[BRLTTY] malware was Re: 5.4 has been released.

[Chevelle]

On 6/28/2016 11:29 PM, Dave Mielke wrote:
> [quoted lines by Chevelle on 2016/06/28 at 23:05 -0400]
>
>> I downloaded brltty-win-5.4-1-libusb-1.0.exe. Microsoft Security
>> Essentials flags Win32/Maltule.c!cl; as a threat.  Not sure if it is,
>> but I let it remove it.
> Googling it says that it's a Trojan that can do ransomware. Doesn't look good.
> Thank you for reporting it.
>
> Are you able to safely check out the 5.4 libusb .exe to see if it, too, has it?
> Also, if you don't mind and only if you can safely do it, I'd appreciate it if
> you could also check out our earlier .exe files to see if this is a
> long-standing problem or if it's new to 5.4.

> Two earlier files brltty-win-5.3.1-1-libusb.exe
> brltty-win-5.3.1-41-libusb-1.0 are on my system, and don't seem to be infected.
Maybe your Linux distribution has a package for 'clamav' or Clam. You 
could install it and see if it can detect this 'maltule' or anything 
else.  Once the package is installed, you can say something like 
'freshclam' to update the database.  Then you can scan via the command line.
  From what I read you type this:
"To check all files on the computer, but only display infected files and 
ring a bell when found: clamscan -r --bell -i / "
Not sure if that will work or not but it might be worth a try.
There is also a 'clamwin' or something similar for Windows.