<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=ISO-8859-1">
<META content="MSHTML 5.50.4916.2300" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=787214016-24062002><FONT face=Arial color=#0000ff size=2>How
can we achieve a simular output using sophos?</FONT></SPAN></DIV>
<BLOCKQUOTE>
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Rishi Gangoly
[mailto:rishi@THEARGONCOMPANY.COM]<BR><B>Sent:</B> Monday, June 24, 2002 1:27
PM<BR><B>To:</B> MAILSCANNER@JISCMAIL.AC.UK<BR><B>Subject:</B> Re: f-prot /
aves detects this as a virus !! I think<BR><BR></FONT></DIV>Also what's the
output of f-prot -virno <BR><BR>Here is mine:
<BR>------------------------------ <BR>SIGN.DEF created 24. June 2002
<BR>SIGN2.DEF created 24. June 2002 <BR>MACRO.DEF created 11. June 2002
<BR>DOS/Windows: 25460 viruses and 14400 Trojans <BR>Word/Excel: 7625 viruses
and Trojans <BR>Java: 2 viruses and 115 Trojans <BR>BAT: 1006 viruses and
Trojans <BR>IRC INI: 360 viruses and Trojans <BR>Script: 1743 viruses and
Trojans <BR>INF: 4 viruses and Trojans <BR>Unix shell: 31 viruses and Trojans
<BR>Ami: 2 viruses and Trojans <BR>WinBat: 4 viruses and Trojans <BR>PIF: 18
viruses and Trojans <BR>PalmOS: 4 viruses and Trojans <BR>PHP: 2 viruses and
Trojans <BR>Unix: 96 viruses and Trojans <BR>In addition, over 14400 viruses
are identified using <BR>generic identification, so the total number of
viruses <BR>and Trojans known to F-PROT is somewhere over 65200.
<BR>------------------------------ <BR><BR><BR>----- Original Message -----
<BR>From: "Rishi Gangoly" <rishi@theargoncompany.com> <BR>To:
<MAILSCANNER@JISCMAIL.AC.UK> <BR>Sent: Monday, June 24, 2002 9:22 PM
<BR>Subject: Re: f-prot / aves detects this as a virus !! I think
<BR><BR><BR>> Hi Fracois <BR>> <BR>> What happens when you do :
<BR>> <BR>> f-prot -virlist | grep -i Frethem <BR>> <BR>> <BR>>
Regards <BR>> <BR>> Rishi <BR>> <BR>> <BR>> <BR>> -----
Original Message ----- <BR>> From: "Francois Caen"
<FCaen@CI.LAKEWOOD.WA.US> <BR>> To:
<MAILSCANNER@JISCMAIL.AC.UK> <BR>> Sent: Tuesday, June 18, 2002 9:09
PM <BR>> Subject: Re: f-prot / aves detects this as a virus !! I think
<BR>> <BR>> <BR>> > -----Original Message----- <BR>> > From:
rishi@THEARGONCOMPANY.COM <BR>> > <BR>> > > Just had another
idea. <BR>> > > What's the sum of the infected file that yoy have?
<BR>> > > Here is mine. <BR>> > > <BR>> > >
<BR>> > > [root f-prot]# sum /tmp/decrypt-password.exe <BR>> >
> 07788 35 <BR>> > <BR>> > For all the ones I received, I get
the same results: <BR>> > <BR>> > # sum decrypt-password.exe
<BR>> > 47131 35 <BR>> > <BR>> > I typically use md5sum,
dunno exactly how it differs from sum but it's a <BR>> standard for
software downloads. <BR>> > <BR>> > # md5sum decrypt-password.exe
<BR>> > cc695e7e531c18843baa0731a38e969b decrypt-password.exe <BR>>
> <BR>> > # sum /usr/local/f-prot/* <BR>> > 49258 1
/usr/local/f-prot/CHANGES <BR>> > 54451 21 /usr/local/f-prot/ENGLISH.TX0
<BR>> > 46493 3 /usr/local/f-prot/INSTALL <BR>> > 38393 3
/usr/local/f-prot/LICENSE <BR>> > 13115 455 /usr/local/f-prot/MACRO.DEF
<BR>> > 25947 1 /usr/local/f-prot/README <BR>> > 28940 1
/usr/local/f-prot/SIGN.ASC <BR>> > 16736 1038 /usr/local/f-prot/SIGN.DEF
<BR>> > 47624 1 /usr/local/f-prot/SIGN2.ASC <BR>> > 24019 381
/usr/local/f-prot/SIGN2.DEF <BR>> > 30967 12
/usr/local/f-prot/check-updates.sh <BR>> > 43536 7
/usr/local/f-prot/checksum <BR>> > 52218 932 /usr/local/f-prot/f-prot
<BR>> > 53109 5 /usr/local/f-prot/f-prot.8 <BR>> > 41567 1
/usr/local/f-prot/f-prot.sh <BR>> > 23276 3
/usr/local/f-prot/f-protwrapper <BR>> > 02783 922
/usr/local/f-prot/fp-def.zip <BR>> > 03152 215
/usr/local/f-prot/macrdef2.zip <BR>> > <BR>> > # md5sum
/usr/local/f-prot/* <BR>> > 2d159aceaf924853502ec97dba2414d2
/usr/local/f-prot/CHANGES <BR>> > ccbf77f4141f5d0775ace281bbc7452c
/usr/local/f-prot/ENGLISH.TX0 <BR>> > edec255b29f87624b6b1c5a000d4cd91
/usr/local/f-prot/INSTALL <BR>> > 382c9b94925d309068907581a7ee7e7a
/usr/local/f-prot/LICENSE <BR>> > bc26349c2892a303fed0928cc95551d3
/usr/local/f-prot/MACRO.DEF <BR>> > d971c388ec249a1bf699657a823f4f3d
/usr/local/f-prot/README <BR>> > 13f975f08f9c0d0e78eda0fa39263d92
/usr/local/f-prot/SIGN.ASC <BR>> > fa7a8b065075fb0f43ed6073698ae2ae
/usr/local/f-prot/SIGN.DEF <BR>> > 9abb515ed622720bfd27b17356da3c16
/usr/local/f-prot/SIGN2.ASC <BR>> > cbf14c505c1b904477c943bbf983ee6a
/usr/local/f-prot/SIGN2.DEF <BR>> > f9edeccdb48ca2f51efcfcfedab8cea8
/usr/local/f-prot/check-updates.sh <BR>> >
dc1893dcb0da9f06a718013dab94b60a /usr/local/f-prot/checksum <BR>> >
6dd38d416efb1b3a15e5a2abb78f038c /usr/local/f-prot/f-prot <BR>> >
ef23f6eb09963af8917263603f665d9a /usr/local/f-prot/f-prot.8 <BR>> >
74ac7a4872c003e2f4fbd1494bd76ed7 /usr/local/f-prot/f-prot.sh <BR>> >
f184c6d9ff007949a466d8d78fd2a5ee /usr/local/f-prot/f-protwrapper <BR>> >
4dc8efd6d9daa451a1515d210664e2f4 /usr/local/f-prot/fp-def.zip <BR>> >
c5c867208efd9d3b398c64d0df50e4e1 /usr/local/f-prot/macrdef2.zip <BR>> >
<BR>> > Hope this helps :-) <BR>> >
------------------------------------------------ <BR>> > Francois Caen
<BR>> > Network Information Systems Engineer - Webmaster <BR>> >
City of Lakewood, WA <BR>> > (253) 512-2269
<BR><BR></BLOCKQUOTE></BODY></HTML>