This definition is detecting many files that appear to be safe.
Has anyone else seen this?
I have had no luck in getting ClamAV to address false positives in the past.
Files and paths I have seen so far but it seems to increase:
/Library/Application Support/Adobe/Adobe Desktop
Common/ExchangePlugin/ExchangePluginDylib.dylib
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Library/Frameworks/iTunesLibrary.framework/Versions/A/XPCServices/com.apple.iTunesLibraryService.xpc/Contents/MacOS/com.apple.iTunesLibraryService
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Applications/Publisher
Lite.app/Contents/Frameworks/iMedia.framework/Versions/A/iMedia
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Applications/TeX/TeXShop.app/Contents/MacOS/TeXShop
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Applications/Citrix Workspace.app/Contents/Resources/Templates/Citrix
Viewer.app/Contents/Frameworks/ICAServices.framework/Versions/A/ICAServices
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Applications/Citrix
Workspace.app/Contents/Resources/Templates/DockApplication.app/Contents/Frameworks/ICAServices.framework/Versions/A/ICAServices
Osx.Adware.TotalAdviseSearch-7489207-0 FOUN
/Library/Application Support/Citrix Receiver/Citrix Workspace
Updater.app/Contents/Frameworks/ICAServices.framework/Versions/A/ICAServices
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
usr/local/libexec/ReceiverHelper.app/Contents/Frameworks/ICAServices.framework/Versions/A/ICAServices
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
--
Douglas Stinnette
VCU Technology Services
Endpoint Security Specialist
Virginia Commonwealth University
827-0933
Don't be a phishing victim - VCU and other reputable organizations will
never use email to request that you reply with your password, Social
Security number or confidential personal information. For more details
visit http://go.vcu.edu/phishing or http://phishing.vcu.edu.
Has anyone else seen this?
I have had no luck in getting ClamAV to address false positives in the past.
Files and paths I have seen so far but it seems to increase:
/Library/Application Support/Adobe/Adobe Desktop
Common/ExchangePlugin/ExchangePluginDylib.dylib
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Library/Frameworks/iTunesLibrary.framework/Versions/A/XPCServices/com.apple.iTunesLibraryService.xpc/Contents/MacOS/com.apple.iTunesLibraryService
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Applications/Publisher
Lite.app/Contents/Frameworks/iMedia.framework/Versions/A/iMedia
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Applications/TeX/TeXShop.app/Contents/MacOS/TeXShop
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Applications/Citrix Workspace.app/Contents/Resources/Templates/Citrix
Viewer.app/Contents/Frameworks/ICAServices.framework/Versions/A/ICAServices
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
/Applications/Citrix
Workspace.app/Contents/Resources/Templates/DockApplication.app/Contents/Frameworks/ICAServices.framework/Versions/A/ICAServices
Osx.Adware.TotalAdviseSearch-7489207-0 FOUN
/Library/Application Support/Citrix Receiver/Citrix Workspace
Updater.app/Contents/Frameworks/ICAServices.framework/Versions/A/ICAServices
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
usr/local/libexec/ReceiverHelper.app/Contents/Frameworks/ICAServices.framework/Versions/A/ICAServices
Osx.Adware.TotalAdviseSearch-7489207-0 FOUND
--
Douglas Stinnette
VCU Technology Services
Endpoint Security Specialist
Virginia Commonwealth University
827-0933
Don't be a phishing victim - VCU and other reputable organizations will
never use email to request that you reply with your password, Social
Security number or confidential personal information. For more details
visit http://go.vcu.edu/phishing or http://phishing.vcu.edu.