I am not an expert in information security. I am running Lubuntu on a laptop. Today, I ran
chkrootkit and it printed the following:
INFECTED: Possible Malicious Linux.Xor.DDoS installed /tmp/clamav-71d2ee99f7e011424ab238571d720a88.tmp
I did run
clamscan. This is the first time I have seen this notice. I could not find any other reporting on it. Is this a known false positive, or does it represent a genuine intrusion — and if it is the latter, is the proper response to just go in and delete that .tmp file?