We have a fair amount of clients running Vipre anti-virus and we received a bunch of warnings this morning that over 6 of our clients were infected with a “Trojan Downloader”. Vipre found it and quarantined it, but we wanted to make sure.
It shows up as “Trojan-Downloader.JS.Nemucod.dc (v)”. We contacted Vipre and they confirmed it was a false positive. They said a new definition will be out later today (3.22.2016).
Microsoft says their software can handle this attack. Here is their write-up on this issue.
I hope this helps someone else out there….