I have clam doing a scan of my home dir in the wee hours every morning, and I noted that it was burning up first one core, then the next in my phenom just now.
So I tailed the log just for S&G: /home/gene/.wine/drive_c/Program Files/Google/Google SketchUp 8/BsSndRpt.exe: PUA.Win32.Packer.SetupExeSection FOUND /home/gene/.kde/tmp-coyote/kmailn16717.tmp: PUA.Win32.Packer.Upx-28 FOUND /home/gene/src/pcbgcode/viewer/application.windows/viewer.exe: PUA.Win32.Packer.MingwGcc-2 FOUND /home/gene/src/HeeksCNC/unins000.exe: PUA.Win32.Packer.Vip FOUND /home/gene/eagle/ulp/opti.exe: PUA.Win32.Packer.Upx-53 FOUND /home/gene/eagle/ulp/viewer/application.windows/viewer.exe: PUA.Win32.Packer.MingwGcc-2 FOUND /home/gene/Downloads/DriveWire4_4.1.0.zip: PUA.Win32.Packer.MingwGcc-2 FOUND /home/gene/Downloads/Download/MWPNT10N.86A.0113.BI.ZIP: PUA.Win32.Packer.Exepack FOUND /home/gene/Downloads/Download/pcb/viewer/application.windows/viewer.exe: PUA.Win32.Packer.MingwGcc-2 FOUND /home/gene/Downloads/Download/KindleForPC-installer.exe: PUA.Win32.Packer.Psadobefont FOUND /home/gene/Downloads/Download/viewer/application.windows/viewer.exe: PUA.Win32.Packer.MingwGcc-2 FOUND /home/gene/Downloads/Download/MWPNT10N.86A.0122.BI.ZIP: PUA.Win32.Packer.Exepack FOUND /home/gene/Downloads/Download/opti_8_1_08_2209.zip: PUA.Win32.Packer.Upx-53 FOUND /home/gene/Downloads/Download/pcb-gcode-3.5.2.11.zip: PUA.Win32.Packer.MingwGcc-2 FOUND /home/gene/Downloads/Download/d525mwbios/IFLASH2.EXE: PUA.Win32.Packer.Exepack FOUND Several of those are either eagle, heekscad or various PC bios update packs, including the bios that is in this machine. I'd almost bet a bottle of your fav brew these are false positives. What say you? Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: <http://coyoteden.dyndns-free.com:85/gene> is up! After the last of 16 mounting screws has been removed from an access cover, it will be discovered that the wrong access cover has been removed. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
