Endpoint Protection

 View Only

  • 1.  Excluded Folders showing in fltmc instances output

    Posted Dec 10, 2017 12:39 AM

    The Windows Command to see a list of items open by the A/V.

    “fltmc instances”

     

    This command has shown Exchange directories of:

    C:\ExchangeDatabases

    C:\ExchangeVolumes

    The Exchange files and folders should not be listed, according to MS Support. 

     

    Some Folders show the Exception Type as “Security Risk Folder” while others show “All Scan Folder”. 

     

    The C:\ExchangeDatabases folders are mount points 

    C:\ExchangeVolumes\ExVol0 - ExVol10

     

    Hopefully someone can tell me 100% how to make sure these folders/mount points are excluded. I have the Exchange file extensions exluded but not sure why the SEP?

     

    fltmc instances output include the following:

    BHDrvx64 C:\ExchangeDatabases\DAG1-DB069
    SRTSP C:\ExchangeDatabases\DAG1-DB069
    SymEFA C:\ExchangeDatabases\DAG1-DB069

     

    Thank you,

    Mark

     



  • 2.  RE: Excluded Folders showing in fltmc instances output

    Posted Dec 10, 2017 01:58 PM
    When SEP is installed on Exchange it should automatically detect Exchange and apply the required exceptions. BhDrv is related to SONAR. Did you create a scan exception for it? For SymEFA and SRTSP those are services that shouldn't cause a problem. What version of SEP are you running and are you experiencing issues?