Hi All !

My last scan, using clamav 0.99.1, this day returns some files named
"omni.ja". Looks like, more or less all my browsers use it, like firefox and palemoon
and they are all located within the brwoser profile directory tree.
For example:
>C:\Program Files\Pale Moon\browser\omni.ja: Html.Exploit.CVE_2017_8757-6336185-0 FOUND<
I restored the files from backup, even month ago, but they all look infected.
That probably a wrong alarm, because my scans run all around the clock
and would have found them earlier.I uploaded the file to virustotal and they say, everything is fine with it!
https://showbox.tools/ showbox https://speedtest.vet/ speed test

Anyone out there, having the same problem?
For me, this looks like a problem with the signatures, but I am not sure.

Thanks anyway,
Manfred

Using:
Windows Server 2008 R2, en
clamav 0.99.1

Are you referring to Clam AV for Linux or ClamWin for Window?. These forums are for ClamWin for Windows, although ClamWin uses the Clam AV scanning engine/signatures. The Clam AV signatures get more false positives than most AVs. If Clam Av is the only AV on Virus Total spotting malware, there is a 99.5% possibility that it is malware. You should upload any false positive files to the Clam AV web site (Contact, False Positives) so they can correct their erroneous signature.

Regards,