Good morning everyone,
I see a couple samples that have been sent in to our f/p report site so looks like they are aware. If someone wants to submit a suspect f/p file - here is where you can upload it to: http://www.sunbeltsecurity.com/falsepositive/ Regards, Tammy _____ From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Tuesday, July 19, 2011 9:01 AM To: NT System Admin Issues Subject: RE: Vipre- possible false positive DAT?? Is Sunbelt (GFI) aware of this? Nothing on their website yet. From: Mike Wiebke [mailto:m...@yahoo.com] Sent: Tuesday, July 19, 2011 8:52 AM To: NT System Admin Issues Subject: Re: Vipre- possible false positive DAT?? I'm seeing the same with threatdb version 9897 - 9900 _____ From: N Parr <npar...@mortonind.com> To: NT System Admin Issues <ntsysadmin@lyris.sunbelt-software.com> Sent: Tue, July 19, 2011 7:07:22 AM Subject: RE: Vipre- possible false positive DAT?? ditto _____ From: John Leto [mailto:jo...@colonialsavings.com] Sent: Tuesday, July 19, 2011 6:43 AM To: NT System Admin Issues Subject: Vipre- possible false positive DAT?? This morning I came in and noticed that Vipre had flagged several machines in my organization with a possible virus, all for the same Excel gallery file which I've listed below. Is this a possible false positive from Vipre?? It just seems strange that I'd have so many machines at the very same time with the very same infected file. Threat: Exploit.Excel.CVE-2011-1278 (v) Category: Exploit Severity: High Risk Traces Found: File: C:\Program Files\Microsoft Office\OFFICE11\1033\XL8GALRY.XLS File: C:\Windows\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\1 1.0.5614\XL9GALRY.XLS_1033 John Leto Network Engineer Colonial Savings, F.A. 817-877-9578 jo...@colonialsavings.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin