ClamAV results....thoughts welcome/needed...
 

my scan today listed the following:

/boot/vmlinux-2.6.18.8-0.7-default.gz
Broken.Executable Status=Loose

"vmlinux-2.6.18.8-0.7-default.gz is a damaged executable. Some
viruses use this to conceal themselves"

...isnt vmlinux the "kernel"?...is this a false positive?...if not, should I let clamAV quantine(sp?) this file?...will my machine boot if I do?....thoughts please....and thanks.

Usually this file is called /boot/vmlinuz (note the Z not an X at the end). Is there a /boot/vmlinuz present?

Further, what is your boot loader actually booting? If you're using GRUB, check /boot/grub/menu.lst, if you're using LILO, check /etc/lilo.conf and look for the vmlinuz or vmlinux text. I wouldn't suggest quarantining the file if it is indeed vmlinux. Could just be a false positive.

derxob....I should have looked closer...
 

...within my /boot directory there is vmlinuz, vmlinuz-2.6.18.8-0.7-default and the file I mention (gz file)....vmlinuz is a link that points to the vmlinuz-2.6.18.8-0.7-default file and I believe the .gz file is an update to my kernel (left behind after the update).

I Googled the gz filename and saw several links that mentioned it as being an update from a previous kernel...so essentially its a file left over from an update/upgrade and is very small in size so I'm just leaving it as is...nothing broke so dont fix it...thanks for taking the time to reply...have a great Linux day! :)