Outlook login dialog box pops up on one particular email

the workstation is part of a windows 2003 domain and is located locally to the server. Last week, when the user tried to open an email, she receive a login popup diaglog box asking her to input her login credentials. thinking that it was just a different application so she didnt bother contacting the IT people until today when she opened the email related to the one of last week. The weird thing is that it only pops up on this email. We are suspecting of malware. Can anybody enlighten me on how will i detect/remove this? i tried running Malwarebytes and it found a few and cleaned it. but still the same situation is happening when she opens the message. I appreciate the help. thanks.
amcursoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Kerem ERSOYPresidentCommented:
Hi,

Since this is the only e-mail which causes a pop-up asking credentials I guess it is the malware asking for credentials ant then it must be sending these credentials and her a-mail info to somewhere. I'll suggest you to save the contents and get it scanned by a malware scanner. You'd better delete it after saving too.

You can use A2 Malware Scanner Free version. It is one of the best available on the market.

http://www.emsisoft.com/en/software/free/

Cheers,
K.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
amcursoAuthor Commented:
is possible to trace the where is it sending to? i tried viewing the source but its not giving me much to work on. Also, i think the main cause of this on the message is one image (i cant open because outlook is preventing it), when i try to download the image, it prompts and i'll just hit cancel and nothing happens, as if it didnt pop up. in other words, it can be ignored.
0
MightySWCommented:
Hi, more than likely there is an attachment from either another email or a forward from another email from a file server share that she doesn't have access to.  Temporarily remove the attachment and try again.  Also check the properties of the attachment.

HTH
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

MightySWCommented:
find out where the email is from.  More than likely it is from a resource that doesn't exist or, again, she doesn't have permission for.
0
amcursoAuthor Commented:
thanks btw, for all the response. there is one attachment - A pdf - and its fine. i already tried removing it. its just probably this part of the message when one of the recipient add a link or an image (i doesnt show up) to some internet image that is causing the issue.  

We can Delete this message and forget about it but the sad thing is that we had an issue a month ago where a forwarded message will attach an image of child porn when the recipient in turn forward it to someone. So they will not allow us to go without investigating it fully. hopefully i can give them more assurance/solution to this issue. thanks.
0
MightySWCommented:
So you are saying that there is embedded HTML in the message?

This could definitely be the cause.  Can you see the picture?  Be default, Outlook will not download pictures from external content, but if they are embedded then you could have a problem.  You can right click on the picture and try to save it.  If you forward it to an external account you could accomplish the same thing and not have to render the HTML through your domain restrictions.  

Screen shots always work well if you can see the image.  If you are really talking about a true forensic case then I would leave it alone and not even touch it.  This is something that someone who is specialized in forensics should deal with and the police should be contacted if need be.  Once you tamper with it then the evidence (if you need it to be evidence) is then inadmissible as forensic evidence.  Google special masters, or Kenneth Star when you get a chance.  This is of course if this is a forensic case.  

Honestly in this case, without deleting the message then there is absolutely nothing that you can do unless a special master forensic specialist comes in and investigates the image(s) and where they came from.

Sorry to be such a bummer, but that is absolutely the way it goes.
0
amcursoAuthor Commented:
Thanks. i do agree with you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.