> At 2:00 PM -0700 9/14/09, Bill Landry wrote: >> > At 12:59 PM -0700 9/14/09, Bill Landry wrote: >>>>Tom Shaw wrote: >>>>> I am running ClamAV 0.95.2/9806/Mon Sep 14 14:37:58 2009 when I run >>>>> clamscan on a file I get no detection yet when I submit the same >>>>> file >>>>> to >>>>> virustotal (0.94.1/20090912) I get Trojan.Zbot-4583 detected. >>>>> >>>>> My clamav install has been operating fine for months on OSX 10.5. >>>>> >>>>> Ideas? >>>> >>>>Tom, what happens if you scan the file with clamdscan? >>>> >>>> clamdscan --fdpass file >>>> >>>>The reason I ask, is maybe you have to set the appropriate flags when >>>>using clamscan vs clamdscan, as clamdscan uses clamd.conf for its >>>> setting. >>>> >>>>Just a thought... >>> >>> >>> Bill, I get detection from my signature but not clam's >> >>Could it be that your signature is triggering before ClamAV's? Have you >>tried running the scan without your signature included to see if ClamD >>will trigger? > > Hasn't triggered earlier than clamav's before. However I will try now. > > That's weird it did detect it then. Wish I knew the sequence clamav > checks through the DB's. > > Is there a way to force clamscan to keep checking for all signatures? > I tried clamdscan --help with no joy.
According to Tomasz (see his message from earlier today), there is no way to prioritize signatures unless you run more than one instance of clamd. Bill _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
