ClamAV - Virus?!?
 

This might be an oddity, but I think I have a virus? I just installed ClamAV and ran the following command:

I received the following results back:

How do I find the infected files? How do I remove the virus? How can I find out what virus I have? Thanks.

It's probably Clam's "fake viruses". I had this the first time I ran it, but running in verbose mode, I saw the infected files were in Clam's directory.

It's just a test. No need to worry :)

Oh geez. Thanks for the info. I had to play around with the parameters to find the "viruses".

I updated ClamAV (using the command "freshclam") and was informed that I have an outdated version (0.81, 0.85 is the latest). Is there a way to update my ClamAV easily? It seems like all of the programs in my URPMI sources are outdated. I tried changing mirrors with no luck. Any ideas?

I assume from you running version .81 that you're using 10.1. It seems to me that their update process has slowed down. They just came out with a firefox update that included 1.03 and 1.04 fixes for 10.2 after much gripping on their forums. Probably best advice if you really need clamav for like screening av in a postfix email server environment, learn to build your own. Its really not that difficult. I maintain updated clamav packages for my 10.0 server. Matter of fact, I just rebuilt .85-4mdk just a few minutes ago. If your using it just on a linux box then I wouldn't worry about it. They might get around and build an updated package for 10.1 but since they are already 4 versions behind...well you get the idea :)

In Debian I found the update file using the command "apt-cache search clamav" to look for all the installation and update files relative to clamav. I found this one:

clamav-freshclam - downloads clamav virus databases from the Internet

and installed it. Updated to 0.85 in short order. I ran freshclam and also found 5 viruses. I couldn't run down the infected files from the output but found the scan.log file in root's home directory and discovered this:

Scan started: Thu Jun 9 12:26:09 2005

//usr/share/clamav-testfiles/clam.cab: ClamAV-Test-File FOUND
//usr/share/clamav-testfiles/clam.exe.bz2: ClamAV-Test-File FOUND
//usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File FOUND
//usr/share/clamav-testfiles/clam.rar: ClamAV-Test-File FOUND
//usr/share/clamav-testfiles/clam.zip: ClamAV-Test-File FOUND

Naturally, I was releaved to find out the "infection" was only the test files.
;)

How do you run it in verbose mode? I found 20 infected files. I would like to know which ones it is refering to.

with a "-v", as with most any unix/linux program... but if you only care about the infected ones, try with a "-i" instead, cuz IIRC that will report only the infected ones...

urpmi-update -a

also consider installing Klamav