That does not appear to be a well anchored regex.
dp
On 3/12/19 9:15 PM, Al Varnell via clamav-users wrote:
All I can add is some technical information about the signature. I have no
idea what kind of infection it causes and on what platform.
The signature was added to the database by daily -
Thanks for the prompt reply. I’m relieved….
> On Mar 13, 2019, at 10:42, Andrew Williams wrote:
>
> Michael,
>
> The reported detections are likely false positives (I too am seeing matches
> on Chrome cache files). The signature will be dropped soon.
>
> Thanks for bringing this to our atten
All I can add is some technical information about the signature. I have no idea
what kind of infection it causes and on what platform.
The signature was added to the database by daily - 25386 earlier today as an
.ldb. Looking for a single ascii string in any type of file:
> sigtool -fTxt.Trojan
Michael,
The reported detections are likely false positives (I too am seeing matches
on Chrome cache files). The signature will be dropped soon.
Thanks for bringing this to our attention.
-Andrew
Andrew Williams
Malware Research Team
Cisco Talos
On Tue, Mar 12, 2019 at 7:08 PM Michael Newman
Mac OS 10.14.3
I wake up this morning to find that clamav has discovered sixteen instances of
this:
Txt.Trojan.Kryptik-6887991-0 FOUND
Most of these are in Chrome cache files, but a few were in Apple Automator
cache files.
I’ve searched around, but find precious little on this infecting Macs.
