Re: [clamav-users] Where do I send the latest zip with a ransomware viri in it?

2016-03-20 Thread James Brown 
http://www.clamav.net/reports/malware

Also email it to samp...@sanesecurity.me.uk

James.

> On 17 Mar 2016, at 9:30 AM, Gene Heskett  wrote:
> 
> Greetings all;
> 
> I got a zip this morning, addressed to me from me.  Dropped on 
> virustotal, show 9 hits from other viri detectors.
> 
> Opening this will ruin your day.  Its ransomware.
> 
> I'm now nuking that real source address on the mail server.  No clue if 
> that will help, but when a class D attacks me, that whole class C gets 
> sent to /dev/null on the mail server, forever.
> 
> But I have saved it, and you need to develop a detector pretty fast,  so 
> where do I send it?
> 
> Cheers, Gene Heskett
> -- 
> "There are four boxes to be used in defense of liberty:
> soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author)
> Genes Web page 
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Where do I send the latest zip with a ransomware viri in it?

2016-03-19 Thread Gene Heskett 
On Wednesday 16 March 2016 18:43:04 James Brown wrote:

> http://www.clamav.net/reports/malware

Site will not take it, shows the crossout cursor, red circle with 
slashbar when I move the mouse to the submit button.  Let me know on the 
list when it works..
>
> Also email it to samp...@sanesecurity.me.uk
>
> James.
>
> > On 17 Mar 2016, at 9:30 AM, Gene Heskett  wrote:
> >
> > Greetings all;
> >
> > I got a zip this morning, addressed to me from me.  Dropped on
> > virustotal, show 9 hits from other viri detectors.
> >
> > Opening this will ruin your day.  Its ransomware.
> >
> > I'm now nuking that real source address on the mail server.  No clue
> > if that will help, but when a class D attacks me, that whole class C
> > gets sent to /dev/null on the mail server, forever.
> >
> > But I have saved it, and you need to develop a detector pretty fast,
> >  so where do I send it?
> >
> > Cheers, Gene Heskett
> > --
> > "There are four boxes to be used in defense of liberty:
> > soap, ballot, jury, and ammo. Please use in that order."
> > -Ed Howdershelt (Author)
> > Genes Web page 
> > ___
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
>
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Where do I send the latest zip with a ransomware viri in it?

2016-03-19 Thread Gene Heskett 
Greetings all;

I got a zip this morning, addressed to me from me.  Dropped on 
virustotal, show 9 hits from other viri detectors.

Opening this will ruin your day.  Its ransomware.

I'm now nuking that real source address on the mail server.  No clue if 
that will help, but when a class D attacks me, that whole class C gets 
sent to /dev/null on the mail server, forever.

But I have saved it, and you need to develop a detector pretty fast,  so 
where do I send it?

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml