[clamav-users] Report descriptions

Al Varnell alvarnell at mac.com
Wed Nov 21 12:03:37 UTC 2018


Unfortunately, ClamAV does not normally make that information public and the possible record of it's meaning would be in the signature writer's notes.

About the only thing you can do is do a Google search on the infection name in quotes followed by site:virustotal.com <http://virustotal.com/>.

For the one you cited there is <https://www.virustotal.com/en/file/04c450d67d4324ed245ce9e73c95bdcfad2bb64bab1887e1a22c37f372dc9260/analysis/1498573971/ <https://www.virustotal.com/en/file/04c450d67d4324ed245ce9e73c95bdcfad2bb64bab1887e1a22c37f372dc9260/analysis/1498573971/>> for instance. Then you can check some of the other scanners for what they call that infection for more details.

-Al-
ClamXAV User

On Wed, Nov 21, 2018 at 03:20 AM, Giorgi Kakhabrishvili wrote:
> Dear Sir/Madam 
> 
> Can you tall me where can I find descriptions of ClamAV report? I mean if for example I'll get report that file is infected and it's  "Win.Trojan.MSShellcode-7", what does it mean? what kind of malicious behavior it have? Is there any catalog or something like that, where I'll be able to check it out?   
> 
> Best regards 
> Giorgi Kakhabrishvili
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20181121/44beeee7/attachment.htm>


More information about the clamav-users mailing list