Avira antivir v3 new output format
Le Vu
lev.fpt at gmail.com
Sun Apr 24 04:26:52 IST 2011
Hi all,
Recently I installed AntiVir free version from Avira website:
http://www.avira.com/en/support-download-free-antivirus
The scanner name and output format has been changed so I tried to
modify the wrapper and SweepViruses.pm to process the new format.
Unfortunately the format has changed to multi-line report and I am not
so familiar with Perl script to get this done :-(
I post the new output format here to see if anyone is interested in
updating MailScanner to support new antivir version.
Regards,
Le.
[root at RHEL6 ~]# avscan --batch tmp/
scan progress: directory "/root/tmp/"
file: /root/tmp/Trojan.Win32.DNSChanger.dlr.zip
last modified on date: 2011-04-24 time: 09:52:53, size: 51359 bytes
ALERT: Trojan.Win32.DNSChanger.dlr <<< TR/Vundo.Gen ; trojan ; Is
the Trojan horse TR/Vundo.Gen
ALERT-URL: http://www.avira.com/en/threats?q=TR%2FVundo%2EGen
no action taken
file: /root/tmp/eicar.com
last modified on date: 2006-11-01 time: 06:21:26, size: 68 bytes
ALERT: Eicar-Test-Signature ; virus ; Contains code of the
Eicar-Test-Signature virus
ALERT-URL: http://www.avira.com/en/threats?q=Eicar%2DTest%2DSignature
no action taken
file: /root/tmp/eicarcom2.zip
last modified on date: 2006-11-01 time: 06:21:27, size: 308 bytes
ALERT: eicar_com.zip --> eicar.com <<< Eicar-Test-Signature ;
virus ; Contains code of the Eicar-Test-Signature virus
ALERT-URL: http://www.avira.com/en/threats?q=Eicar%2DTest%2DSignature
no action taken
file: /root/tmp/Email-Worm.Win32.Combra.o.zip
last modified on date: 2011-04-24 time: 09:57:55, size: 137327 bytes
ALERT: Email-Worm.Win32.Combra.o <<< WORM/Combra.O.2 ; worm ;
Contains detection pattern of the worm WORM/Combra.O.2
ALERT-URL: http://www.avira.com/en/threats?q=WORM%2FCombra%2EO%2E2
no action taken
More information about the MailScanner
mailing list