ClamAV is detecting malware

Are these false positives?
Shall I remove them?

The two PDF files appear to be fine on my other laptops (Windows 8.1 and Windows 10). I have copies of these 2 files in both of them, one has Norton Internet Security, and another has Kaspersky 2018- none of them find a problem with those files. I don’t know about the others.

Suggestions please?

I don’t use clamav but it would seam that it detects embedded javascript in those pdf’s javascript can be useful but it’s also a possible exploit
I’d suggest you check those files at virustotal
afaik clamav detects all embeded javascripts in pdf as threats
as you can see it even detects macro’s in libreoffice documents as threats
if they’re fine open a false positive report with clamav
but don’t expect anything to change regarding pdf you could disable pdf scanning

First off, sorry for the delay in replying- have been real busy @ work.

Did some research, and turns out these are either Windows exploits, or false positives, and don’t pose a risk to the current opensuse installation. Installing an A/V is mostly unnecessary in opensuse (except in certain situations- like using the computer as a server to Windows systems). Having a real-time malware scanner in opensuse is like wearing sunglasses at night to protect your eyes from UV rays in the moonlight- kind of pointless.

The best practices for opensuse- use official/ trusted repositories, update the system regularly, and avoid running a GUI session as root unless absolutely necessary.

While I do have Windows laptops, and I do share files with them, my opensuse system is not a server- I share files using external hard drives. The Windows computers have anti-malware installed on them, and the files I share are mostly music/videos/pictures, etc, not .exe files.

These warnings can be safely ignored.

I’m not uninstalling clamav, but I’ve turned off realtime protection. Perhaps I’ll run a manual scan of the ~ directory once every 6 months, can’t hurt.

Thanks for the links I_A, your links sparked up my interest about malware in Linux and improved my understanding of the situation. :good:

That is of course not new and posted in a lot of other threads over time.

The lack of Clamav (and similar products) users here most probably explains why so few people answered to your thread :wink: