Notifications
Clear all

Malware in .pst

5 Posts
3 Users
0 Reactions
1,303 Views
RolfGutmann
(@rolfgutmann)
Noble Member
Joined: 10 years ago
Posts: 1185
Topic starter  

We got infected in Outlook 2013 with malware in the .pst file. About 3k email messages included in this archive. How can we effectively clean out the malware by not destroying the .pst?

Thank you for your help.


   
Quote
nightworker
(@nightworker)
Estimable Member
Joined: 16 years ago
Posts: 134
 

Parse pst file with forensics tool go to mallwares files ofsett open pst with hex editor fill zero and overwrite malware


   
ReplyQuote
RolfGutmann
(@rolfgutmann)
Noble Member
Joined: 10 years ago
Posts: 1185
Topic starter  

Thank you very much!


   
ReplyQuote
Bunnysniper
(@bunnysniper)
Reputable Member
Joined: 13 years ago
Posts: 259
 

We got infected in Outlook 2013 with malware in the .pst file. .

Nir Sofer (nirsoft.net) has a tool called "OutlookAttachment Viewer" (?) which separates attachments from messages. Save them all to a dedicated folder and parse the remaining pst file with any other tool, for example X-Ways Forensics. So you can scan the folder with attachments with AV software. Do it with a copy of the pst and hash before and after to make sure nothing is tampered.

best regards,
Robin


   
ReplyQuote
RolfGutmann
(@rolfgutmann)
Noble Member
Joined: 10 years ago
Posts: 1185
Topic starter  

Thank you Robin!


   
ReplyQuote
Share: