On Wed, Apr 09, 2014 at 02:16 AM, ellanios82 wrote: > > Hello List > > - today, clamscan advises that rkhunter is infected : > > - run on openSuSE 13.01 : rkhunter-1.4.0-8.1.2.x86_64 > > file permissions : > > -rw------- 1 root root 491600 Apr 9 11:16 rkhunter > > ………………….
I addressed that earlier this evening. Both are looking for the same two ASCII strings and since rkhunter is a plain text script it’s going to find them there. You can either exclude it from scan or upload it to the clamAV® false positive page if you believe that’s what it is. <http://www.clamav.net/sendvirus/> and post the file's MD5 back here. BTW, rkhunter is at v1.4.2, but will have the same issue. -Al- -- Al Varnell Mountain View, CA _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
