[Declude.Virus] Virus Config Update
1. I have noticed that a new virus exit code being reported on AVG Exit Code 9 - Double extension If you are running AVG and want to block double extensions eg. Password.doc .exe Add the following line to your virus.cfg VIRUSCODE 9 Other additional codes are: 4 - suspicion detected by heuristic analysis 5 - virus found by heuristic analysis 6 - specific virus detected 7 - active virus in memory detected The complete SCANFILE config would be something like this: SCANFILEC:\Progra~1\Grisoft\AVG7\avg.exe /NOBOOT /NOMEM /NOSELF /ARC /REPORT=report.txt VIRUSCODE 4 VIRUSCODE 5 VIRUSCODE 6 VIRUSCODE 7 VIRUSCODE 9 REPORT identified 2. If you are running F-PROT ensure that you do NOT have a switch in your SCANFILE /NOFLOPPY This has been reported as not supported in the latest versions of F-Prot and causes virus to get through David B www.declude.com --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Virus Config Update
Wednesday, November 23, 2005, 2:55:34 PM, David Barker [EMAIL PROTECTED] wrote: Snip DB The complete SCANFILE config would be something like this: DB SCANFILEC:\Progra~1\Grisoft\AVG7\avg.exe /NOBOOT /NOMEM /NOSELF /ARC Is it avgscan.exe or avg.exe in the above for the 32 bit scanner? Snip DB David B DB www.declude.com DB --- DB This E-mail came from the Declude.Virus mailing list. To DB unsubscribe, just send an E-mail to [EMAIL PROTECTED], and DB type unsubscribe Declude.Virus.The archives can be found DB at http://www.mail-archive.com. Don Brown - Dallas, Texas USA Internet Concepts, Inc. [EMAIL PROTECTED] http://www.inetconcepts.net (972) 788-2364Fax: (972) 788-5049 --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
