Thanks. These are all mine. I'll drop the FPs right away.
On Wed, Feb 12, 2014 at 12:06 AM, Al Varnell <alvarn...@mac.com> wrote: > I very much appreciate the obvious hard work from the signature team in > more than doubling the number of OSX signatures in the database today. > > Unfortunately it would appear that several of them are false positives > that are identifying a significant number of Applications and components of > the Operating System as infected. Results are flying in, but I thought I > should give you initial results now, before too much damage is done. I am > guessing that since some of them are identified as Unix executables, this > will be a cross-platform issue. > > Osx.Virus.Sniperspy-1: > /Applications/Adobe Photoshop Elements 8/Adobe Photoshop Elements.app > /Applications/Adobe Photoshop Elements > 8/Locales/en_US/Plug-Ins/ExportModules/save for web(pse).plugin > /Applications/Utilities/Adobe Utilities.localized/ExtendScript Toolkit > CS4/ExtendScript Toolkit.app > > /System/Library/PrivateFrameworks/iLifeSlideshow.framework/Versions/A/Frameworks/iLifeSlideshowCore.framework/Versions/A/iLifeSlideshowCore > > /System/Library/PrivateFrameworks/iLifeSlideshow.framework/Versions/A/Frameworks/iLifeSlideshowProducer.framework/Versions/A/iLifeSlideshowProducer > /Applications/Adobe Reader.app > /Applications/Adobe Acrobat 9 Pro/Adobe Acrobat Pro.app > /Applications/Adobe Device Central CS5/Adobe Device Central > CS5.app/Contents/Frameworks/Players/FlashLite/FL40/Flashlite.bundle > /Applications/Adobe Device Central CS5/Adobe Device Central > CS5.app/Contents/Frameworks/Players/FlashLite/FL40/Flashlite_Pix8888_32.bundle > /Applications/Adobe Flash CS5/Adobe Flash CS5.app > /Applications/TomTom > HOME.app/Contents/Frameworks/XUL.framework/plugins/JavaEmbeddingPlugin.bundle > /usr/bin/qtdefaults > > Osx.Backdoor.Blackhole-3: > /Applications/Apimac Timer.app > /Applications/Mactracker.app > /Applications/SQLiteManager.app > /Applications/iBoard.app > > Osx.Virus.Clapzok-3 > /bin/cp > > Osx.Virus.Clapzok-2 > /bin/ls > > I'll submit what I can to the FP site, but even if Alain gives permission > to submit more than two files a day, I doubt that we'll be able to get them > all to you in a timely manner. > > > -Al- > -- > Al Varnell > Mountain View, CA > > > > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > http://www.clamav.net/support/ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
