Sorry for all the confusion. My testing earlier today was in error. OpenSSH version 7.2_p2 is in fact included with macOS Sierra 10.12 and includes the ssh-agent process which tests as infected with Win.Trojan.Agent-1760811 and is therefore a False Positive.
I have submitted it to the web site at this time and has an MD5 of 3cbe857b1bc267fb8fa5da3856008ddd. Virus Total shows only ClamAV detection: <https://www.virustotal.com/en/file/7815ec173d45abb2606c718fc1261bb4309254daa7b474e87541c6dc19dc934c/analysis/>. This is the third FP submitted in the last two days where ClamAV is the only scanner on VT showing infection of a legitimate commercial software file, so I have to wonder if there is some systemic issue with the signature automation process now. -Al- On Tue, Oct 11, 2016 at 08:11 PM, Al Varnell wrote: > > Heard back from one user that they have OpenSSH_7.2p2, LibreSSL 2.4.1 > installed, which is not part of any standard OS X/macOS installation. I know > where I can get 7.2p1 (MacPorts) but no idea where his 7.2p2 came from. > > -Al- > > On Tue, Oct 11, 2016 at 06:56 PM, Al Varnell wrote: >> >> Sorry, I misidentified ssh-agent as part of OpenSSL. It’s actually a >> component of SSH that’s included with OS X/macOS. >> >> I’m still trying to track down a sample of the version involved here. >> >> -Al- >> >> On Tue, Oct 11, 2016 at 06:39 PM, Al Varnell wrote: >>> >>> I do not have a sample of ssh-agent to upload yet, so with nothing to >>> upload, I cannot file. >>> >>> The MD-5 of the file is the signature. >>> >>> Sent from Janet's iPad >>> >>> -Al-
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml