Hi! I installed the free linux version. Updated and made a file with eicar test signature for testing. savscan had no issue to detect the file, but it missed when zipped: ------------------------ /temp# savscan eicar.com.txt SAVScan virus detection utility Version 5.16.0 [Linux/Intel] Virus data version 5.20, October 2015 Includes detection for 10071693 viruses, Trojans and worms Copyright (c) 1989-2015 Sophos Limited. All rights reserved. System time 06:41:05 PM, System date 16 October 2015 IDE directory is: /opt/sophos-av/lib/sav Quick Scanning >>> Virus 'EICAR-AV-Test' found in file eicar.com.txt 1 file scanned in 9 seconds. 1 virus was discovered. 1 file out of 1 was infected. If you need further advice regarding any detections please visit our Threat Center at: www.sophos.com/.../threat-center.aspx End of Scan. ----------------- now the same file zipped: /temp# savscan vtest.zip -archive SAVScan virus detection utility Version 5.16.0 [Linux/Intel] Virus data version 5.20, October 2015 Includes detection for 10071693 viruses, Trojans and worms Copyright (c) 1989-2015 Sophos Limited. All rights reserved. System time 06:46:31 PM, System date 16 October 2015 Command line qualifiers are: -archive IDE directory is: /opt/sophos-av/lib/sav Quick Scanning 1 file scanned in 8 seconds. No viruses were discovered. End of Scan. ----------- verfication with clamav: /temp# clamscan vtest.zip vtest.zip: Eicar-Test-Signature FOUND ----------- SCAN SUMMARY ----------- Known viruses: 4030432 Engine version: 0.98.7 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 18.015 sec (0 m 18 s) -------------- here is my configuration: /opt/sophos-av/bin# ./savconfig -v Email: root@localhost EmailDemandSummaryIfThreat: true EmailLanguage: English EmailNotifier: true EmailServer: localhost:25 EnableOnStart: false ExclusionEncodings: UTF-8 EUC-JP ISO-8859-1 LogMaxSizeMB: 100 NotifyOnUpdate: false PrimaryUpdateSourcePath: sophos: PrimaryUpdateUsername: ******** PrimaryUpdatePassword: ******** SendErrorEmail: true SendThreatEmail: true UINotifier: true UIpopupNotification: true UIttyNotification: true UpdatePeriodMinutes: 60 NamedScans Not configured LiveProtection: disabled ScanArchives: enabled Can you help me, what do i wrong? Any help is appreciated! many thanks Marc
↧