Without the exact name of the Shopperz infection, I can’t tell you whether it’s a recent definition or an old one. There are currently 351 such signatures.
The Uztuby-3 was added to the database on 30 Jan 2016 04-36 -0500 in daily:21324, so it’s been there for a couple of weeks. It would not surprise me to learn that an ISP was providing something for free that included Adware. I’m sure that’s what Shopperz’s are. -Al- -- ClamXav User On Feb 16, 2016, at 12:25 PM, Jean-D. Ackle <jdali...@yahoo.com.br> wrote: > Hello, > > So... it seems I've been a "victim" of last week's False Positives... > First I got so many files on a Windows partition "infected" by the > Bancos trojan (detected by clamscan running from Linux) I quickly > concluded that particular Windows setup was gone. I just noticed someone > on the list saying it was a FP... > So then, I used my OEM recovery disks to reinstall the system and I > "found out" the newly installed system with which I had NOT connected to > the Internet yet was already infected by... Win.Trojan.Ramnit... > > I had already installed Windows 10 downloaded from Microsoft when I > learned about Ramnit's likelihood to be a FP. And... again without > connecting to the Internet, Windows 10, particularly in dnsapi.dll seems > already infected by Win.Trojan.Shopperz. After a little reading around > the Internet I'm getting to think this is yet another FP. > > Being that the FPs handling system in ClamAV seems to be a bit > stalled... I would actually risk going ahead with disregarding it as > such but ... I want an on-access virus scanner on Windows. My ISP > happens to recently have made available a free subscription to Panda > Antivirus and I'd like to take on that offer. But the downloaded > installer is reported by ClamAV as infected. > I uploaded it to VirusTotal and this was the result: > https://www.virustotal.com/en/file/f183a4a6cd5afc5f134bd718dffa3e79d7a5aa6c501b7a792eaf37903f454f55/analysis/1455647361/ > (only ClamAV reports it as infected and there is no conclusive answer > otherwise). > > So, I'd appreciate some advice on whether I'd likely be OK with > proceeding to connect to the Internet with the already installed Windows > 10 and said Panda Antivirus to be installed prior to connecting to the > Internet. > Also, if there is anything I might help with (as far as submitting files > is concerned (I'm hardly knowledgeable enough for anything else), please > let me know. > > Regards, > JD
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
