Clamav found a Win.Trojan.Maljava-2 right after the installation

frank4fun · 23 March 2022 08:12

Good morning community.
Yesterday I installed manjaro 21.2.5 with kde plasma.
Right after updating the system, I installed clamav and ran a full system scansion using

sudo clamscan --recursive --infected --remove --max-filesize=4000M --max-scansize=4000M /

after a while, pamac returned the following line in the terminal:

/tmp/pamac/dbs/sync/community.files: Win.Trojan.Maljava-2 FOUND
/tmp/pamac/dbs/sync/community.files: Removed.

since it’s in the /tmp folder, I suppose that clamav didn’t delete something important, so… was "this detection a false positive?

linux-aarhus · 23 March 2022 08:32

That is a false positive.

And the file is - kind of - important to the Add Remove Software app - it will be fetched again on next run.

Linux != Windows - and unless you are being reckless - like running a virus scanner with sudo priviliges or any other apps for that matter - your system is safe.

Linux is not a major target for malware - but in the unlikely case you should be hit by a malware - it would only have write access to the files for which your user have write access.

So never run apps/scripts with sudo permissions - unless strictly required to modify system files.

megavolt · 23 March 2022 08:37

Same issue here: ClamAV False Positives? · Issue #5 · clamwin/clamav · GitHub

It is a false postive, because it is a big compressed text file. Nothing executable in it.

frank4fun · 23 March 2022 09:26

Thanks.

frank4fun · 23 March 2022 09:31

Ok. I’ll be more carefull from now on. Thanks.

system · 25 March 2022 23:31

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.