[clamav-users] Osx.Trojan.AppleJeus-6667011-1 False Positive
Alain Zidouemba
azidouemba at sourcefire.com
Sun Sep 2 12:08:52 UTC 2018
The next CVD should correct this FP. Thanks for reporting.
- Alain
On Sun, Sep 2, 2018 at 5:18 AM, Al Varnell <alvarnell at mac.com> wrote:
> Found in the current (and probably several previous versions) of Skype for
> Mac.
>
> Found here /Applications/Skype.app/Contents/Frameworks/Electron
> Framework.framework/Versions/A/Libraries/libnode.dylib.
>
> I've confirmed that all signature strings are present in this file.
>
> FP form keeps telling me I haven't chosen the file when it's clearly shown
> next to the "Choose File" button.
>
> MD5 is 397f54f5c906b62e0f3f75712c2b568d:18137760:libnode.dylib, but not
> sure what good that will do if I can't upload it.
>
> Looks like someone has uploaded it to Virus Total:
> <https://www.virustotal.com/#/file/d6f94b5bcab619019117cae320e947
> 2de5c9c22b90f4c31d18c621c777065148/detection>
>
> -Al-
> --
> Al Varnell
> Mountain View, CA
>
>
>
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20180902/2a64a37e/attachment.htm>
More information about the clamav-users
mailing list