Al,

This is not a false positive.
The file is malicious. I am working on making detection signatures for the
malware.

Thanks,
Shaun Hurley

On Tue, Oct 20, 2015 at 9:00 PM, Alex <mysqlstud...@gmail.com> wrote:

> Hi,
>
>
> On Tue, Oct 20, 2015 at 11:57 AM, Al Varnell <alvarn...@mac.com> wrote:
> > According to this, Sophos should see it as Troj/JavaBz-ZO:
> > <
> https://www.virustotal.com/en/file/f97ea502099c1bea8eb36e2f90e94feabf1a79652cd5c0f4384f91f65410aa9f/analysis/>
> submitted yesterday.
> >
> > Microsoft detects it as Trojan:Java/Adwind.P
> > and Kaspersky calls it Trojan.Java.Adwind.af
>
> Yes, I just submitted it to them and now they have it in their signatures.
>
> I'm just very surprised to see this virus wasn't already being
> detected by both clamav and sophos. It wasn't until the customer
> alerted me that their desktop scanner had caught it that we were made
> aware :-(
>
> Thanks,
> Alex
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Reply via email to