Sophos OSX/Inqtana-B False Positive - UPDATE

["Todd Towles" <toddtowles () brookshires com>]

UPDATE - 11:37AM Central

Sophos has pulled with IDE and confimed it was a false positive. Expect
a new IDE within 45 mins.

-Todd

> -----Original Message-----
> From: funsec-bounces () linuxbox org 
> [mailto:funsec-bounces () linuxbox org] On Behalf Of Todd Towles
> Sent: Tuesday, February 21, 2006 10:03 AM
> To: funsec () linuxbox org
> Subject: [funsec] Sophos OSX/Inqtana-B False Positive - Maybe
>
> Virus:        'OSX/Inqtana-B' detected in
> /System/Library/Extensions/AppleAltiVecDVDDriver.bundle/Conten
> ts/MacOS/m
> p2decv.bundle/Contents/Resources/mp2decvbin2
>       File deleted
>
> Virus:        'OSX/Inqtana-B' detected in
> /System/Library/Extensions/AppleVADriver.bundle/Contents/Resou
> rces/mp2de
> cvbin3
>       File deleted
>
> Virus:        'OSX/Inqtana-B' detected in 
> /Applications/Microsoft Office
> 2004/Office/ShMem.bundle/Contents/MacOS/ShMem
>       Error deleting the infected file
>
> Virus:        'OSX/Inqtana-B' detected in /Library/Printers/PPD
> Plugins/AdobePDFPDE.plugin/Contents/MacOS/AdobePDFPDE
>       File deleted
>
> ----------------------------------------------------------
>
> We are getting a sample to Sophos right now..just FYI.
>
> -Todd
>
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.