRS. GRACE ALLEN"<gitlab@jbcloud.tokyo> with subject I'M A CANCER WOMAN HELP ME dated Wed, 26 Aug 2020 21:23:07 -0700 ;HTML/Fraud.EK trojan;contained infected files;DESKTOP-********\***********;Event occurred upon receiving an email by the application: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (4EFC5B419545D8BEF94562B5B37F7CB826AFB8CE).;B6F39053914FA3C684E51EB99EA8A9792C786A34;

NOD32 set to delete emails on detection, as suggested above - so I don't think that works (at least - see below - when download not to Inbox?) 

I have two accounts, one with Gmail, the other with Virgin. I went to the webpage for Gmail - that email does not exist there. But as a matter of course, I cleaned out everything from there since I don't really use Gmail. Also, I haven't got Gmail mapped in Outlook anyway - but I thought it worthwhile checking and having a clean out

On Virgin front end, I found the email hiding in the Spam folder. I deleted this, then tried download again - still detecting. I finally found it hiding in the Deleted folder (Trash) - Doh! So I deleted it from there as well, and now it is no longer being detected. I also took the opportunity to do a clean-out there as well.

Looks like Outlook365 downloads the contents of the Spam and Trash folders as well🤨, which was why it was being detected  so the lesson is to check in ALL folders if this kind of thing happens and not to assume things.

Anyway, thought I'd share with all, hope it helps some.

Link to post
Share on other sites
19 minutes ago, leosuth said:

Looks like Outlook365 downloads the contents of the Spam and Trash folders as well🤨, which was why it was being detected  so the lesson is to check in ALL folders if this kind of thing happens and not to assume things.

Most e-mail clients have an option where you can control; i.e. synchronize, what folders are auto downloaded from the e-mail provider server to the local device e-mail client. Not sure if this exists in Outlook365 or not.

Link to post
Share on other sites
On 8/27/2020 at 8:25 AM, itman said:

Most e-mail clients have an option where you can control; i.e. synchronize, what folders are auto downloaded from the e-mail provider server to the local device e-mail client. Not sure if this exists in Outlook365 or not.

I'm having the same issue. An employee has his gmail account setup in Outlook, and I am getting flooded with alerts. 83 Hits so far today. An example is below. We use Office 365 for our company email. I guess I'm not sure what to do here. 

Is this something I need to take action on and is serious? Or do I need to go the route of blocking the notifications. 

 

Mrs.Cheryl%20Mc%20Daniel%3Cichimori%40charity.org%3E&subject=The%20Will%20Of%20God&attachment=part000.txt

Link to post
Share on other sites
  • Administrators
10 minutes ago, 207_tech said:

An employee has his gmail account setup in Outlook, and I am getting flooded with alerts. 83 Hits so far today.

A workaround should be to log in to Gmail via the web interface and find and delete the email that is detected.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...