ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
Probably false alarm on multi "omni.ja" of differe

Joined: 25 Apr 2014
Posts: 14
Reply with quote
Hi All !

My last scan, using clamav 0.99.1, this day returns some files named
"omni.ja". Looks like, more or less all my browsers use it, like firefox and palemoon
and they are all located within the brwoser profile directory tree.
For example:
>C:\Program Files\Pale Moon\browser\omni.ja: Html.Exploit.CVE_2017_8757-6336185-0 FOUND<
I restored the files from backup, even month ago, but they all look infected.
That probably a wrong alarm, because my scans run all around the clock
and would have found them earlier.

The database update is:

Downloading daily-23928.cdiff [100%]
daily.cld updated (version: 23928, sigs: 1748676, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 313, sigs: 73, f-level: 63, builder: neo)
Database updated (6314998 signatures) from (IP:

I uploaded the file to virustotal and they say, everything is fine with it!

Anyone out there, having the same problem?
For me, this looks like a problem with the signatures, but I am not sure.

Thanks anyway,

Windows Server 2008 R2, en
clamav 0.99.1
View user's profileSend private message

Joined: 09 Jul 2006
Posts: 4253
Location: USA
Reply with quote
You can probably believe Virus Total. So Clam AV did not detect anything during the Virus Total scan? ClamWin uses the Clam AV scan engine and virus signatures. It does not have any detection of its own.

If there is nothing wrong with the file and ClamWin detects it but Clam AV does not detect it, then there must be something unique about the file. At any case, you should whitelist the file in ClamWin's Preferences, Tools, Filters, Exclude matching filenames. Check the ClamWin Help file for further information.

By the way, for best protection, the ClamWin developers recommend that you run a real-time AV and use ClamWin as a backup scanner.

Thanks for using ClamWin!
View user's profileSend private message
Probably false alarm on multi "omni.ja" of differe
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

 Reply to topic