This sig has been dropped. It caught a lot of very bad things, but there were a few false positives. Currently evaluating other avenues of approach.
J On Jul 20, 2012, at 3:40 PM, Silca <si...@hardbox.ca> wrote: > I had ten files last night show up positive for Exploit.PDF.Dropped-20 > > Will double check files... > > > > Kern, Thomas (CONTR): >> Last night 4 files on one of our internal servers were flagged as being >> infected with Exploit.PDF.Dropped-20. >> >> How do I find out what Exploit.PDF.Dropped-20 is and how to fix the files or >> the user's workstation from which they got uploaded? >> >> -- >> Thomas Kern >> ActioNet, Inc. >> On contract to: >> U.S. Department of Energy >> 301-903-2211 (Office) >> 301-905-6427 (Mobile) >> >> >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net >> http://www.clamav.net/support/ml >> > > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
