AVG Scanner doesn't report virus name
Mark Martinec
Mark.Martinec+amavis at ijs.si
Fri Jun 29 17:53:16 CEST 2012
Ralf,
> > ### http://www.grisoft.com/
> > ['AVG Anti-Virus',
> > \&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
> > qr/^200/m, qr/^403/m, qr/^403 .*: ([^\r\n]+)/m ],
> >
> > Doesn't take the "403-" (line continuation lines) into account.
>
> Using:
>
> ### http://www.grisoft.com/
> ['AVG Anti-Virus',
> \&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
> qr/^200/m, qr/^403/m, qr/^403[- ].*: ([^\r\n]+)/m ],
>
Thanks! I'll update the 'AVG Anti-Virus' entry.
> results in logs like:
>
> Jun 18 01:13:41 mail2 amavis[17181]: (17181-01) run_av (AVG Anti-Virus):
> /var/amavis/amavis-20120618T011341-17181-b9vCAQwB/parts INFECTED: 'Trojan
> horse Delf.AEJO', 'Trojan horse Delf.AEJO', 'Trojan horse Delf.AEJO',
> 'Trojan horse Delf.AEJO'
Multiple occurrences of the same virus name only show up in
this low log-level log entry. I believe these are filtered
to a set of unique names for use in macro names in templates.
Mark
More information about the amavis-users
mailing list