Mail with malicious attachement not handles by ESET Server Security

[StotheR 0]

Hi there. 

A customer informed me about a suspicious mail with img file attachement.

The customer works on a remote desktop environment with Windows Server 2019 Standard and ESET Server Security 9.0.12.13.0 installed. He received the mail via Outlook. When I download the mail with attachement or just the attachement to file system and start a manual ESET scan, it is cleaned by ESET. I uploaded the mail to virustotal.com and it was also detected malicious by seven checks. 

 

I asked him to forward the mail to me. I have ESET Endpoint Antivirus installed and as soon as the mail arrived in my inbox it was detected and cleaned by ESET.

How is it possible, that there is a difference in detection??

[StotheR 0]

Update: I just called with another customer, who works on the same remote server as the one mentioned above. She received the same mail but ESET detected the malicious attachement and cleared the mail. 

 

[Marcos 4,706]

Please provide the appropriate records from the Detections log.

[StotheR 0]

How do I do that? Just export log entries from ESET Server Security on the remote system or export via ESET PROTECT?

[Marcos 4,706]

The best would be to run ESET Log Collector on the server and provide the generated archive. It also collects the product configuration which is important when determining the reason for not detecting certain malware.