* Fajar A. Nugraha <[EMAIL PROTECTED]> [20050531 18:52]: wrote: > Odhiambo Washington wrote: > > >tried it though, and I have the file - image.zip, and some output > >from the debug file - current.txt, posted here: > > > >http://ns2.wananchi.com/~wash/Clamav/ > > > > > > > It's OK here. clamdscan detects both (0.85.1 on Gentoo x86). > Have you tried restarting clamd (perhaps it's not picking up the curent > signature, by any chance)?
Hmm, I restarted clamd but still it did not pick the trojan. I then enabled ScanPE, restarted it and it picked it up!! > You should have something like this on clamd.log (or syslog). Note the > number of viruses : > Tue May 31 22:43:19 2005 -> Database correctly reloaded (34867 viruses) Tue May 31 14:13:07 2005 -> Reading databases from /usr/local/share/clamav Tue May 31 14:13:11 2005 -> Database correctly reloaded (34865 viruses) .... many of those in my clamd.log.... > fajar-pc virus # clamscan image.zip > image.zip: Trojan.W32.PWS.Prostor.A FOUND > > ----------- SCAN SUMMARY ----------- > Known viruses: 34867 > Engine version: 0.85.1 > Scanned directories: 0 > Scanned files: 1 > Infected files: 1 > Data scanned: 0.20 MB > Time: 4.139 sec (0 m 4 s) > fajar-pc virus # clamdscan image.zip > /data/download/src/clamav/virus/image.zip: Trojan.W32.PWS.Prostor.A FOUND > > ----------- SCAN SUMMARY ----------- > Infected files: 1 > Time: 1.037 sec (0 m 1 s) > fajar-pc virus # clamd -V > ClamAV devel-20050531/901/Tue May 31 20:33:04 2005 > fajar-pc virus # clamscan -V > ClamAV devel-20050531/901/Tue May 31 20:33:04 2005 Sucks ;-) Someone said I have disabled ScanPE, which is correct. It's apparent that this was a major factor. It also appears that restarting clamd was necessary. I however don't understand why it should be, since freshclam does notify it... Does anyone restart clamd whenever freshclam is run??? -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington <[EMAIL PROTECTED]> Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ A lot of people are afraid of heights. Not me. I'm afraid of widths. -- Steve Wright _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
