AVG Scanner doesn't report virus name

Mark Martinec Mark.Martinec+amavis at ijs.si
Fri Jun 29 17:53:16 CEST 2012


Ralf,

> >  ### http://www.grisoft.com/
> >   ['AVG Anti-Virus',
> >    \&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
> >    qr/^200/m, qr/^403/m, qr/^403 .*: ([^\r\n]+)/m ],
> > 
> > Doesn't take the "403-" (line continuation lines) into account.
> 
> Using:
> 
>  ### http://www.grisoft.com/
>    ['AVG Anti-Virus',
>     \&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
>     qr/^200/m, qr/^403/m, qr/^403[- ].*: ([^\r\n]+)/m ],
> 

Thanks! I'll update the 'AVG Anti-Virus' entry.

> results in logs like:
> 
> Jun 18 01:13:41 mail2 amavis[17181]: (17181-01) run_av (AVG Anti-Virus):
> /var/amavis/amavis-20120618T011341-17181-b9vCAQwB/parts INFECTED: 'Trojan
> horse Delf.AEJO', 'Trojan horse Delf.AEJO', 'Trojan horse Delf.AEJO',
> 'Trojan horse Delf.AEJO'

Multiple occurrences of the same virus name only show up in
this low log-level log entry. I believe these are filtered
to a set of unique names for use in macro names in templates.

  Mark


More information about the amavis-users mailing list