--- /root/chkrootkit.orig	2010-02-06 15:57:55.438505179 +0100
+++ /usr/sbin/chkrootkit	2010-02-06 16:29:50.250504495 +0100
@@ -730,6 +730,25 @@
 
    files=`${find} ${DIR} -name ".[A-Za-z]*" -o -name "...*" -o -name ".. *"`
    dirs=`${find} ${DIR} -type d -name ".*"`
+
+   # filter excludes
+   if [ -n "${EXCLUDES}" ]; then
+      for name in $files; do
+         for exclude in $EXCLUDES; do
+            if [ $name = $exclude ]; then
+               files="$(echo "$files"|grep -Ev "^$name\$")"
+	    fi
+         done
+      done
+      for name in $dirs; do
+         for exclude in $EXCLUDES; do
+            if [ $name = $exclude ]; then
+               dirs="$(echo "$dirs"|grep -Ev "^$name\$")"
+	    fi
+         done
+      done
+   fi
+
    if [ "${files}" = "" -a "${dirs}" = "" ]
       then
       if [ "${QUIET}" != "t" ]; then echo "nothing found"; fi
@@ -738,24 +757,8 @@
           printn "The following suspicious files and directories were found:"
       fi
       echo
-
-       if [ -n "${EXCLUDES}" ]; then
-           for name in $files; do
-             for exclude in $EXCLUDES; do
-                   if [ $name = $exclude ]; then continue 2; fi
-               done
-               echo $name
-           done
-           for name in $dirs; do
-             for exclude in $EXCLUDES; do
-                   if [ $name = $exclude ]; then continue 2; fi
-               done
-               echo $name
-           done
-       else
-           echo ${files}
-           echo ${dirs}
-       fi
+      echo ${files}
+      echo ${dirs}
    fi
 
    ### LPD Worm