I received 1 Daily mail: abrt clamav: clamscan killed by SIGABRT
Code: Select all
reason: clamscan killed by SIGABRT
cmdline: /usr/bin/clamscan --quiet -d /var/lib/clamav-unofficial-sigs/dbs-yara/antidebug_antivm.yar /var/lib/clamav-unofficial-sigs/configs/scan-test.txt
executable: /usr/bin/clamscan
package: clamav-0.103.0-1.el7
component: clamav
ABRT has detected 1 problem(s). For more info run: abrt-cli list --since 1607890240
[root@efa ~]# abrt-cli list --since 1607890240
Code: Select all
id ba125ac796d8a81c1f36c56adr5j85d01506ed0487231
reason: clamscan killed by SIGABRT
time: Sun 13 Dec 2020 04:16:28 PM CET
cmdline: /usr/bin/clamscan --quiet -d /var/lib/clamav-unofficial-sigs/dbs-yara/antidebug_antivm.yar /var/lib/clamav-unofficial-sigs/configs/scan-test.txt
package: clamav-0.103.0-1.el7
uid: 0 (root)
count: 2
Directory: /var/spool/abrt/ccpp-2020-12-13-16:16:28-26686
Solution DISABLE antidebug_antivm/antidebug_antivm.yar
Code: Select all
/etc/clamav-unofficial-sigs//master.conf
Code: Select all
# Anti debug and anti virtualization techniques used by malware
#antidebug_antivm/antidebug_antivm.yar|LOW
antidebug_antivm/antidebug_antivm.yar|DISABLED # (core dumped)