Jean93 0 Posted September 18, 2020 Share Posted September 18, 2020 I have ESET ENDPOINT 7.3.2039.0 running on my clients managed by ESET SECURITY MANAGEMENT CENTER 7.2 A Trojan was detected in one of my clients Email(Outlook 2013) 8 days ago. In the DETECTIONS logs, for the past 8 days there are logs that shows the infected file was deleted and another log that shows the infected file was retained. These two logs has been logged repeatedly for the past 8 days multiple times a day. Why is it that ESET is logging back that the infected files has bee deleted/retained yet it still sees the file re-log that it has been deleted/retained - this goes to say that the infected file is still present on the client. I ran an In-Depth Scan with Cleaning yesterday and no infected file was found. i have attached the Scan result and the detection log for reference. Kindly advise what next step i should be looking at? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted September 18, 2020 Administrators Share Posted September 18, 2020 This happens with IMAP and detection of DOC/Fraud emails. There's nothing dangerous about them, there's no link nor malicious file attached to them. You can log in via the web interface and delete the offending email based on the data from the log. We're going to release a new archive module and internet protection module soon which will address the issue. Link to comment Share on other sites More sharing options...
Jean93 0 Posted September 18, 2020 Author Share Posted September 18, 2020 Hi Marcos, Thank you for the prompt reply. I have filtered through the client inbox vie web interface but could not find the offending email. I believe ESET deleted the email the first time. It is just an eye sore and worry some to see the same logs repeating itself over and over again on a daily basis. Link to comment Share on other sites More sharing options...
Recommended Posts