funsec mailing list archives
RE: Sophos OSX/Inqtana-B False Positive - Maybe
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 21 Feb 2006 17:42:25 GMT
Que sera, sera. Business as usual. :-) - ferg -- "Todd Towles" <toddtowles () brookshires com> wrote: It was a false positive, therefore the fix has caused a much larger problem than the trojan, since the vulnerability was fixed in 2005. Low-risk trojan with a high-risk fix... -Todd
-----Original Message----- From: Fergie [mailto:fergdawg () netzero net] Sent: Tuesday, February 21, 2006 10:22 AM To: Todd Towles Cc: funsec () linuxbox org Subject: Re: [funsec] Sophos OSX/Inqtana-B False Positive - Maybe That was kind of timely: More Mac OS X Malware Identified http://www.f-secure.com/weblog/#00000819 - ferg -- "Todd Towles" <toddtowles () brookshires com> wrote: Virus: 'OSX/Inqtana-B' detected in /System/Library/Extensions/AppleAltiVecDVDDriver.bundle/Conten ts/MacOS/m p2decv.bundle/Contents/Resources/mp2decvbin2 File deleted Virus: 'OSX/Inqtana-B' detected in /System/Library/Extensions/AppleVADriver.bundle/Contents/Resou rces/mp2de cvbin3 File deleted Virus: 'OSX/Inqtana-B' detected in /Applications/Microsoft Office 2004/Office/ShMem.bundle/Contents/MacOS/ShMem Error deleting the infected file Virus: 'OSX/Inqtana-B' detected in /Library/Printers/PPD Plugins/AdobePDFPDE.plugin/Contents/MacOS/AdobePDFPDE File deleted ---------------------------------------------------------- We are getting a sample to Sophos right now..just FYI. -Todd -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Sophos OSX/Inqtana-B False Positive - Maybe Todd Towles (Feb 21)
- <Possible follow-ups>
- Re: Sophos OSX/Inqtana-B False Positive - Maybe Fergie (Feb 21)
- RE: Sophos OSX/Inqtana-B False Positive - Maybe Todd Towles (Feb 21)
- RE: Sophos OSX/Inqtana-B False Positive - Maybe Fergie (Feb 21)