Tomasz:The problem is that /proc/kcore is a copy of the RAM in use on your system. As clamav is running, looking for patterns assosiated with viruses, scanning /proc/kcore will *ALWAYS* find a virus - as the pattern it is searching for *is in memory*
Thanks for your response, but I still have a question:
OK, so clamd, clamscan and clamdscan should ignore files in //proc. Is there *really* a trojan in //proc/kcore or is this some anomaly that I can just ignore?
There was a joke years ago now where some cheeky sod started a rumor that Linux was written by devil-worshippers, because if you went:
grep "satan" /proc/kcore
you got a match! Got quite a few bites too as I recall :-)
-- Cheers
Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
-------------------------------------------------------
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
