Hi, In a mostly OS X environment running gruntworks on client machines, clamav scans are finding things like ‘hacktool.crack.someprogram’. Would this be considered a PUA by the clamav team or is it just a naming convention for something more malicious? More generally is there anywhere I could search the tagged names and get a one line description of what clamav found. For example another scan found ‘W97M.Thus.A’ and a quick google search gives a symantec writeup: "W97M.Thus.A is a simple macro virus that infects Word 97 documents. It has a payload that triggers on December 13th which will try to delete all files and subdirectories from the root of the C: drive. This virus will also disable the macro virus protection in Word 97.”
Does clamav maintain anything similar? Thanks for any help, and thanks for the great tool! Steven _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
