[clamav-users] Osx.Malware.Agent-5505694-0
Al Varnell
alvarnell at mac.com
Wed Jan 11 23:42:18 UTC 2017
Subject signature was added by daily - 22865 and then removed by daily - 22869.
[daily.hsb] 52960200bf989064d77f0a158180e4ac:1101744:Osx.Malware.Agent-5505694-0:73
VirusTotal indicates that 14/54 other scanners believe this to be Malware (one of multiple variants of Advanced Mac Cleaner):
<https://www.virustotal.com/en/file/ef5d8a5e115fb8dc047b5af9aaee05200b7f09b7239de89d068d7fd7c318bf3d/analysis/>.
One of many articles about this Malware (at a minimum PUA/PUP) can be found at "PCVARK plays dirty"
<https://blog.malwarebytes.com/threat-analysis/2016/08/pcvark-plays-dirty/>.
There have been no reports of False Positives to date involving this signature by ClamXav users.
Can the ClamAV signature team share with us why it was removed?
-Al-
--
Al Varnell
Mountain View, CA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3573 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20170111/48ca4f19/attachment.bin>
More information about the clamav-users
mailing list