Hi All !

My last scan, using clamav 0.99.1, this day returns some files named
"omni.ja". Looks like, more or less all my browsers use it, like firefox and palemoon
and they are all located within the brwoser profile directory tree.
For example:
>C:\Program Files\Pale Moon\browser\omni.ja: Html.Exploit.CVE_2017_8757-6336185-0 FOUND<
I restored the files from backup, even month ago, but they all look infected.
That probably a wrong alarm, because my scans run all around the clock
and would have found them earlier.

The database update is:



I uploaded the file to virustotal and they say, everything is fine with it!

Anyone out there, having the same problem?
For me, this looks like a problem with the signatures, but I am not sure.

Thanks anyway,
Manfred

Using:
Windows Server 2008 R2, en
clamav 0.99.1

You can probably believe Virus Total. So Clam AV did not detect anything during the Virus Total scan? ClamWin uses the Clam AV scan engine and virus signatures. It does not have any detection of its own.

If there is nothing wrong with the file and ClamWin detects it but Clam AV does not detect it, then there must be something unique about the file. At any case, you should whitelist the file in ClamWin's Preferences, Tools, Filters, Exclude matching filenames. Check the ClamWin Help file for further information.

By the way, for best protection, the ClamWin developers recommend that you run a real-time AV and use ClamWin as a backup scanner.

Thanks for using ClamWin!