Thomas, Yes, thank you. The four you submitted did happen to be false positives.
As always false positives can be submitted via http://www.clamav.net -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Jul 20, 2012, at 3:54 PM, "Kern, Thomas (CONTR)" <thomas.k...@hq.doe.gov> wrote: > A guy from the ClamAV team asked for copies of my files, checked them and > reported to me that they were all false positives. > > -- > Thomas Kern > ActioNet, Inc. > On contract to: > U.S. Department of Energy > 301-903-2211 (Office) > 301-905-6427 (Mobile) > > > -----Original Message----- > From: clamav-users-boun...@lists.clamav.net > [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Silca > Sent: Friday, July 20, 2012 3:40 PM > To: ClamAV users ML > Subject: Re: [clamav-users] Virus decscriptions ? > > I had ten files last night show up positive for Exploit.PDF.Dropped-20 > > Will double check files... > > > > Kern, Thomas (CONTR): >> Last night 4 files on one of our internal servers were flagged as being >> infected with Exploit.PDF.Dropped-20. >> >> How do I find out what Exploit.PDF.Dropped-20 is and how to fix the files or >> the user's workstation from which they got uploaded? >> >> -- >> Thomas Kern >> ActioNet, Inc. >> On contract to: >> U.S. Department of Energy >> 301-903-2211 (Office) >> 301-905-6427 (Mobile) >> >> >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: visit >> http://wiki.clamav.net http://www.clamav.net/support/ml >> > > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
