As far as the malware?
Malware Name: Worm:Win32/Gamarue.AR Number of infections: 80 Last detection time(UTC time): 6/10/2015 3:06:51 PM These are the infections of this malware: 1. Computer name: Domain: Detection time(UTC time): 6/10/2015 3:06:51 PM Malware file path: process:_pid:884 Remediation action: Quarantine Action status: Succeeded The PID is different in each detection, but they're all on the same machine. From: [email protected] [mailto:[email protected]] On Behalf Of Jason Mlynarchuk Sent: Wednesday, June 10, 2015 8:38 AM To: [email protected] Subject: [mssms] RE: SCEP Malware report Is it telling you what the detection is? Jason Mlynarchuk Infrastructure Analyst - Infrastructure Services Information and Technology Services NAIT 11762-106 Street NW Edmonton, Alberta Canada T5G 2R1 P 780.378.6128 F 780.491.3083 E [email protected]<mailto:[email protected]> www.nait.ca<http://www.nait.ca/> NAIT - An Institute of Technology Committed to Student Success ......................................................................................................... Please consider the environment before printing this email. PRIVILEGE AND CONFIDENTIALITY NOTICE This email and any attachments are being transmitted in confidence for the use of the individual(s) or entity to which it is addressed and may contain information that is confidential, privileged, proprietary or exempt from disclosure. Any use not in accordance with its purpose, any distribution or any copying by persons other than the intended recipient(s) is prohibited. If you received this message in error, please notify the sender and delete the material. Ce courriel et toutes les pièces jointes sont transmis confidentiellement pour que la personne ou l'organisation à laquelle ils sont adressés les utilise. Ils peuvent contenir des renseignements confidentiels, réservés, de propriété exclusive ou à accès limité. Toute utilisation non conforme à leurs fins, toute diffusion ou toute reproduction par une autre personne que le destinataire ou les destinataires, est interdite. Si vous recevez ce message par erreur, veuillez en informer l'expéditeur et supprimer le communiqué immédiatement From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Heaton, Joseph@Wildlife Sent: Wednesday, June 10, 2015 9:28 AM To: [email protected]<mailto:[email protected]> Subject: [mssms] SCEP Malware report I'm not sure what this report means, and how to clean it: Malware file path: process:_pid:3720 I don't know how to figure out where that is actually located. Now, the action of quarantine has been successful so far, but they just keep coming. I'm close to recommending to the tech to just reimage the darn thing, but would like to know if there's anything else we can do before that. Thanks, Joe Heaton Information Technology Operations Branch Data and Technology Division CA Department of Fish and Wildlife 1700 9th Street, 3rd Floor Sacramento, CA 95811 Desk: (916) 323-1284 Every Californian should conserve water. Find out how at: [SaveOurWater_Logo]<http://saveourwater.com/> SaveOurWater.com<http://saveourwater.com/> · Drought.CA.gov<http://drought.ca.gov/>
