[clamav-users] rkhunter : hopefully a false-positive
Al Varnell
alvarnell at mac.com
Wed Apr 9 09:44:45 UTC 2014
On Wed, Apr 09, 2014 at 02:16 AM, ellanios82 wrote:
>
> Hello List
>
> - today, clamscan advises that rkhunter is infected :
>
> - run on openSuSE 13.01 : rkhunter-1.4.0-8.1.2.x86_64
>
> file permissions :
>
> -rw------- 1 root root 491600 Apr 9 11:16 rkhunter
>
> ………………….
I addressed that earlier this evening. Both are looking for the same two ASCII strings and since rkhunter is a plain text script it’s going to find them there.
You can either exclude it from scan or upload it to the clamAV® false positive page if you believe that’s what it is.
<http://www.clamav.net/sendvirus/> and post the file's MD5 back here.
BTW, rkhunter is at v1.4.2, but will have the same issue.
-Al-
--
Al Varnell
Mountain View, CA
More information about the clamav-users
mailing list