Then you need to report that as a False Positive by uploading dnsapi.dll to http://www.clamav.net/reports/fp. If you joint the clamav-virusdb list you will be notified when it’s been taken care of.
-Al- -- Al Varnell ClamXav User On Feb 17, 2016, at 10:24 AM, JD Ackle <jdali...@yahoo.com.br> wrote: > Concerning the Shopperz detection, I got it on a Windows system file ( > C:\Windows/System32/dnsapi.dll ) and the its full name is: > Win.Trojan.Shopperz-381dnsapi.dll is a Windows system file without which > Windows will not connect to the Internet (at least on my WiFi setup).ClamAV > also detected Sopperz-381 on the same file, in a different location (cached?) > on the same Windows system: > Windows/WinSxS/amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10586.0_none_22114c18cd7ccd17/dnsapi.dllThe > first time I ran ClamAV on these files (first scan = detection) was > immediately after installing Windows 10 from a DVD burned with an ISO file > downloaded from Microsoft's site. After my first login to that Windows system > I rebooted to a Linux Live DVD (NO network connection was made until after > booting Linux - which I performed in order to install ClamAV and run > freshclam).VirusTotal thinks it's "probably harmless" but Antiy-AVL agrees > with ClamAV that it contains a > Trojan:https://www.virustotal.com/en/file/b51a82ed2d45855ea9018b6269931ca62f3dc430fd513c7e751fc2cb76014bab/analysis/1455724650/ > FYI at least since version 8 of Windows, there is this Microsoft Shop > application that enables you to download free/bought software - I'm guessing > there might me some code in dnsapi.dll facilitating that feature.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
