Thanks a lot for the info 😊
JF ________________________________ De : clamav-users <[email protected]> de la part de Al Varnell <[email protected]> Envoyé : 13 octobre 2018 17:46:17 À : ClamAV users ML Objet : Re: [clamav-users] Malware alert??? It's not unusual to see such things on machines running multiple A-V software packages. Vendors do their best to obfuscate and protect signatures for that reason, but it usually happens during updates when the signatures are unpacked to a tmp area as plain text before moving them to a protected area. If both are using the same strings as signatures, they will undoubtedly see such updates as matching. -Al- On Sat, Oct 13, 2018 at 09:40 AM, Jean-Francois Tasse wrote: no, when I wanted to get it out of quarantine I was unable to get it because it came from a tmp folder during the update. I have attached a screenshot to this email, that is the best I can do. To translate it, it's saying that it is a trojan that is downloading other programs. I have 3 virtual machine with Avast, AVG and Avira, I will see if I can reproduce it with the other antivirus. Up to now AVG did not see anything wrong. JF ________________________________ De : clamav-users <[email protected]<mailto:[email protected]>> de la part de Alain Zidouemba <[email protected]<mailto:[email protected]>> Envoyé : 13 octobre 2018 11:59:57 À : ClamAV users ML Objet : Re: [clamav-users] Malware alert??? Do you have the specific signature name that alerted? -Alain On Oct 13, 2018, at 11:12 AM, Matthes, Marc <[email protected]<mailto:[email protected]>> wrote: Same here Marc Matthes Director of Computer Networking Programs Iowa Central CC 5155741099 ________________________________ From: clamav-users <[email protected]<mailto:[email protected]>> on behalf of Jean-Francois Tasse <[email protected]<mailto:[email protected]>> Sent: Saturday, October 13, 2018 10:10:56 AM To: ClamAV users ML Subject: [clamav-users] Malware alert??? Today during ClamWin update: main.cvd version 58 daily.cvd version 25033 bytecode version 327 Windows Defender stopped the update process saying that "TrojanDownloader:JS/Nemucod" was present. Scanned all of my system nothing found and tried updating ClamWin again and everything was ok. anyone else got a weird message like that today? JF
_______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
