ClamAV results....thoughts welcome/needed...
my scan today listed the following:
/boot/vmlinux-2.6.18.8-0.7-default.gz Broken.Executable Status=Loose "vmlinux-2.6.18.8-0.7-default.gz is a damaged executable. Some viruses use this to conceal themselves" ...isnt vmlinux the "kernel"?...is this a false positive?...if not, should I let clamAV quantine(sp?) this file?...will my machine boot if I do?....thoughts please....and thanks. |
Usually this file is called /boot/vmlinuz (note the Z not an X at the end). Is there a /boot/vmlinuz present?
Further, what is your boot loader actually booting? If you're using GRUB, check /boot/grub/menu.lst, if you're using LILO, check /etc/lilo.conf and look for the vmlinuz or vmlinux text. I wouldn't suggest quarantining the file if it is indeed vmlinux. Could just be a false positive. |
derxob....I should have looked closer...
...within my /boot directory there is vmlinuz, vmlinuz-2.6.18.8-0.7-default and the file I mention (gz file)....vmlinuz is a link that points to the vmlinuz-2.6.18.8-0.7-default file and I believe the .gz file is an update to my kernel (left behind after the update).
I Googled the gz filename and saw several links that mentioned it as being an update from a previous kernel...so essentially its a file left over from an update/upgrade and is very small in size so I'm just leaving it as is...nothing broke so dont fix it...thanks for taking the time to reply...have a great Linux day! :) |
All times are GMT -5. The time now is 09:08 AM. |