Good Morning,
> Here are some other signatures that create many messages:
>
> Html.Malware.Agent-6625159-0
> Html.Malware.Agent-6625162-0
> Html.Malware.Agent-6625209-0
These stopped being reported this morning at around 04:00 our time (CEST).
Currently, there is one signature left which I beli
How long as this been going on?
What is your database set?
What version of ClamAV are you using?
Are you using the VirusEvent hook?
I've searched the code base high and low and can't find any reasonable excuse
why the virus name would be "(null)". There is one reference, but it only uses
"(null
Hi Joel,
> >> The reported files are mostly jar files used by our applications
> >> (e.g. httpclient-*.jar, httpcore-*.jar in different versions). These
> >> are the signatures which produce most of the reports:
> >> Html.Malware.Agent-6625161-0
> >> Html.Malware.Agent-6625163-0
> >> Html.Malware.
I am dropping these signatures now.
> On Aug 1, 2018, at 9:57 AM, David Rosenstrauch wrote:
>
>
>
> On 07/31/2018 04:53 AM, Albrecht, Peter wrote:
>> Hello,
>> Since Saturday (2018-07-28) we are seeing many reports from clamscan having
>> found (possibly) infected files. I suspect these are fa
On 07/31/2018 04:53 AM, Albrecht, Peter wrote:
Hello,
Since Saturday (2018-07-28) we are seeing many reports from clamscan having
found (possibly) infected files. I suspect these are false positives because
checking
the files on virustotal.com returns only clamav reporting them as infected.
Hi,
we have ScanOnAccess and OnAccessExtraScanning activated. When I open firefox I
get a lot of messages written to /var/log/messages every couple of seconds:
Aug 1 12:07:02 hostname1 clamd[4051]: ScanOnAccess:
/home/user1/.cache/mozilla/firefox/0pnt0qc2.default/cache2/entries/3F5C8E984584F19
