funsec mailing list archives
Sophos OSX/Inqtana-B False Positive - UPDATE
From: "Todd Towles" <toddtowles () brookshires com>
Date: Tue, 21 Feb 2006 11:39:12 -0600
UPDATE - 11:37AM Central Sophos has pulled with IDE and confimed it was a false positive. Expect a new IDE within 45 mins. -Todd
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Todd Towles Sent: Tuesday, February 21, 2006 10:03 AM To: funsec () linuxbox org Subject: [funsec] Sophos OSX/Inqtana-B False Positive - Maybe Virus: 'OSX/Inqtana-B' detected in /System/Library/Extensions/AppleAltiVecDVDDriver.bundle/Conten ts/MacOS/m p2decv.bundle/Contents/Resources/mp2decvbin2 File deleted Virus: 'OSX/Inqtana-B' detected in /System/Library/Extensions/AppleVADriver.bundle/Contents/Resou rces/mp2de cvbin3 File deleted Virus: 'OSX/Inqtana-B' detected in /Applications/Microsoft Office 2004/Office/ShMem.bundle/Contents/MacOS/ShMem Error deleting the infected file Virus: 'OSX/Inqtana-B' detected in /Library/Printers/PPD Plugins/AdobePDFPDE.plugin/Contents/MacOS/AdobePDFPDE File deleted ---------------------------------------------------------- We are getting a sample to Sophos right now..just FYI. -Todd _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Sophos OSX/Inqtana-B False Positive - UPDATE Todd Towles (Feb 21)