We have a few hundred PDFs that contain strings that trigger the DLP as credit
card or SSN strings. These are false positives. The files have been examined to
make sure that such private information is not in them, but there is real
information that fits the same structure and triggers the DLP.
Last night 4 files on one of our internal servers were flagged as being
infected with Exploit.PDF.Dropped-20.
How do I find out what Exploit.PDF.Dropped-20 is and how to fix the files or
the user's workstation from which they got uploaded?
--
Thomas Kern
ActioNet, Inc.
On contract to:
U.S. Dep
Behalf Of Al Varnell
Sent: Friday, July 20, 2012 3:23 PM
To: ClamAV users ML
Subject: Re: [clamav-users] Virus decscriptions ?
On 7/20/12 5:57 AM, "Kern, Thomas (CONTR)" wrote:
> Last night 4 files on one of our internal servers were flagged as
> being infected with Exploi
, Thomas (CONTR):
> Last night 4 files on one of our internal servers were flagged as being
> infected with Exploit.PDF.Dropped-20.
>
> How do I find out what Exploit.PDF.Dropped-20 is and how to fix the files or
> the user's workstation from which they got uploaded?
&
