Re: [clamav-users] Can ClamAV detect LKM rootkits?

Hi Zhuang, You already mentioned kernel and application types of rootkits, so you probably already understand this - but I wanted to chime in since you specifically mentioned different types of rootkits. The TL;DR is that ClamAV is not a rootkit detector, and does not inspect and scan the runn

Re: [clamav-users] Can ClamAV detect LKM rootkits?

ClamAV will detect all forms of malware on all platforms that it is aware of. Thousands of samples of existing malware are received by them daily from a variety of sources, none more valuable than users like you. Please submit Adore-ng to . Sent from my iP

[clamav-users] Can ClamAV detect LKM rootkits?

Hey guys, I've tested two types of rootkits with ClamAV. Adore-ng(kernel level) & Mafix(application level) Well, virus implanted by Mafix were completedly detected : /usr/bin/md5sum: Unix.Malware.Agent-6005569-0 FOUND /usr/bin/find: Win.Trojan.U-110 FOUND /usr/bin/pstree: Win.Trojan.Rootkit-5