Server Software and Configuration Services
cxs False Positives
We had a corrupt daily update of the cxs signatures that is causing problems for some users. If you are seeing a problem with detections, please do the following immediately:
rm -fv /etc/cxs/new.fp cxs -U service cxswatch restart
If you need to perform a bulk restore from quarantine due to this issue:
Depending on the location of your quarantine, the following should work:
find /home/quarantine/cxsuser/ -type f -exec cxs --qrestore {} \;
You will get messages about “Restore failed – Restore file not found” which you can ignore.
Note: The destination file must _not_ exist otherwise the restore for the file will fail.