|
Логи работы антивирусных плагинов |
Для анализа работы антивирусных плагинов в продуктах Kerio следует включить соответствующий пункт в журнале debug:
- ПКМ в области просмотра журнала -> Сообщения -> Antivirus Plugin
Успешный запуск плагина McAfee в качестве внешней антивирусной программы:
[29/Dec/2011 01:41:27]
{avir_plugins} starting plugin
[29/Dec/2011 01:41:27] {avir_plugins} forkServer() going to create
server process
[29/Dec/2011 01:41:27] {avir_plugins} (PID: 3844) forkServer() server
process created, waiting for connection with server
[29/Dec/2011 01:41:27] {avir_plugins} (PID: 3844) forkServer() server is
running, creating send and recv. thread
[29/Dec/2011 01:41:27] {avir_plugins} (PID: 3844) recvThread() is
started
[29/Dec/2011 01:41:27] {avir_plugins} (PID: 3844) McAfee_plugin:
DAT files are located in C:\Program
Files\Kerio\WinRoute Firewall\mcafee\
[29/Dec/2011 01:41:27] {avir_plugins} (PID: 3844) McAfee_plugin:
Initializing McAfee plug-in...
[29/Dec/2011 01:41:27] {avir_plugins} (PID: 3844) McAfee_plugin:
Trying to use
6572 database...
[29/Dec/2011 01:41:57] {avir_plugins} (PID: 3844) McAfee_plugin:
Internal engine revision: 5400.1158
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: Dataset
type: AV
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin:
Dataset version: 6573.0
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin:
Number of viruses: 24992
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin:
Number of variants:
637868
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: Dataset
status: Success
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: DAT
file name: C:\Program Files\Kerio\WinRoute Firewall\mcafee\dat\6572\avvscan.dat
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: Date:
2011-12-28
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: DAT
file status: Success
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: DAT
file name: C:\Program Files\Kerio\WinRoute Firewall\mcafee\dat\6572\avvclean.dat
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: Date:
2011-12-28
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: DAT
file status: Success
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: DAT
file name: C:\Program Files\Kerio\WinRoute Firewall\mcafee\dat\6572\avvnames.dat
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin: Date:
2011-12-28
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin:
DAT file status: Success
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) McAfee_plugin:
Multi-threaded McAfee plug-in initialized successfully.
[29/Dec/2011 01:41:58] {avir_plugins} plugin is
running
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) sendThread() is
already stopped
[29/Dec/2011 01:41:58] {avir_plugins} (PID: 3844) sendThread() is
started
Успешный запуск плагина Sophos в качестве встроенной антивирусной программы:
[29/Dec/2011 01:45:26]
{avir_plugins} starting plugin
[29/Dec/2011 01:45:26] {avir_plugins} forkServer() going to create
server process
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) forkServer() server
process created, waiting for connection with server
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) forkServer() server is
running, creating send and recv. thread
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) recvThread() is
started
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) Sophos_plugin:
Initializing Sophos plugin...
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) Sophos_plugin: Maximum
thousands loops around central pattern-matching loop: 500
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) Sophos_plugin: Maximum
count of files in parent archive: 10000
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) Sophos_plugin: Maximum
length of decompressed data from the current compressed stream: 256 MB
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) Sophos_plugin:
Initializing internal Sophos engine...
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) Sophos_plugin:
Initializing internal Sophos engine...
[29/Dec/2011 01:45:27] {avir_plugins} (PID: 2548) Sophos_plugin: Trying
to initialize Sophos engine with database in
sophos\2011-12-29-01-35-37\
[29/Dec/2011 01:45:43] {avir_plugins} (PID: 2548)
Engine/Data change notified by SAVI.
[29/Dec/2011 01:45:43] {avir_plugins} (PID: 2548) Sophos_plugin:
Database has been reloaded
[29/Dec/2011 01:45:44] {avir_plugins} (PID: 2548) Sophos_plugin:
Multi-threaded Sophos plugin has been initialized successfully.
[29/Dec/2011 01:45:44] {avir_plugins} (PID: 2548) Sophos_plugin:
The engine has been initialized
[29/Dec/2011 01:45:44] {avir_plugins} plugin is running
Успешное обновление (уже используется последняя версия обновлений) плагина Sophos в качестве встроенной антивирусной программы с локального сервера обновлений UPDATER в соответствии с установками известного патча:
[29/Dec/2011 01:46:33]
{avir_plugins} Primary AV update check time period passed
[29/Dec/2011 01:46:33] {avir_plugins} Update is in progress
[29/Dec/2011 01:46:33] {avir_plugins} progress event: S
[29/Dec/2011 01:46:33] {avir_plugins} starting plugin
[29/Dec/2011 01:46:33] {avir_plugins} forkServer() going to create
server process
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) forkServer() server
process created, waiting for connection with server
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) forkServer() server is
running, creating send and recv. thread
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) recvThread() is started
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) Sophos_plugin:
Initializing Sophos plugin...
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) Sophos_plugin: Maximum
thousands loops around central pattern-matching loop: 500
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) Sophos_plugin: Maximum
count of files in parent archive: 10000
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) Sophos_plugin: Maximum
length of decompressed data from the current compressed stream: 256 MB
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) Sophos_plugin: The
plugin is prepared for updating phase
[29/Dec/2011 01:46:33] {avir_plugins} plugin is running
[29/Dec/2011 01:46:33] {avir_plugins} progress event: S
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) Sophos_plugin:
Checking for Sophos antivirus update on
updater...
[29/Dec/2011 01:46:33] {avir_plugins} (PID: 356) Sophos_plugin:
Downloading mirror structure...
[29/Dec/2011 01:46:34] {avir_plugins} (PID: 356) Sophos_plugin:
Downloading
sophos\ukerav.php.new
...
[29/Dec/2011 01:46:34] {avir_plugins} progress event: U 100
[29/Dec/2011 01:46:34] {avir_plugins} (PID: 356) Sophos_plugin: Trying
to get actual scanning instance...
[29/Dec/2011 01:46:34] {avir_plugins} (PID: 356) Sophos_plugin:
Found scanning Sophos engine in sophos\2011-12-29-01-35-37\
[29/Dec/2011 01:46:34] {avir_plugins} (PID: 356) Sophos_plugin:
Directory sophos\2011-12-29-01-46-34\ for new
bundle has been created.
[29/Dec/2011 01:46:34] {avir_plugins} (PID: 356) Sophos_plugin: Trying
to update API files
[29/Dec/2011 01:46:34] {avir_plugins} (PID: 356) Sophos_plugin:
Downloading sophos\2011-12-29-01-46-34\bundle\api-files.list.new
...
[29/Dec/2011 01:46:35] {avir_plugins} progress event: U 100
[29/Dec/2011 01:46:35] {avir_plugins} Last message repeated 3 times
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: There
are 1 files to check
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: Looking
for new ones...
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: There
are 1 files to copy
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: The
component is already up-to-date.
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: Trying
to extract API files
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: API
files have been extracted
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: Trying
to update database files
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin:
Downloading sophos\2011-12-29-01-46-34\vdb\db-files.list.new
...
[29/Dec/2011 01:46:35] {avir_plugins} progress event: U 100
[29/Dec/2011 01:46:35] {avir_plugins} Last message repeated 3 times
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: There
are 87 files to check
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: Looking
for new ones...
[29/Dec/2011 01:46:35] {avir_plugins} (PID: 356) Sophos_plugin: There
are 87 files to copy
[29/Dec/2011 01:46:52] {avir_plugins} (PID: 356) Sophos_plugin: The
component is already up-to-date.
[29/Dec/2011 01:46:52] {avir_plugins} (PID: 356) Sophos_plugin: Database
472 has been prepared
[29/Dec/2011 01:46:52] {avir_plugins} (PID: 356) Sophos_plugin: There
are no new database files to download
[29/Dec/2011 01:46:52] {avir_plugins} (PID: 356) Sophos_plugin: Trying
to update IDE files for engine 472
[29/Dec/2011 01:46:52] {avir_plugins} (PID: 356) Sophos_plugin:
Downloading sophos\2011-12-29-01-46-34\ide\ide-files.list.new
...
[29/Dec/2011 01:46:52] {avir_plugins} progress event: U 100
[29/Dec/2011 01:46:52] {avir_plugins} Last message repeated 3 times
[29/Dec/2011 01:46:52] {avir_plugins} (PID: 356) Sophos_plugin:
There are 273 files to check
[29/Dec/2011 01:46:52] {avir_plugins} (PID: 356) Sophos_plugin: Looking
for new ones...
[29/Dec/2011 01:46:52] {avir_plugins} (PID: 356) Sophos_plugin:
There are 273 files to copy
[29/Dec/2011 01:46:57] {avir_plugins} (PID: 356) Sophos_plugin:
The component is already up-to-date.
[29/Dec/2011 01:46:57] {avir_plugins} (PID: 356) Sophos_plugin: There
are no new IDE files to download
[29/Dec/2011 01:46:57] {avir_plugins} progress
event: E
[29/Dec/2011 01:46:57] {avir_plugins} No updates
are available
[29/Dec/2011 01:46:57] {avir_plugins} (PID: 356) sendThread() is already
stopped
[29/Dec/2011 01:46:57] {avir_plugins} progress event: E
Успешный запуск плагина ClamAV в качестве внешней антивирусной программы:
[30/Dec/2011 10:24:58] {avir_plugins} starting plugin
[30/Dec/2011 10:24:58] {avir_plugins} forkServer() going to create
server process
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) forkServer() server
process created, waiting for connection with server
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) forkServer() server is
running, creating send and recv. thread
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) recvThread() is
started
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin:
Initializing Clam AntiVirus plug-in...
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin: Startup
timeout is set to 90
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin: Sending
SESSION command...
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin: Session
initialized.
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin: Sending
PING command...
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin: Sending
VERSION command...
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin: Version:
ClamAV 0.97.3/14207/Fri Dec 30 01:27:52 2011
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin: Sending
END command...
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin: Session
finished.
[30/Dec/2011 10:24:58] {avir_plugins} (PID: 6776) ClamAV_plugin:
The engine has been initialized
[30/Dec/2011 10:24:58] {avir_plugins} plugin is running
Успешный запуск плагина DrWEB в качестве внешней антивирусной программы:
[31/Jan/2012 16:25:04] {avir_plugins} starting plugin
[31/Jan/2012 16:25:04] {avir_plugins} forkServer() going to create
server process
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) forkServer() server
process created, waiting for connection with server
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) forkServer() server is
running, creating send and recv. thread
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) recvThread() is
started
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
se.GetSEVersion( wstrSeVer )
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
*************************** Log started ***************************
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Plugin Version: 6.00.0.201108151
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Scanning Engine Version: 6.0.100.8040
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Waiting for Dr. Web SE service...
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Current SE version:
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
SE was successfully found!
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Preliminary using key file: C:\Program
Files\DrWeb for Kerio WinRoute\gate_drweb32.key
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Finally using key file: C:\Program Files\DrWeb for Kerio
WinRoute\gate_drweb32.key
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio: Key
number: 0011640211
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Exiting CKerioPluginManager::PluginInit
[31/Jan/2012 16:25:04] {avir_plugins} plugin is running
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) sendThread() is
already stopped
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) sendThread() is
started
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Entering CUpdaterWatcher::UpdaterWatchThread
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Updater supervisor: Started supervision over
updater.
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio: Days
should past for notify about bases expiration: 1
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio: Days
past from last update: 15370
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio: Days
past from last bases-expired notification: 15370
[31/Jan/2012 16:25:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Notifying to event log! Days: 15370
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Adware-Immediate = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Adware-Daily = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Adware-Weekly = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: BadObjects-Immediate = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: BadObjects-Daily = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: BadObjects-Weekly = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Dialers-Immediate = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Dialers-Daily = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Dialers-Weekly = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Hacktools-Immediate = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Hacktools-Daily = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Hacktools-Weekly = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Infected-Immediate = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Infected-Daily = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Infected-Weekly = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Jokes-Immediate = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Jokes-Daily = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Jokes-Weekly = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Riskware-Immediate = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Riskware-Daily = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Riskware-Weekly = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Scanned-Immediate = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Scanned-Daily = 0
[31/Jan/2012 16:26:04] {avir_plugins} (PID: 2412) Dr.Web for Kerio:
Statistics: Scanned-Weekly = 0
[31/Jan/2012 16:42:09] {avir_plugins} sendThread() is stopped
[31/Jan/2012 16:42:09] {avir_plugins} unable to recieve msg header, pipe
closed
[31/Jan/2012 16:42:09] {avir_plugins} recvThread() is stopped
[31/Jan/2012 16:42:09] {avir_plugins} killServer() server is killed
[31/Jan/2012 16:42:09] {avir_plugins} ClientDispatcher::stop() server
killed
[31/Jan/2012 16:42:09] {avir_plugins} ClientDispatcher::stop() all reqs
are terminated
[31/Jan/2012 16:42:09] {avir_plugins} ClientDispatcher::stop() all
proxies are unregistered
[31/Jan/2012 16:42:09] {avir_plugins} Plugin stopped
Обнаружение
тестовых вирусов плагином DrWEB:
[31/Jan/2012 18:39:57] {avir_plugins} [ 91 ]
skipping scan of file /redir/AiuY0DBWFJ4ePaEse6rgeAjgs2pI3DW99KUdgowt9XvoT-twMUKrgFbs6ncuMTa9IwXg6L4_615LjwzsSyhByqJxPlxkLkp01g2_3QAOe6i0FXuNwXQOYXMu7cugye4bA2aqM1sU_vR0GcWfDpsnv65_SnrrOyj8?data=UlNrNmk5WktYejR0eWJFYk1Ldmtxdng2SjJQZkt0NDNkeFprWjV2SFZKWFhQUzNydE9NalhSbzFyWldGVnhtazBudGs2VzBQX29LNzk3VlliclFSOE9tN19qbzRQUlhmVXVESjNkZEZKZ1JYOHB4cUoxM0ZuZw&b64e=2&sign=96169da23b59b09b628dc5e05cc727dd&keyno=8&l10n=ru&mc=3378&i=5
[31/Jan/2012 18:39:57] {avir_plugins} [ 93 ] creating local file: .\tmp\00000093_00000000.tmp
for /download/eicar.com
[31/Jan/2012 18:39:57] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
Increase scanned
[31/Jan/2012 18:39:57] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Thread:2464
[31/Jan/2012 18:39:57] {avir_plugins} [ 93 ] virus
found: External AV verdict: EICAR Test File (NOT a Virus!)
[31/Jan/2012 18:39:57] {avir_plugins} [ 93 ] HTTP: file was moved to
quarantine as .\quarantine\http_120131_183957-93.tmp
[31/Jan/2012 18:40:13] {avir_plugins} [ 94 ] creating local file: .\tmp\00000094.fmp
for /ANTIVIRUS/dtsproc.dll
[31/Jan/2012 18:40:14] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
Increase scanned
[31/Jan/2012 18:40:14] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Thread:2464
[31/Jan/2012 18:40:14] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Scanning file: .\tmp\00000094.fmp ( /ANTIVIRUS/dtsproc.dll
)
[31/Jan/2012 18:40:14] {avir_plugins} (PID: 236) Dr.Web for Kerio: SE
ScanResult = 1
[31/Jan/2012 18:40:14] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
Increase quarantined
[31/Jan/2012 18:40:14] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
Increasing parameter by scan result
[31/Jan/2012 18:40:14] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
PUT_VIRUS_EVENT
[31/Jan/2012 18:40:14] {avir_plugins} [ 94 ] FTP
data: VIRUS found! Resetting connection
[31/Jan/2012 18:40:14] {avir_plugins} [ 94 ] FTP data: file was moved to
quarantine as .\quarantine\ftp_120131_184014-94.tmp
[31/Jan/2012 18:40:20] {avir_plugins} [ 95 ] creating local file: .\tmp\00000095.fmp
for /ANTIVIRUS/svcagnt.exe
[31/Jan/2012 18:40:20] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
Increase scanned
[31/Jan/2012 18:40:20] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Thread:2464
[31/Jan/2012 18:40:20] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Scanning file: .\tmp\00000095.fmp ( /ANTIVIRUS/svcagnt.exe )
[31/Jan/2012 18:40:20] {avir_plugins} (PID: 236) Dr.Web for Kerio: SE
ScanResult = 1
[31/Jan/2012 18:40:20] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
Increase quarantined
[31/Jan/2012 18:40:20] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
Increasing parameter by scan result
[31/Jan/2012 18:40:20] {avir_plugins} (PID: 236) Dr.Web for Kerio: ES:
PUT_VIRUS_EVENT
[31/Jan/2012 18:40:20] {avir_plugins} [ 95 ] FTP
data: VIRUS found! Resetting connection
[31/Jan/2012 18:40:20] {avir_plugins} [ 95 ] FTP data: file was moved to
quarantine as .\quarantine\ftp_120131_184020-95.tmp
[31/Jan/2012 18:43:45] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Statistics: Riskware-Immediate = 1
[31/Jan/2012 18:43:45] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Statistics: Riskware-Daily = 1
[31/Jan/2012 18:43:45] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Statistics: Riskware-Weekly = 1
[31/Jan/2012 18:43:45] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Statistics: Scanned-Immediate = 2
[31/Jan/2012 18:43:45] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Statistics: Scanned-Daily = 2
[31/Jan/2012 18:43:45] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Statistics: Scanned-Weekly = 2
[31/Jan/2012 18:44:00] {avir_plugins} (PID: 236) Dr.Web for Kerio: Days
should past for notify about bases expiration: 1
[31/Jan/2012 18:44:00] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Days past from last update: 0
[31/Jan/2012 18:44:00] {avir_plugins} (PID: 236) Dr.Web for Kerio: It is
not time to notyfy about bases expiration!
[31/Jan/2012 18:44:00] {avir_plugins} (PID: 236) Dr.Web for Kerio:
Updater supervisor: Antivirus bases were updated!
