Thanks a lot for the info 😊

JF

________________________________
De : clamav-users <clamav-users-boun...@lists.clamav.net> de la part de Al 
Varnell <alvarn...@mac.com>
Envoyé : 13 octobre 2018 17:46:17
À : ClamAV users ML
Objet : Re: [clamav-users] Malware alert???

It's not unusual to see such things on machines running multiple A-V software 
packages. Vendors do their best to obfuscate and protect signatures for that 
reason, but it usually happens during updates when the signatures are unpacked 
to a tmp area as plain text before moving them to a protected area. If both are 
using the same strings as signatures, they will undoubtedly see such updates as 
matching.

-Al-

On Sat, Oct 13, 2018 at 09:40 AM, Jean-Francois Tasse wrote:
no, when I wanted to get it out of quarantine I was unable to get it because it 
came from a tmp folder during the update.  I have attached a screenshot to this 
email, that is the best I can do.  To translate it, it's saying that it is a 
trojan that is downloading other programs.

I have 3 virtual machine with Avast, AVG and Avira, I will see if I can 
reproduce it with the other antivirus.  Up to now AVG did not see anything 
wrong.

JF
________________________________
De : clamav-users 
<clamav-users-boun...@lists.clamav.net<mailto:clamav-users-boun...@lists.clamav.net>>
 de la part de Alain Zidouemba 
<azidoue...@sourcefire.com<mailto:azidoue...@sourcefire.com>>
Envoyé : 13 octobre 2018 11:59:57
À : ClamAV users ML
Objet : Re: [clamav-users] Malware alert???

Do you have the specific signature name that alerted?

-Alain

On Oct 13, 2018, at 11:12 AM, Matthes, Marc 
<matt...@iowacentral.edu<mailto:matt...@iowacentral.edu>> wrote:

Same here

Marc Matthes
Director of Computer Networking Programs
Iowa Central CC
5155741099

________________________________
From: clamav-users 
<clamav-users-boun...@lists.clamav.net<mailto:clamav-users-boun...@lists.clamav.net>>
 on behalf of Jean-Francois Tasse 
<jft_que...@hotmail.com<mailto:jft_que...@hotmail.com>>
Sent: Saturday, October 13, 2018 10:10:56 AM
To: ClamAV users ML
Subject: [clamav-users] Malware alert???

Today during ClamWin update:
main.cvd version 58
daily.cvd version 25033
bytecode version 327

Windows Defender stopped the update process saying that 
"TrojanDownloader:JS/Nemucod" was present.  Scanned all of my system nothing 
found and tried updating ClamWin again and everything was ok.

anyone else got a weird message like that today?

JF
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Reply via email to