On Friday 20 June 2008 06:13, Martin Garcia wrote: > Hi Anne, I have many servers running clamav, simply use the dag repos > http://dag.wieers.com/rpm/ and install it via yum "yum install clamav > clamd" then run freshclam, thats it. I presume your configuration is not > properly done. > It turned out to be not exactly a clamav problem, but a clamtk problem. I am using Dag's package, and logwatch has been telling me that everything is updating. The problem showed up when I tried the context menu scan of a file, which clamtk provides. I contacted the clamtk developer who has been very helpful. This morning I have confirmed to him that the problem is fixed. For the sake of the archives, this is what he said: <quote> Ok, so it dawned on me what the problem likely is... ClamAV has several methods for signatures it uses: daily.info folder, daily and main.cvd, daily and main.cld. So, I'm thinking you have more than one of those in your signatures directory. If you open up a terminal window and type "ls /var/clamav" (without quotes of course), I'm betting you'll see a variety of files and/or directories in there. If you're up for it, as root type rm /var/clamav/* -rf which will remove all the signatures. Don't worry, you'll get them back in the next step. As root, type freshclam -v And that will download all the necessary signatures again. The problem I have is there are a variety of ways the linux distros package ClamAV, and I have to decide which ones to gather the information from... I thought I had it right, but your email is making me reconsider. :) </quote> I do wonder if something changed in clamav since I first installed it. I remember that an update installed, and I did, for a couple of days, get a message that the database could not be notified of updated signatures. I can't remember how that one got resolved. Perhaps /var/clamav was left with an old version and a new version of the database, and was reading the old one. Anne