You can set up a visual confirmation with option to delete an infected file doing the following:
1. create a new script:
sudo gedit /opt/clamdazer
2. copy and paste to /opt/clamdazer:
#!/bin/sh #Clamdazer script by Gabor Igloi (2005) GPL v=`tail -n 1 /var/log/clamav/clamav.log` v=${v#*: } v=${v%:*} f=${v##*/} zenity --title ClamDazer --warning --text '"'"$f"$'" CONTAINS A VIRUS!\n[ '"$1"$' ]\nWould you like to delete it?' if [ $? -eq 0 ]; then rm $v zenity --title ClamDazer --info --text '"'"$f"$'"\nRemoved successfully!' fi
3. making it executable
sudo chmod a+x /opt/clamdazer
4. finally add VirusEvent option to /etc/clamav/clamd.conf
sudo gedit /etc/clamav/clamd.conf
Add this line to the end of clamd.conf:
VirusEvent /opt/clamdazer %v &
5. Don't forget to restart clamav-daemon by “sudo invoke-rc.d clamav-daemon restart”
Now you'll get a warning dialog every time you click on an infected file/archive and you can delete it easily.
You can grab the “eicar” test virus (no malicious code, just for testing) from here:
http://www.eicar.org/anti_virus_test_file.htm
You can also try it with real-life (!) viruses from here:
http://vx.netlux.org/vl.php