antivir

Julian Field mailscanner at ecs.soton.ac.uk
Sun Feb 8 19:23:12 GMT 2004 

Thanks for the server version. I installed my licence file into it (thanks
to the AntiVir crew for that), and ran it on a message with a few copies of
eicar in it. It detected all of them just fine.

Here is an example report:
>This is a message from the MailScanner E-Mail Virus Protection Service
>----------------------------------------------------------------------
>The original e-mail attachment "eicar.zip"
>was believed to be infected by a virus and has been replaced by this warning
>message.
>
>If you wish to receive a copy of the *infected* attachment, please
>e-mail helpdesk and include the whole of this message
>in your request. Alternatively, you can call them, with
>the contents of this message to hand when you call.
>
>At Sun Feb  8 19:12:09 2004 the virus scanner said:
>    AntiVir: ALERT: [Eicar-Test-Signatur virus] eicar.zip --> eicar.com <<< =
>Contains code of the Eicar-Test-Signatur virus

I have now tested this on
         AntiVir workstation 2.0.6
         AntiVir workstation 2.1.0
         AntiVir server 2.0.8
and can confirm that they all work with MailScanner on my Linux systems.

Please place a copy of eicar.com in a directory and run this command:
/usr/lib/MailScanner/antivir-wrapper /usr/lib/AntiVir -allfiles -s -noboot
-rs -z .
The output should be this (except for the line about the Verlor.B virus)

-----SNIP-----
AntiVir / Linux Version 2.1.0-1
Copyright (c) 1994-2004 by H+BEDV Datentechnik GmbH.
All rights reserved.

Loading /usr/lib/AntiVir/antivir.vdf ...

VDF version: 6.23.0.60 created 06 Feb 2004

For private, non-commercial use only.
AntiVir license: 1001034888 for Julian Field, Southampton

checking drive/path (list): .
ALERT: [W97M/Verlor.B virus] ./barendsesaunastoom.doc <<< Contains code of
the Word macro virus W97M/Verlor.B (removeable)
ALERT: [Eicar-Test-Signatur virus] ./eicar.com <<< Contains code of the
Eicar-Test-Signatur virus


----- scan results -----
  directories:        1
        files:        4
       alerts:        2
     repaired:        0
      deleted:        0
      renamed:        0
    scan time: 00:00:01
------------------------
Thank you for using AntiVir.
-----SNIP-----

Please let me know if your output matches this.

At 18:38 08/02/2004, you wrote:
>Julian Field wrote:
>>Can you try upgrading to 2.1.0 (on their website). My (licensed) copy is
>>detecting viruses in emails just fine. Both inside and outside zip files.
>>Everything just works, so I don't understand what problems other people are
>>having.
>
>Hi Julian.
>
>Just installe the 2.1.0. I think its working now, as I couldn't get a
>message to mysef delivered cause of the eicar file. But I'll look at the
>logfiles, and report to you.
>
>>At 15:33 08/02/2004, you wrote:
>>
>>>Julian Field wrote:
>>>
>>>>I have just tested against 2.1.0 (latest on their web site) and it works
>>>>fine.
>>>>Are you sure you have the licence key file installed into
>>>>/usr/lib/AntiVir?
>>>>It won't work without it.
>>>
>>>
>>>Yes I have:
>>>
>>>I have run the:
>>>
>>>/usr/lib/MailScanner/antivir-wrapper /usr/lib/AntiVir /tmp
>>>
>>>And the result is here:
>>>
>>># /usr/lib/MailScanner/antivir-wrapper /usr/lib/AntiVir /tmp
>>>AntiVir / Linux Version 2.0.9-16
>>>Copyright (c) 1994-2004 by H+BEDV Datentechnik GmbH.
>>>All rights reserved.
>>>
>>>Loading /usr/lib/AntiVir/antivir.vdf ...
>>>
>>>VDF version: 6.23.0.53 created 30 Jan 2004
>>>
>>>For private, non-commercial use only.
>>>AntiVir license: 12345678 for Erik Jakobsen, Brovst
>>>
>>>checking drive/path (list): /tmp
>>>
>>>----- scan results -----
>>>directories: 1
>>>files: 15
>>>alerts: 0
>>>scan time: 00:00:01
>>>------------------------
>>>Thank you for using AntiVir.
>>>
>>>>At 14:08 08/02/2004, you wrote:
>>>>
>>>>>Hi.
>>>>>
>>>>>Is anybody here having success with antivir and MailScanner ?.
>>>>>--
>>>>>Erik
>>>>
>>>>
>>>>
>>>>--
>>>>Julian Field
>>>>www.MailScanner.info
>>>>Professional Support Services at www.MailScanner.biz
>>>>MailScanner thanks transtec Computers for their support
>>>>PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>>>
>>>
>>>
>>>--
>>>Erik
>>
>>
>>--
>>Julian Field
>>www.MailScanner.info
>>Professional Support Services at www.MailScanner.biz
>>MailScanner thanks transtec Computers for their support
>>PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
>
>--
>Erik

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

More information about the MailScanner mailing list