AVG Scanner doesn't report virus name

Ralf Hildebrandt Ralf.Hildebrandt at charite.de
Mon Jun 18 01:11:27 CEST 2012


The AVG Scanner behaves like this when scanning a directory (like the
"parts" directory):

# telnet localhost 54322
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220-AVG daemon mode scanner (AVG)
220-Program version 12.0.1793
220-Virus Database: Version 2433/5076 2012-06-17
220 Ready
SCAN /var/amavis/test
403-File 'Vorderung nach Vertrag 12.06.2012.com' infected: 'Trojan horse Generic28.BQHZ'
403 File infected
Connection closed by foreign host.

This pattern:

 ### http://www.grisoft.com/
  ['AVG Anti-Virus',
   \&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
   qr/^200/m, qr/^403/m, qr/^403 .*: ([^\r\n]+)/m ],

Doesn't take the "403-" (line continuation lines) into account.

-- 
Ralf Hildebrandt                   Charite Universitätsmedizin Berlin
ralf.hildebrandt at charite.de        Campus Benjamin Franklin
http://www.charite.de              Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155


More information about the amavis-users mailing list