Thanks a lot for the info 😊


De : clamav-users <> de la part de Al 
Varnell <>
Envoyé : 13 octobre 2018 17:46:17
À : ClamAV users ML
Objet : Re: [clamav-users] Malware alert???

It's not unusual to see such things on machines running multiple A-V software 
packages. Vendors do their best to obfuscate and protect signatures for that 
reason, but it usually happens during updates when the signatures are unpacked 
to a tmp area as plain text before moving them to a protected area. If both are 
using the same strings as signatures, they will undoubtedly see such updates as 


On Sat, Oct 13, 2018 at 09:40 AM, Jean-Francois Tasse wrote:
no, when I wanted to get it out of quarantine I was unable to get it because it 
came from a tmp folder during the update.  I have attached a screenshot to this 
email, that is the best I can do.  To translate it, it's saying that it is a 
trojan that is downloading other programs.

I have 3 virtual machine with Avast, AVG and Avira, I will see if I can 
reproduce it with the other antivirus.  Up to now AVG did not see anything 

De : clamav-users 
 de la part de Alain Zidouemba 
Envoyé : 13 octobre 2018 11:59:57
À : ClamAV users ML
Objet : Re: [clamav-users] Malware alert???

Do you have the specific signature name that alerted?


On Oct 13, 2018, at 11:12 AM, Matthes, Marc 
<<>> wrote:

Same here

Marc Matthes
Director of Computer Networking Programs
Iowa Central CC

From: clamav-users 
 on behalf of Jean-Francois Tasse 
Sent: Saturday, October 13, 2018 10:10:56 AM
To: ClamAV users ML
Subject: [clamav-users] Malware alert???

Today during ClamWin update:
main.cvd version 58
daily.cvd version 25033
bytecode version 327

Windows Defender stopped the update process saying that 
"TrojanDownloader:JS/Nemucod" was present.  Scanned all of my system nothing 
found and tried updating ClamWin again and everything was ok.

anyone else got a weird message like that today?

clamav-users mailing list

Help us build a comprehensive ClamAV guide:

Reply via email to