433 |
# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx"). |
# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx"). |
434 |
|
|
435 |
### http://www.kaspersky.com/ (kav4mailservers) |
### http://www.kaspersky.com/ (kav4mailservers) |
436 |
['KasperskyLab AVP - aveclient', |
# ['KasperskyLab AVP - aveclient', |
437 |
['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient', |
# ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient', |
438 |
'/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'], |
# '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'], |
439 |
'-p /var/run/aveserver -s {}/*', |
# '-p /var/run/aveserver -s {}/*', |
440 |
[0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m, |
# [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m, |
441 |
qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m, |
# qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m, |
442 |
], |
# ], |
443 |
# NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious, |
# NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious, |
444 |
# currupted or protected archives are to be handled |
# currupted or protected archives are to be handled |
445 |
|
|
446 |
### http://www.kaspersky.com/ |
### http://www.kaspersky.com/ |
447 |
['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'], |
# ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'], |
448 |
'-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ? |
# '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ? |
449 |
qr/infected: (.+)/m, |
# qr/infected: (.+)/m, |
450 |
sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"}, |
# sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"}, |
451 |
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, |
# sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, |
452 |
], |
# ], |
453 |
|
|
454 |
### The kavdaemon and AVPDaemonClient have been removed from Kasperky |
### The kavdaemon and AVPDaemonClient have been removed from Kasperky |
455 |
### products and replaced by aveserver and aveclient |
### products and replaced by aveserver and aveclient |
456 |
['KasperskyLab AVPDaemonClient', |
# ['KasperskyLab AVPDaemonClient', |
457 |
[ '/opt/AVP/kavdaemon', 'kavdaemon', |
# [ '/opt/AVP/kavdaemon', 'kavdaemon', |
458 |
'/opt/AVP/AvpDaemonClient', 'AvpDaemonClient', |
# '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient', |
459 |
'/opt/AVP/AvpTeamDream', 'AvpTeamDream', |
# '/opt/AVP/AvpTeamDream', 'AvpTeamDream', |
460 |
'/opt/AVP/avpdc', 'avpdc' ], |
# '/opt/AVP/avpdc', 'avpdc' ], |
461 |
"-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ], |
# "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ], |
462 |
# change the startup-script in /etc/init.d/kavd to: |
# change the startup-script in /etc/init.d/kavd to: |
463 |
# DPARMS="-* -Y -dl -f=/var/lib/amavis /var/lib/amavis" |
# DPARMS="-* -Y -dl -f=/var/lib/amavis /var/lib/amavis" |
464 |
# (or perhaps: DPARMS="-I0 -Y -* /var/lib/amavis" ) |
# (or perhaps: DPARMS="-I0 -Y -* /var/lib/amavis" ) |
472 |
# su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}" |
# su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}" |
473 |
|
|
474 |
### http://www.centralcommand.com/ |
### http://www.centralcommand.com/ |
475 |
['CentralCommand Vexira (new) vascan', |
# ['CentralCommand Vexira (new) vascan', |
476 |
['vascan','/usr/lib/Vexira/vascan'], |
# ['vascan','/usr/lib/Vexira/vascan'], |
477 |
"-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ". |
# "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ". |
478 |
"--log=/var/log/vascan.log {}", |
# "--log=/var/log/vascan.log {}", |
479 |
[0,3], [1,2,5], |
# [0,3], [1,2,5], |
480 |
qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ], |
# qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ], |
481 |
# Adjust the path of the binary and the virus database as needed. |
# Adjust the path of the binary and the virus database as needed. |
482 |
# 'vascan' does not allow to have the temp directory to be the same as |
# 'vascan' does not allow to have the temp directory to be the same as |
483 |
# the quarantine directory, and the quarantine option can not be disabled. |
# the quarantine directory, and the quarantine option can not be disabled. |
487 |
|
|
488 |
### http://www.avira.com/ |
### http://www.avira.com/ |
489 |
### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus |
### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus |
490 |
['Avira AntiVir', ['antivir','vexira'], |
# ['Avira AntiVir', ['antivir','vexira'], |
491 |
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m, |
# '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m, |
492 |
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | |
# qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | |
493 |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ], |
# (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ], |
494 |
# NOTE: if you only have a demo version, remove -z and add 214, as in: |
# NOTE: if you only have a demo version, remove -z and add 214, as in: |
495 |
# '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/, |
# '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/, |
496 |
|
|
497 |
### http://www.commandsoftware.com/ |
### http://www.commandsoftware.com/ |
498 |
['Command AntiVirus for Linux', 'csav', |
# ['Command AntiVirus for Linux', 'csav', |
499 |
'-all -archive -packed {}', [50], [51,52,53], |
# '-all -archive -packed {}', [50], [51,52,53], |
500 |
qr/Infection: (.+)/m ], |
# qr/Infection: (.+)/m ], |
501 |
|
|
502 |
### http://www.symantec.com/ |
### http://www.symantec.com/ |
503 |
['Symantec CarrierScan via Symantec CommandLineScanner', |
# ['Symantec CarrierScan via Symantec CommandLineScanner', |
504 |
'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}', |
# 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}', |
505 |
qr/^Files Infected:\s+0$/m, qr/^Infected\b/m, |
# qr/^Files Infected:\s+0$/m, qr/^Infected\b/m, |
506 |
qr/^(?:Info|Virus Name):\s+(.+)/m ], |
# qr/^(?:Info|Virus Name):\s+(.+)/m ], |
507 |
|
|
508 |
### http://www.symantec.com/ |
### http://www.symantec.com/ |
509 |
['Symantec AntiVirus Scan Engine', |
# ['Symantec AntiVirus Scan Engine', |
510 |
'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}', |
# 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}', |
511 |
[0], qr/^Infected\b/m, |
# [0], qr/^Infected\b/m, |
512 |
qr/^(?:Info|Virus Name):\s+(.+)/m ], |
# qr/^(?:Info|Virus Name):\s+(.+)/m ], |
513 |
# NOTE: check options and patterns to see which entry better applies |
# NOTE: check options and patterns to see which entry better applies |
514 |
|
|
515 |
# ### http://www.f-secure.com/products/anti-virus/ version 4.65 |
# ### http://www.f-secure.com/products/anti-virus/ version 4.65 |
520 |
# qr/(?:infection|Infected|Suspected): (.+)/m ], |
# qr/(?:infection|Infected|Suspected): (.+)/m ], |
521 |
|
|
522 |
### http://www.f-secure.com/products/anti-virus/ version 5.52 |
### http://www.f-secure.com/products/anti-virus/ version 5.52 |
523 |
['F-Secure Antivirus for Linux servers', |
# ['F-Secure Antivirus for Linux servers', |
524 |
['/opt/f-secure/fsav/bin/fsav', 'fsav'], |
# ['/opt/f-secure/fsav/bin/fsav', 'fsav'], |
525 |
'--virus-action1=report --archive=yes --auto=yes '. |
# '--virus-action1=report --archive=yes --auto=yes '. |
526 |
'--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8], |
# '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8], |
527 |
qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], |
# qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], |
528 |
# NOTE: internal archive handling may be switched off by '--archive=no' |
# NOTE: internal archive handling may be switched off by '--archive=no' |
529 |
# to prevent fsav from exiting with status 9 on broken archives |
# to prevent fsav from exiting with status 9 on broken archives |
530 |
|
|
539 |
# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1], |
# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1], |
540 |
# qr/\t\[L\]\t([^[ \t\015\012]+)/m ], |
# qr/\t\[L\]\t([^[ \t\015\012]+)/m ], |
541 |
|
|
542 |
['CAI InoculateIT', 'inocucmd', # retired product |
# ['CAI InoculateIT', 'inocucmd', # retired product |
543 |
'-sec -nex {}', [0], [100], |
# '-sec -nex {}', [0], [100], |
544 |
qr/was infected by virus (.+)/m ], |
# qr/was infected by virus (.+)/m ], |
545 |
# see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html |
# see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html |
546 |
|
|
547 |
### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT) |
### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT) |
548 |
['CAI eTrust Antivirus', 'etrust-wrapper', |
# ['CAI eTrust Antivirus', 'etrust-wrapper', |
549 |
'-arc -nex -spm h {}', [0], [101], |
# '-arc -nex -spm h {}', [0], [101], |
550 |
qr/is infected by virus: (.+)/m ], |
# qr/is infected by virus: (.+)/m ], |
551 |
# NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer |
# NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer |
552 |
# see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783 |
# see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783 |
553 |
|
|
554 |
### http://mks.com.pl/english.html |
### http://mks.com.pl/english.html |
555 |
['MkS_Vir for Linux (beta)', ['mks32','mks'], |
# ['MkS_Vir for Linux (beta)', ['mks32','mks'], |
556 |
'-s {}/*', [0], [1,2], |
# '-s {}/*', [0], [1,2], |
557 |
qr/--[ \t]*(.+)/m ], |
# qr/--[ \t]*(.+)/m ], |
558 |
|
|
559 |
### http://mks.com.pl/english.html |
### http://mks.com.pl/english.html |
560 |
['MkS_Vir daemon', 'mksscan', |
# ['MkS_Vir daemon', 'mksscan', |
561 |
'-s -q {}', [0], [1..7], |
# '-s -q {}', [0], [1..7], |
562 |
qr/^... (\S+)/m ], |
# qr/^... (\S+)/m ], |
563 |
|
|
564 |
# ### http://www.nod32.com/, version v2.52 (old) |
# ### http://www.nod32.com/, version v2.52 (old) |
565 |
# ['ESET NOD32 for Linux Mail servers', |
# ['ESET NOD32 for Linux Mail servers', |
580 |
# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ], |
# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ], |
581 |
|
|
582 |
### http://www.eset.com/, version 3.0 |
### http://www.eset.com/, version 3.0 |
583 |
['ESET Software ESETS Command Line Interface', |
# ['ESET Software ESETS Command Line Interface', |
584 |
['/usr/bin/esets_cli', 'esets_cli'], |
# ['/usr/bin/esets_cli', 'esets_cli'], |
585 |
'--subdir {}', [0], [1,2,3], |
# '--subdir {}', [0], [1,2,3], |
586 |
qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ], |
# qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ], |
587 |
|
|
588 |
## http://www.nod32.com/, NOD32LFS version 2.5 and above |
## http://www.nod32.com/, NOD32LFS version 2.5 and above |
589 |
['ESET NOD32 for Linux File servers', |
# ['ESET NOD32 for Linux File servers', |
590 |
['/opt/eset/nod32/sbin/nod32','nod32'], |
# ['/opt/eset/nod32/sbin/nod32','nod32'], |
591 |
'--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '. |
# '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '. |
592 |
'-w -a --action=1 -b {}', |
# '-w -a --action=1 -b {}', |
593 |
[0], [1,10], qr/^object=.*, virus="(.*?)",/m ], |
# [0], [1,10], qr/^object=.*, virus="(.*?)",/m ], |
594 |
|
|
595 |
# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31 |
# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31 |
596 |
# ['ESET Software NOD32 Client/Server (NOD32SS)', |
# ['ESET Software NOD32 Client/Server (NOD32SS)', |
599 |
# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ], |
# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ], |
600 |
|
|
601 |
### http://www.norman.com/products_nvc.shtml |
### http://www.norman.com/products_nvc.shtml |
602 |
['Norman Virus Control v5 / Linux', 'nvcc', |
# ['Norman Virus Control v5 / Linux', 'nvcc', |
603 |
'-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14], |
# '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14], |
604 |
qr/(?i).* virus in .* -> \'(.+)\'/m ], |
# qr/(?i).* virus in .* -> \'(.+)\'/m ], |
605 |
|
|
606 |
### http://www.pandasoftware.com/ |
### http://www.pandasoftware.com/ |
607 |
['Panda CommandLineSecure 9 for Linux', |
# ['Panda CommandLineSecure 9 for Linux', |
608 |
['/opt/pavcl/usr/bin/pavcl','pavcl'], |
# ['/opt/pavcl/usr/bin/pavcl','pavcl'], |
609 |
'-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}', |
# '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}', |
610 |
qr/Number of files infected[ .]*: 0+(?!\d)/m, |
# qr/Number of files infected[ .]*: 0+(?!\d)/m, |
611 |
qr/Number of files infected[ .]*: 0*[1-9]/m, |
# qr/Number of files infected[ .]*: 0*[1-9]/m, |
612 |
qr/Found virus :\s*(\S+)/m ], |
# qr/Found virus :\s*(\S+)/m ], |
613 |
# NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr' |
# NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr' |
614 |
# before starting amavisd - the bases are then loaded only once at startup. |
# before starting amavisd - the bases are then loaded only once at startup. |
615 |
# To reload bases in a signature update script: |
# To reload bases in a signature update script: |
631 |
# # (btw, assigning stdin to /dev/null causes RAV to fail) |
# # (btw, assigning stdin to /dev/null causes RAV to fail) |
632 |
|
|
633 |
### http://www.nai.com/ |
### http://www.nai.com/ |
634 |
['NAI McAfee AntiVirus (uvscan)', 'uvscan', |
# ['NAI McAfee AntiVirus (uvscan)', 'uvscan', |
635 |
'--secure -rv --mime --summary --noboot - {}', [0], [13], |
# '--secure -rv --mime --summary --noboot - {}', [0], [13], |
636 |
qr/(?x) Found (?: |
# qr/(?x) Found (?: |
637 |
\ the\ (.+)\ (?:virus|trojan) | |
# \ the\ (.+)\ (?:virus|trojan) | |
638 |
\ (?:virus|trojan)\ or\ variant\ ([^ ]+) | |
# \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | |
639 |
:\ (.+)\ NOT\ a\ virus)/m, |
# :\ (.+)\ NOT\ a\ virus)/m, |
640 |
# sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'}, |
# sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'}, |
641 |
# sub {delete $ENV{LD_PRELOAD}}, |
# sub {delete $ENV{LD_PRELOAD}}, |
642 |
], |
# ], |
643 |
# NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before |
# NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before |
644 |
# anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6 |
# anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6 |
645 |
# and then clear it when finished to avoid confusing anything else. |
# and then clear it when finished to avoid confusing anything else. |
647 |
# qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/ |
# qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/ |
648 |
|
|
649 |
### http://www.virusbuster.hu/en/ |
### http://www.virusbuster.hu/en/ |
650 |
['VirusBuster', ['vbuster', 'vbengcl'], |
# ['VirusBuster', ['vbuster', 'vbengcl'], |
651 |
"{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1], |
# "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1], |
652 |
qr/: '(.*)' - Virus/m ], |
# qr/: '(.*)' - Virus/m ], |
653 |
# VirusBuster Ltd. does not support the daemon version for the workstation |
# VirusBuster Ltd. does not support the daemon version for the workstation |
654 |
# engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of |
# engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of |
655 |
# binaries, some parameters AND return codes have changed (from 3 to 1). |
# binaries, some parameters AND return codes have changed (from 3 to 1). |
663 |
# # although the man-page tells a different story |
# # although the man-page tells a different story |
664 |
|
|
665 |
### http://www.cyber.com/ |
### http://www.cyber.com/ |
666 |
['CyberSoft VFind', 'vfind', |
# ['CyberSoft VFind', 'vfind', |
667 |
'--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m, |
# '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m, |
668 |
# sub {$ENV{VSTK_HOME}='/usr/lib/vstk'}, |
# sub {$ENV{VSTK_HOME}='/usr/lib/vstk'}, |
669 |
], |
# ], |
670 |
|
|
671 |
### http://www.avast.com/ |
### http://www.avast.com/ |
672 |
['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'], |
# ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'], |
673 |
'-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ], |
# '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ], |
674 |
|
|
675 |
### http://www.ikarus-software.com/ |
### http://www.ikarus-software.com/ |
676 |
['Ikarus AntiVirus for Linux', 'ikarus', |
# ['Ikarus AntiVirus for Linux', 'ikarus', |
677 |
'{}', [0], [40], qr/Signature (.+) found/m ], |
# '{}', [0], [40], qr/Signature (.+) found/m ], |
678 |
|
|
679 |
### http://www.bitdefender.com/ |
### http://www.bitdefender.com/ |
680 |
['BitDefender', 'bdscan', # new version |
# ['BitDefender', 'bdscan', # new version |
681 |
'--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m, |
# '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m, |
682 |
qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m, |
# qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m, |
683 |
qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ], |
# qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ], |
684 |
|
|
685 |
### http://www.bitdefender.com/ |
### http://www.bitdefender.com/ |
686 |
['BitDefender', 'bdc', # old version |
# ['BitDefender', 'bdc', # old version |
687 |
'--arc --mail {}', qr/^Infected files *:0+(?!\d)/m, |
# '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m, |
688 |
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, |
# qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, |
689 |
qr/(?:suspected|infected): (.*)(?:\033|$)/m ], |
# qr/(?:suspected|infected): (.*)(?:\033|$)/m ], |
690 |
# consider also: --all --nowarn --alev=15 --flev=15. The --all argument may |
# consider also: --all --nowarn --alev=15 --flev=15. The --all argument may |
691 |
# not apply to your version of bdc, check documentation and see 'bdc --help' |
# not apply to your version of bdc, check documentation and see 'bdc --help' |
692 |
|
|
693 |
### ArcaVir for Linux and Unix http://www.arcabit.pl/ |
### ArcaVir for Linux and Unix http://www.arcabit.pl/ |
694 |
['ArcaVir for Linux', ['arcacmd','arcacmd.static'], |
# ['ArcaVir for Linux', ['arcacmd','arcacmd.static'], |
695 |
'-v 1 -summary 0 -s {}', [0], [1,2], |
# '-v 1 -summary 0 -s {}', [0], [1,2], |
696 |
qr/(?:VIR|WIR):[ \t]*(.+)/m ], |
# qr/(?:VIR|WIR):[ \t]*(.+)/m ], |
697 |
|
|
698 |
# ### a generic SMTP-client interface to a SMTP-based virus scanner |
# ### a generic SMTP-client interface to a SMTP-based virus scanner |
699 |
# ['av_smtp', \&ask_av_smtp, |
# ['av_smtp', \&ask_av_smtp, |
715 |
# # NOTE: place file JpegTester.pm somewhere where Perl can find it, |
# # NOTE: place file JpegTester.pm somewhere where Perl can find it, |
716 |
# # for example in /usr/local/lib/perl5/site_perl |
# # for example in /usr/local/lib/perl5/site_perl |
717 |
|
|
718 |
|
['always-clean', sub {0}], |
719 |
); |
); |
720 |
|
|
721 |
|
|