Ubuntu
clamtk package

ClamTk false positives?

Asked by digitaldac

I downloaded ClamTk, and while doing a full scan of the file system, it says that it detects viruses on my Ubuntu install. These are files outside my home directory. I assume that since I only default to read access to these folders that it's a false positive. The program marks the files as quarantined, but does not seem to move them to the quarantined repository... again, I assume because it's a system folder that it doesn't have access to?

example of suspect files: log files in folder "/var/log/gdm"

I dual boot this pc between ubuntu and vista, and I'd like to make sure that no viruses make their way to the vista partition. Is there any reason to scan files outside the home directory? Am I the only one who gets these seemingly false (hopefully) alerts from ClamTk, or is this common for the program?

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu clamtk Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
digitaldac (dennis-chung) said : 		#1

another example of suspected virus files by ClamTk:

etc files in "/var/lib/ucf/cache"

and 2 of the files appear to have been created by ClamAV. Why would an antivirus program think it's own created files are viruses... unless they are?

Revision history for this message
Andre Mangan (kyphi) said : 		#2

These are most likely to be test files. Any self-respecting AV programme will generate a self test or two.

Save your paranoia for Vista - that is where you should have all your defences. Viruses will not transfer unwittingly from Ubuntu to Vista if you have some good barriers up. Inversely, no viruses will migrate from Vista to Ubuntu.

Revision history for this message
Dave M (dave-nerd) said : 		#3

Have you tested that directory with 4.08? That problem should be fixed in that version. Thanks.

Can you help with this problem?

Provide an answer of your own, or ask digitaldac for more information if necessary.

To post a message you must log in.