Thank you for the questions.
I've been struggling to figure this out by myself for a few days now. Stubborn, I guess. clamscan is reporting /etc/httpd/modsecurity.d/50_asl_rootkits.conf: Atomicorp.PHP.MassMailer.20101010161701.UNOFFICIAL FOUND. it's listing the same for that file in /var/asl/rules/modsec
Thats correct, thats where those signatures are actually stored, so youre scanning the signatures themselves. You should get a hit there. You can ignore those and you dont need to scan any of the ASL directories.
then it spits out several errors regarding how it can't read /sys/class/net/lo/uevent or /sys/class/net/eth0/uevent, then it terminates.
Correct, those are special system directories in Linux that represent actual hardware. You cant scan then, they aren't files or directories. Dont scan /sys/ or /proc/. If you want to scan your entire system, you should ignore those directories that are special in Linux, a good set to start with is:
i've run chmod on uevent to grant root permissions to read,
Thats also normal. You cant change the permissions on those device handles because they aren't files, they are device handles.