funsec mailing list archives
Re: Sophos OSX/Inqtana-B False Positive - Maybe
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 21 Feb 2006 16:21:33 GMT
That was kind of timely: More Mac OS X Malware Identified http://www.f-secure.com/weblog/#00000819 - ferg -- "Todd Towles" <toddtowles () brookshires com> wrote: Virus: 'OSX/Inqtana-B' detected in /System/Library/Extensions/AppleAltiVecDVDDriver.bundle/Contents/MacOS/m p2decv.bundle/Contents/Resources/mp2decvbin2 File deleted Virus: 'OSX/Inqtana-B' detected in /System/Library/Extensions/AppleVADriver.bundle/Contents/Resources/mp2de cvbin3 File deleted Virus: 'OSX/Inqtana-B' detected in /Applications/Microsoft Office 2004/Office/ShMem.bundle/Contents/MacOS/ShMem Error deleting the infected file Virus: 'OSX/Inqtana-B' detected in /Library/Printers/PPD Plugins/AdobePDFPDE.plugin/Contents/MacOS/AdobePDFPDE File deleted ---------------------------------------------------------- We are getting a sample to Sophos right now..just FYI. -Todd -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Sophos OSX/Inqtana-B False Positive - Maybe Todd Towles (Feb 21)
- <Possible follow-ups>
- Re: Sophos OSX/Inqtana-B False Positive - Maybe Fergie (Feb 21)
- RE: Sophos OSX/Inqtana-B False Positive - Maybe Todd Towles (Feb 21)
- RE: Sophos OSX/Inqtana-B False Positive - Maybe Fergie (Feb 21)