Hi,
I am trying to find information on the settings that are possible within Config.xml, in particular if there is any way of configuring the location of the log file.
Thanks
This thread was automatically locked due to age.
Hi,
I am trying to find information on the settings that are possible within Config.xml, in particular if there is any way of configuring the location of the log file.
Thanks
Hi Christian,
Thanks for your response, I did do a fair bit of internet searching, and even tried experimentation before deciding to post and so I was hoping that there might be someone else that had already been down the same path and had been successful.
The background to this is that I have previously been using the command line tool SAV32CLI. No updates for this tool have been released for some time now, but thankfully the tool has continued to work with all of IDE's that have been released, until recently when it has stopped working with all of the latest IDE's. As a result of this I have been looking at alternatives. one of the benefits of using SAV32CLI was that it was similar to a portable app in that it didn't leave anything behind after the scan had been completed and l was hoping that SVRT would be similar or could at least be configured to be so.
Hello Andrew,
not off-topic but you should better move this thread to the Endpoint group (you'd have to join the group first).
So you have an Endpoint license and want to run a scan occasionally (but don't want to install the full product)? Which version of sav32cli are you using (sav32cli.exe -v, redirect the output to a file)?
Christian
Hi Christian,
We are scanning machines which are not connected to our main network in the hope of making sure that they are clean.
The version of SAV32CLI.EXE we are using is dated 07/06/2016, when we run it with the -v switch we get the following output:-
Sophos Anti-Virus
Copyright (c) 1989-2015 Sophos Plc. All rights reserved.
System time 13:00:59, System date 09 March 2017
Product version : 1.01.1
Engine version : 3.55.0
Virus data version : 5.10
User interface version : 2.99.000
Platform : Win32/Intel
Released : 06 January 2015
Total viruses (with IDEs) : 8477637
Thanks Again
Andrew
Hello Andrew,
are you aware that the latest sav32cli.exe is placed in the endpoint's %ProgramFiles(x86)%\Sophos\Sophos Anti-Virus\ folder?
System time 13:05:00, System date 09 March 2017
Product version : 1.01.1Engine version : 3.68.0Virus data version : 5.37User interface version : 2.99.004Platform : Win32/IntelReleased : 07 March 2017Total viruses (with IDEs) : 12928138
This one's supposed to work.
making sure that they are clean
Is it for licensing reasons that you don't protect these machines (as you obviously fear they might contract a something)?
Christian
Hi Christian,
Firstly I am glad to hear that sav32cli.exe has been updated.
The server that receives the Sophos updates has an x86 version of Windows and so we are taking the sav32cli.exe file from the folder %ProgramFiles%\Sophos\Sophos Anti-Virus\.
We have tried running an update on the server but although this seems to behave normally it doesn't result in the file sav32cli.exe being updated.
Do you know how we might trigger an update that will result in the file sav32cli.exe being updated?
The systems we are scanning are being scanned when they are not connected to the network so that we can establish whether they have already contracted something with zero risk of this spreading to the machines that are connected to the network.
Thanks again
Andrew
Hello Andrew,
what else besides sav32cli.exe are you taking to the off-net systems?
As for off-net systems: We have some as well, they have the full product installed (and On-Access is running) and they are regularly updated with a removable medium.
Christian
Hi Christian,
The files we are taking to the off-net systems are those specified in the SAV32CLI release notes and so in addition to the IDE and VDB files we have:-
SAVI.DLL
OSDP.DLL
VEEX.DLL
VDL.DAT
As specified in the release notes these are in the same directory as the executable itself.
I will now check to see whether there are newer versions of these files on the server.
Thanks
Andrew
Hi Christian,
I have checked the server and I have found that there are newer versions of these files:-
SAVI.DLL
OSDP.DLL
VEEX.DLL
These are all dated 2/2/2017, I have updated the files in the folder.
Now when we run SAV32CLI with the -v switch we get the following output:-
Sophos Anti-Virus
Copyright (c) 1989-2015 Sophos Plc. All rights reserved.
System time 16:04:43, System date 09 March 2017
Product version : 1.01.1
Engine version : 3.67.3
Virus data version : 5.10
User interface version : 2.99.000
Platform : Win32/Intel
Released : 06 January 2015
Total viruses (with IDEs) : 8477637
The version numbers for a number of these entries look to be earlier than ones that you have and the problem still persists.
Thanks
Andrew
Hi Christian,
I have copied the IDE and VDB files SAVI.DLL, OSDP.DLL, VEEX.DLL and VDL.DAT from the server.
Now when we run SAV32CLI with the -v switch we get the following output:-
Sophos Anti-Virus
Copyright (c) 1989-2017 Sophos Plc. All rights reserved.
System time 13:03:23, System date 10 March 2017
Product version : 1.01.1
Engine version : 3.67.3
Virus data version : 5.37
User interface version : 2.99.000
Platform : Win32/Intel
Released : 07 March 2017
Total viruses (with IDEs) : 12928268
Although the version numbers for a number of these entries still look to be earlier than ones that you have I am very glad to say that the problem looks to be resolved.
Thanks Again
Andrew
Hello Andrew,
earlier than ones that you have
I was using the 10.7.2 version (sorry for the possible confusion) which has an updated (3.68) engine (as usual the Engine Release Notes are quite unspectacular). And I haven't noticed the improvements or changes with the user interface .004 [;)].
Most important is the Virus data version (it is updated monthly when new .vdbs are added.
Christian
Hello Andrew,
earlier than ones that you have
I was using the 10.7.2 version (sorry for the possible confusion) which has an updated (3.68) engine (as usual the Engine Release Notes are quite unspectacular). And I haven't noticed the improvements or changes with the user interface .004 [;)].
Most important is the Virus data version (it is updated monthly when new .vdbs are added.
Christian