Re: [Declude.Virus] Virus reports not showing virus
Here is a snippet of my logs. I also do not understand the missing files? The problem here is: SCANFILEC:\Progra~1\FSI\F-Prot\Fpcmd.exe /TYPE /SILENT /NOMEM /ARCHIVE=5 /NOBOOT /DUMB /REPORT=report.txt) There should be no ) at the end of report.txt -- otherwise, F-Prot will try to save a file named report.txt), which Declude Virus won't be able to find, so Declude Virus won't be able to determine the virus name (although the viruses will still get caught). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Virus reports not showing virus
Thanks Had a feeling when I pasted it but it was too late already. Must have added it when I changed it to fpcmd. Thanks I removed it just now. DC -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Thursday, June 24, 2004 8:02 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.Virus] Virus reports not showing virus Here is a snippet of my logs. I also do not understand the missing files? The problem here is: SCANFILEC:\Progra~1\FSI\F-Prot\Fpcmd.exe /TYPE /SILENT /NOMEM /ARCHIVE=5 /NOBOOT /DUMB /REPORT=report.txt) There should be no ) at the end of report.txt -- otherwise, F-Prot will try to save a file named report.txt), which Declude Virus won't be able to find, so Declude Virus won't be able to determine the virus name (although the viruses will still get caught). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Virus reports not showing virus
I am having some odd reports from Virusloganalyser lately. It no longer shows I have any viruses just Outlook Vulnerabilities.. Previously, I believe when I was running the 16 bit Fprot (now running 32 bit) it reported viruses. Here is a snippet of my logs. I also do not understand the missing files? Any ideas what is going on with my logs? I posted my config after the log snippet. Thanks much Doug 06/23/2004 00:24:11 Q05e79da60042f798 Scanned: CONTAINS A VIRUS [MIME: 2 22581] 06/23/2004 00:24:11 Q05e79da60042f798 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [incoming from 203.148.249.232] 06/23/2004 00:24:11 Q05e79da60042f798 Subject: Hi 06/23/2004 00:24:30 Q05eb2fe4011e08de Could not find report file C:\IMail\spool\D05eb2fe4011e08de.vir\report.txt. 06/23/2004 00:24:30 Q05eb2fe4011e08de File(s) are INFECTED [: 3] 06/23/2004 00:24:30 Q05eb2fe4011e08de Scanned: CONTAINS A VIRUS [MIME: 2 29807] 06/23/2004 00:24:30 Q05eb2fe4011e08de From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [incoming from 172.195.102.75] 06/23/2004 00:24:30 Q05eb2fe4011e08de Subject: Illegal Website 06/23/2004 00:24:48 Q060c2fe8011e891a Outlook 'MIME Header' Vulnerability: type=audio/x-wav, name=message.pif. 06/23/2004 00:24:49 Q060c2fe8011e891a Could not find report file C:\IMail\spool\D060c2fe8011e891a.vir\report.txt. 06/23/2004 00:24:49 Q060c2fe8011e891a File(s) are INFECTED [[Outlook 'MIME Header' Vulnerability]: 3] 06/23/2004 00:24:49 Q060c2fe8011e891a Scanned: CONTAINS A VIRUS [MIME: 3 29141] 06/23/2004 00:24:49 Q060c2fe8011e891a From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [incoming from 203.157.253.196] 06/23/2004 00:24:49 Q060c2fe8011e891a Subject: Mail System ([EMAIL PROTECTED]) 06/23/2004 00:24:52 Q06119dae00429d6e Scanned: Virus Free [MIME: 1 1798] 06/23/2004 00:25:16 Q062b2fed011e0271 Scanned: Virus Free [MIME: 1 3621] 06/23/2004 00:25:24 Q06342ff1011e22bb Scanned: Virus Free [MIME: 1 7757] 06/23/2004 00:25:33 Q06399db400423921 Scanned: Virus Free [MIME: 1 306] 06/23/2004 00:25:57 Q06509db600429386 Could not find report file C:\IMail\spool\D06509db600429386.vir\report.txt. Config # The in the LOGFILE option automatically gets replaced with the month/date LOGFILE spool\vir.log LOGLEVELMID # # SCANFILE is the location of the command-line virus scanner. Note that it # must include the full path. VIRUSCODE is the code that scanner returns if # it finds a virus. # SCANFILEC:\Progra~1\FSI\F-Prot\Fpcmd.exe /TYPE /SILENT /NOMEM /ARCHIVE=5 /NOBOOT /DUMB /REPORT=report.txt) VIRUSCODE 3 VIRUSCODE 6 VIRUSCODE 8 REPORTInfection: # VIRDIR is the directory to move E-mails with viruses; by default, # it is set to 'spool\virus' (\IMail\spool\virus). VIRDIR spool\virus # The MAXATONCE option limits the number of AV processes. For example, # MAXATONCE 1 will only allow 1 AV process to run at once (IE for licensing # purposes). A value of 0 (or commenting it out) allows unlimited processes # to run at the same time. MAXATONCE 0 # # The following options allow you to limit scanning to only incoming or outgoing # E-mail. # INCOMINGON OUTGOINGON # # The ONACCESS option should be set to OFF unless you have an on-access virus scanner # that will be deleting attachments with viruses. It is recommended NOT to have an # on-access scanner interfering, and to leave this at OFF. # ONACCESSOFF # # The SCANNERTIMEOUT option lets you choose the number of seconds that Declude will # wait for the virus scanner to finish. The minimum value is 10 seconds. Most # scanners will not need to take that long. This option is mainly to prevent # defective scanners (that never finish) from interfering with your outgoing E-mail. # Raising this will NOT help if your virus scanner always times out. # SCANNERTIMEOUT 60 # # The SKIPEXT option will let you skip scanning of certain file extensions. For # example, a GIF file can't contain a virus, so there is no need to scan it. # SKIPEXT GIF SKIPEXT TXT SKIPEXT JPG SKIPEXT MPG SKIPEXT PNG # # The BANEXT option will let you ban file extensions. E-mails containing attachments # with these file extensions will be quarantined, and if you have a BANnotify.EML file, # it will be sent out. This works in the Standard and Pro versions. # BANEXT ad BANEXT adp BANEXT asp BANEXT bas BANEXT bat BANEXT CEO BANEXT chm BANEXT cmd BANEXT com BANEXT cpl BANEXT crt BANEXT exe BANEXT hlp BANEXT hta BANEXT inf BANEXT ins BANEXT isp BANEXT js BANEXT jse BANEXT lnk BANEXT mdb BANEXT mde BANEXT msc BANEXT msi BANEXT msp BANEXT mst BANEXT pcd BANEXT pif BANEXT reg BANEXT scr BANEXT sct BANEXT shb BANEXT
