This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What to look for in Log file?

.
Background:
Linux Ubuntu 20.04.3

sudo savscan / -all -archive -dn -pua -eec -suspicious -bs -mbr -vv * -sc -c -b -rec -f


After Sophos scan was done, summary says:
174 errors were encountered


Questions:
How to define all 174 errors?
What to look for in Log file?

Reviewing Log file:
167 of 174 (96 percent) are defined:

23 (corrupt) Could not check
12 (virus scan failed) Could not check
2 Could not open
87 Password protected files
43 appears to be a 'zip bomb' Aborted checking
---------------------------------------------------
167 defined, see above
174 errors were encountered
---------------------------------------------------
7 files unaccounted for

How to define 7 files unaccounted for?
What to look for in Log file?
Why?
To define all 174 errors.


More:
63 PUAs were discovered. (Potentially Unwanted Applications), Like:

>>> PUA 'NirCmd' (of type Other) found in file
/media/user/c_Program Files (x86)/nircmd/nircmd.exe

and

18 viruses were discovered. but all
18 viruses are fake, and
18 fake viruses were inserted on purpose to
prove in a Log file that directory was being scanned, example,

>>> Virus 'EICAR-AV-Test' found in file
/media/user/HDD1863GB/e_EicarCom/eicar.com.txt

Questions:
How to define all 174 errors?
What to look for in Log file?


--



This thread was automatically locked due to age.
Parents
  • Hi Christian,
    Thank you for answering the Question.

    FYI
    No sweep file found. (the actual scanner)

    But Found
    admin:///opt/sophos-av/lib/sav/swpmess.dat 129.4 kB (129,368 bytes)

    sudo nautilus
    /opt/sophos-av/lib/sav/swpmess.dat 129.4 kB (129,368 bytes)

    with nautilus Goto
    /opt/sophos-av/lib/sav
    open in terminal

    How to view the contents of .dat file in linux
    superuser.com/.../how-to-view-the-contents-of-dat-file-in-linux
    file swpmess.dat

    swpmess.dat: data

    gedit swpmess.dat
    2290 Lines, many Languages

    cat swpmess.dat

    Original Question
    What to look for in Log file?
    (to use grep on the Log file)

    Failed to read or invalid content read from file '%s'.
    Failed to obtain local DNS settings.
    %s
    %s [%s]
    Could not check %s (format not supported)
    Could not check %s (part of multi volume archive)
    Could not check %s (corrupt)
    Password protected file %s
    %s is compressed
    Could not open %s
    Aborted checking %s - appears to be a 'zip bomb'
    Could not check %s (virus scan failed)
    Could not check %s (InterCheck could not be disabled)
    Could not check %s
    (Sophos Anti-Virus on-access scanner cannot be disabled)
    Could not check %s (archive files nested too deeply)
    Could not check %s - invalid temporary directory
    Out of disk space checking %s - temporary directory is not large enough
    Could not check %s (out of memory)
    Could not check %s (unexpected error [0x%08lx])
    VirusVirus fragment>>> %s '%s' found in file %s
    >>> %s '%s' found in file %s [%s]
    >>> %s '%s' found in process %s (%s)
    >>> Error retrieving information on virus found in file %s
    >>> Error retrieving information on virus
    Error retrieving information on error encountered whilst checking file %s
    Error retrieving information on error encountered
    Warning: Ignoring '%s' option - superuser privileges needed

    Could not check script in %s (JavaScript emulator limit reached)
    PUAPUA secondary>>> %s '%s' (of type %s) found in %s %s
    >>> %s '%s' (of type %s) found in %s %s [%s]
    No PUAs were discovered.
    %ld PUA was discovered.
    %ld PUAs were discovered.


    --

Reply
  • Hi Christian,
    Thank you for answering the Question.

    FYI
    No sweep file found. (the actual scanner)

    But Found
    admin:///opt/sophos-av/lib/sav/swpmess.dat 129.4 kB (129,368 bytes)

    sudo nautilus
    /opt/sophos-av/lib/sav/swpmess.dat 129.4 kB (129,368 bytes)

    with nautilus Goto
    /opt/sophos-av/lib/sav
    open in terminal

    How to view the contents of .dat file in linux
    superuser.com/.../how-to-view-the-contents-of-dat-file-in-linux
    file swpmess.dat

    swpmess.dat: data

    gedit swpmess.dat
    2290 Lines, many Languages

    cat swpmess.dat

    Original Question
    What to look for in Log file?
    (to use grep on the Log file)

    Failed to read or invalid content read from file '%s'.
    Failed to obtain local DNS settings.
    %s
    %s [%s]
    Could not check %s (format not supported)
    Could not check %s (part of multi volume archive)
    Could not check %s (corrupt)
    Password protected file %s
    %s is compressed
    Could not open %s
    Aborted checking %s - appears to be a 'zip bomb'
    Could not check %s (virus scan failed)
    Could not check %s (InterCheck could not be disabled)
    Could not check %s
    (Sophos Anti-Virus on-access scanner cannot be disabled)
    Could not check %s (archive files nested too deeply)
    Could not check %s - invalid temporary directory
    Out of disk space checking %s - temporary directory is not large enough
    Could not check %s (out of memory)
    Could not check %s (unexpected error [0x%08lx])
    VirusVirus fragment>>> %s '%s' found in file %s
    >>> %s '%s' found in file %s [%s]
    >>> %s '%s' found in process %s (%s)
    >>> Error retrieving information on virus found in file %s
    >>> Error retrieving information on virus
    Error retrieving information on error encountered whilst checking file %s
    Error retrieving information on error encountered
    Warning: Ignoring '%s' option - superuser privileges needed

    Could not check script in %s (JavaScript emulator limit reached)
    PUAPUA secondary>>> %s '%s' (of type %s) found in %s %s
    >>> %s '%s' (of type %s) found in %s %s [%s]
    No PUAs were discovered.
    %ld PUA was discovered.
    %ld PUAs were discovered.


    --

Children
No Data