Autodiscover infected with virus

New Contributor

My client has Exchange server 2016 running on windows server 2016 Standard. After the recent zero day we patched the server right away and ran the mitigation tool. We have also run several full Microsoft safety scans and Windows defender scans. The safety scans and mitigation tools removed back doors and we have been running them regularly since. A few days later one of the users mentioned that they keep getting a pop up about a virus when opening Outlook. The message is attached. I verified that the same thing was happening on any other computer using Outlook. I also tested on an external machine that was a clean build and I got the same message as soon as I connected Outlook to their exchange server. I tried deleting and recreating the autodiscover virtual directory but the issue seems to keep going after that. Any help would be greatly appreciated. 



5 Replies



Have you found a solution? We have a client which has the exact same issue. They are in the process of installing a new Exchange server to migrate the mailboxes, but not sure if the Autodiscover.xml error will disappear after the old Exchange is decommissioned and the clients connect to the new one.

best response confirmed by Tingley5 (New Contributor)



Well I found the solution in this case. Apparently the external URL used for the OAB URL was rewritten and changing it back to the original value fixed it.




Thanks! That did it!

Hi @DaveGr1280 

I'm having a similar problem whilst setting up a new email address under Microsoft® Outlook® for Microsoft 365 MSO (Version 2112 Build 16.0.14729.20254) 64-bit. Bitdefender AV is blocking the autodiscover URL - See attached. 


I'm not technical, could you please explain what I need to do?


Many thanksAutodiscover error.JPG

I'd really appreciate any help with this issue folks, as it is preventing me from getting to my emails.


Thank you