0 Replies Latest reply on Nov 9, 2014 3:07 AM by Troja

    VSE and Exchange Information Store Database files (edb)

    Troja

      Hi all,

      there is some information available where malware uses edb files for storing, hiding or spreading. There are different articles from McAfee, Microsoft and other AV vendors  available where such files should be excluded from scanning.

       

      Example:
      File "C:\Windows\security\database\tmp.edb" belongs to virus/spyware 'Mal/ZboCheMan-A'.

      There is a Microsoft Article available with much of exclusions. http://support.microsoft.com/kb/822158

      Does anyone know how McAfee handles edb files? Is VSE able to inspect edb files?
      How do you handle this situation?
      How your customers are handling this situation?
      Does TIE/DXL solve this problem?

       

      Cheers,

      Thorsten