Al, This is not a false positive. The file is malicious. I am working on making detection signatures for the malware.
Thanks, Shaun Hurley On Tue, Oct 20, 2015 at 9:00 PM, Alex <mysqlstud...@gmail.com> wrote: > Hi, > > > On Tue, Oct 20, 2015 at 11:57 AM, Al Varnell <alvarn...@mac.com> wrote: > > According to this, Sophos should see it as Troj/JavaBz-ZO: > > < > https://www.virustotal.com/en/file/f97ea502099c1bea8eb36e2f90e94feabf1a79652cd5c0f4384f91f65410aa9f/analysis/> > submitted yesterday. > > > > Microsoft detects it as Trojan:Java/Adwind.P > > and Kaspersky calls it Trojan.Java.Adwind.af > > Yes, I just submitted it to them and now they have it in their signatures. > > I'm just very surprised to see this virus wasn't already being > detected by both clamav and sophos. It wasn't until the customer > alerted me that their desktop scanner had caught it that we were made > aware :-( > > Thanks, > Alex > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml