Last night 4 files on one of our internal servers were flagged as being
infected with Exploit.PDF.Dropped-20.
How do I find out what Exploit.PDF.Dropped-20 is and how to fix the files or
the user's workstation from which they got uploaded?
--
Thomas Kern
ActioNet, Inc.
On contract to:
U.S. Dep
On Jul 20, 2012, at 8:57 AM, "Kern, Thomas (CONTR)"
wrote:
> Last night 4 files on one of our internal servers were flagged as being
> infected with Exploit.PDF.Dropped-20.
>
> How do I find out what Exploit.PDF.Dropped-20 is and how to fix the files or
> the user's workstation from which th
Hi, just was informed that some mails with
ZIP/Bredolab.A!Camelot
slipped through up2date clamav gateway , detected by
Microsoft Forefront
the sender is deutschepost.de
ever
someone an idea to that ?
--
Best Regards
MfG Robert Schetterer
___
Help us
> Hi, just was informed that some mails with
> ZIP/Bredolab.A!Camelot
>
> slipped through up2date clamav gateway , detected by
> Microsoft Forefront
Hi,
Did they slip past the Sanesecurity phish.ndb/rogue.hdb ones too?
Cheers,
Steve
Sanesecurity
__
On Jul 20, 2012, at 11:22 AM, Robert Schetterer wrote:
> Hi, just was informed that some mails with
> ZIP/Bredolab.A!Camelot
>
> slipped through up2date clamav gateway , detected by
> Microsoft Forefront
>
> the sender is deutschepost.de
> ever
>
> someone an idea to that ?
If you have the fi
On 7/20/12 5:57 AM, "Kern, Thomas (CONTR)" wrote:
> Last night 4 files on one of our internal servers were flagged as being
> infected with Exploit.PDF.Dropped-20.
>
> How do I find out what Exploit.PDF.Dropped-20 is and how to fix the files or
> the user's workstation from which they got upload
Thanks. That goes into the file of handy things to know.
--
Thomas Kern
ActioNet, Inc.
On contract to:
U.S. Department of Energy
301-903-2211 (Office)
301-905-6427 (Mobile)
-Original Message-
From: clamav-users-boun...@lists.clamav.net
[mailto:clamav-users-boun...@lists.clamav.net] On B
I had ten files last night show up positive for Exploit.PDF.Dropped-20
Will double check files...
Kern, Thomas (CONTR):
> Last night 4 files on one of our internal servers were flagged as being
> infected with Exploit.PDF.Dropped-20.
>
> How do I find out what Exploit.PDF.Dropped-20 is and h
A guy from the ClamAV team asked for copies of my files, checked them and
reported to me that they were all false positives.
--
Thomas Kern
ActioNet, Inc.
On contract to:
U.S. Department of Energy
301-903-2211 (Office)
301-905-6427 (Mobile)
-Original Message-
From: clamav-users-boun...@
This sig has been dropped.
It caught a lot of very bad things, but there were a few false positives.
Currently evaluating other avenues of approach.
J
On Jul 20, 2012, at 3:40 PM, Silca wrote:
> I had ten files last night show up positive for Exploit.PDF.Dropped-20
>
> Will double check fil
Thomas,
Yes, thank you. The four you submitted did happen to be false positives.
As always false positives can be submitted via http://www.clamav.net
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
On Jul 20, 2012, at 3:54 PM, "Kern, Thomas (CONTR)"
wro
Am 20.07.2012 17:41, schrieb Steve Basford:
>
>> Hi, just was informed that some mails with
>> ZIP/Bredolab.A!Camelot
>>
>> slipped through up2date clamav gateway , detected by
>> Microsoft Forefront
>
>
> Hi,
>
> Did they slip past the Sanesecurity phish.ndb/rogue.hdb ones too?
>
> Cheers,
>
Am 20.07.2012 18:02, schrieb Joel Esler:
> On Jul 20, 2012, at 11:22 AM, Robert Schetterer wrote:
>
>> Hi, just was informed that some mails with
>> ZIP/Bredolab.A!Camelot
>>
>> slipped through up2date clamav gateway , detected by
>> Microsoft Forefront
>>
>> the sender is deutschepost.de
>> ever
Am 20.07.2012 22:44, schrieb Robert Schetterer:
> Am 20.07.2012 18:02, schrieb Joel Esler:
>> On Jul 20, 2012, at 11:22 AM, Robert Schetterer
>> wrote:
>>
>>> Hi, just was informed that some mails with
>>> ZIP/Bredolab.A!Camelot
>>>
>>> slipped through up2date clamav gateway , detected by
>>> Mic
Hi,
Has ClamaAV been taken-over by the Men in Black from google Inc. ?
"News
ClamAV's Wiki
http://feedproxy.google.com/~r/Clamav/~3/1tYQrHcgJNE/clamavs-wiki.html/
July 5th, 2012 Posted by -
The ClamAv Wiki is currently down. It hadn't been updated for some
time (several
On 7/20/12 6:42 PM, "Robert M. Stockmann" wrote:
> Has ClamaAV been taken-over by the Men in Black from google Inc. ?
>
> "News
>
> ClamAV's Wiki
> http://feedproxy.google.com/~r/Clamav/~3/1tYQrHcgJNE/clamavs-wiki.html/
> July 5th, 2012 Posted by -
>
> The ClamAv Wiki i
On Fri, 20 Jul 2012, Al Varnell wrote:
Date: Fri, 20 Jul 2012 18:58:44 -0700
From: Al Varnell
Reply-To: ClamAV users ML
To: ClamAV users ML
Subject: Re: [clamav-users] ClamaAV take over by Google Inc. ?
On 7/20/12 6:42 PM, "Robert M. Stockmann" wrote:
Has ClamaAV been taken-over by the M
On Fri, 20 Jul 2012, Al Varnell wrote:
Date: Fri, 20 Jul 2012 18:58:44 -0700
From: Al Varnell
Reply-To: ClamAV users ML
To: ClamAV users ML
Subject: Re: [clamav-users] ClamaAV take over by Google Inc. ?
On 7/20/12 6:42 PM, "Robert M. Stockmann" wrote:
Has ClamaAV been taken-over by the M
On 7/20/12 7:19 PM, "Robert M. Stockmann" wrote:
>
> On Fri, 20 Jul 2012, Al Varnell wrote:
>
>> Date: Fri, 20 Jul 2012 18:58:44 -0700
>> From: Al Varnell
>> Reply-To: ClamAV users ML
>> To: ClamAV users ML
>> Subject: Re: [clamav-users] ClamaAV take over by Google Inc. ?
>>
>> On 7/20/12 6:
19 matches
Mail list logo
