This topic contains 2 replies, has 3 voices, and was last updated by Profile gravatar of Michael Pietroforte Michael Pietroforte 1 month, 3 weeks ago.

  • Author
  • #167362
    Profile gravatar of Mauro Mauro 
    • Topics: 1
    • Replies: 5
    Post count: 15
    Member Points: 193

    Hi all,
    Everyday I have tons of emails blocked by Exchange Online Protection due to detections of O97M/Macrobe.C

    Find nothing about it in official MS documentation – at least nothing useful (as usual 😉

    Below the exchange notification:

    This message was created automatically by mail delivery software. Your email message was not delivered as is to the intended recipients because malware was detected in one or more attachments included with it. All attachments were deleted.

    — Additional Information —:

    Subject: **********
    Sender: nichols.6518@**********

    Time received: 6/15/2017 10:55:50 AM
    Message ID:<67e42b7b-0b253cc65-70eb-34d9bc02cb30@**********>
    Detections found:
    ********** O97M/Macrobe.C

    Has anyone noticed the same thing?
    (Not really a support question, just curious about it)

  • #172077
    Profile gravatar of Luc Fullenwarth Luc Fullenwarth 
    • Topics: 2
    • Replies: 20
    Post count: 66
    Member Points: 3,744

    Hi Mauro,

    It seems like:

    1. You are under the fire of a still active malware.
    2. Your antivirus software is doing its job.

    I am just wondering if you expect anything else from us.

    Otherwise you can mark it as resolved.

  • #182280
    Profile gravatar of Michael Pietroforte Michael Pietroforte 
    • Topics: 136
    • Replies: 292
    Post count: 866
    Member Points: 5,197

    This is a trojan and Microsoft documented it. If your mailboxes are flooded with the same malware, it might indicate that one of your systems is infected and the malware tries to spread using your directory. You might want to check the source of these emails.


You must be logged in to reply to this topic.


Please ask IT administration questions in the forum. Any other messages are welcome.

© 4sysops 2006 - 2017

Log in with your credentials


Forgot your details?

Create Account