Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 16 replies
  • Answers 2 answers
  • Subscribers 38 subscribers
  • Views 5863 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

"Malware 'Unscannable' was detected and blocked in a download" Every Minutes

Xitey

Hi,  i've got this message every minute since yesterday.

Have you got a any idea ?



This thread was automatically locked due to age.
  • 0

    I'm on virtual appliance SFOS 19.0.1 MR-1-Build365 XG

  • 0

    There was an issue, should be fixed. See: https://community.sophos.com/sophos-xg-firewall/f/discussions/136817/malware-unscannable-was-detected-and-blocked-alert-sophos-xg-firewall---http-virus-detected

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thank you for your feedback but this solution does not work for me.

  • 0 in reply to Xitey

    Check the pattern version of your appliance. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni
    AP Firmware
    11.0.020
    -
    16:32:26, Sep 06 2022
    Success
    ATP
    1.0.0436
    -
    09:35:48, Oct 10 2022
    Success
    Avira AV
    1.0.420123
    -
    09:50:48, Oct 10 2022
    Success
    Authentication Clients
    1.0.0020
    -
    11:53:30, Mar 31 2022
    Success
    Geoip ip2country DB
    2.0.014
    -
    08:53:29, Oct 07 2022
    Success
    IPS and Application signatures
    18.19.72
    -
    16:56:54, Oct 07 2022
    Success
    Sophos Connect Clients
    2.2.000
    -
    17:05:30, Jun 27 2022
    Success
    RED Firmware
    3.0.008
    -
    08:54:18, Jul 15 2022
    Success
    Sophos AntiSpam Interface
    1.0.236
    -
    14:54:28, Oct 07 2022
    Success
    Sophos AV
    1.0.18170
    -
    09:51:44, Oct 10 2022
    Success
    SSLVPN Clients
    1.0.009
    -
    16:54:49, Dec 14 2021
    Success
  • 0 in reply to Xitey

    All patern are up to date. 

  • 0 in reply to Xitey

    Can you check the u2d.log and savi log? 

    docs.sophos.com/.../index.html

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni 

    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 u2d.log | more
DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_redfw_cv = 2.00
DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_odt_version = 1.0.006
DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_odt_cv = 1.00
DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_sasi_version = 1.0.236
DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_sasi_cv = 1.00
DEBUG     2022-10-10 16:30:54Z [23636]: --oem = Sophos
DEBUG     2022-10-10 16:30:54Z [23636]: --central_mgmt = 1.0
DEBUG     2022-10-10 16:30:54Z [23636]: --server = u2d.sophos.com
DEBUG     2022-10-10 16:30:54Z [23636]: --port = 443
DEBUG     2022-10-10 16:30:54Z [23636]: Added new server : Host - u2d.sophos.com, Port - 443
DEBUG     2022-10-10 16:30:54Z [23636]: --u2d_proto = 2.00
DEBUG     2022-10-10 16:30:54Z [23636]: Final query string is :
?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_ips_version=18.19.73&pkg_ips_type=ips_app&pkg_ips_cv=19.0&pkg_atp_version=1.0.0436&pkg_atp_cv=1.00&pkg_savi_version=1.0.18171&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.420126&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=2.0.014&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0020&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.020&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.008&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.009&pkg_sslvpn_cv=1.02&pkg_ipsec_version=2.2.000&pkg_ipsec_cv=1.00&central_mgmt=1.0&pkg_odt_version=1.0.006&pkg_odt_cv=1.00&pkg_sasi_version=1.0.236&pkg_sasi_cv=1.00&u2d_proto=2.00
DEBUG     2022-10-10 16:30:55Z [23636]: Response code : 200
DEBUG     2022-10-10 16:30:55Z [23636]: Response body :
<Up2Date/>

DEBUG     2022-10-10 16:30:55Z [23636]: Response length : 11
DEBUG     2022-10-10 16:31:25Z [23872]: --serial = C01001B3783Q7BC
DEBUG     2022-10-10 16:31:25Z [23872]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d
DEBUG     2022-10-10 16:31:25Z [23872]: --fwversion = 19.0.1.365
DEBUG     2022-10-10 16:31:25Z [23872]: --productcode = CN
DEBUG     2022-10-10 16:31:25Z [23872]: --model = SF01V
DEBUG     2022-10-10 16:31:25Z [23872]: --vendor = VM01
DEBUG     2022-10-10 16:31:25Z [23872]: --pkg_sysupdate_version = 4
DEBUG     2022-10-10 16:31:25Z [23872]: Added new server : Host - eu-west-1.u2d.sophos.com., Port - 443
DEBUG     2022-10-10 16:31:25Z [23872]: Added new server : Host - us-west-2.u2d.sophos.com., Port - 443
DEBUG     2022-10-10 16:31:25Z [23872]: Added new server : Host - ap-northeast-1.u2d.sophos.com., Port - 443
DEBUG     2022-10-10 16:31:25Z [23872]: --u2d_proto = 2.00
DEBUG     2022-10-10 16:31:25Z [23872]: Final query string is :
?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=&pkg_sysupdate_version=4&u2d_proto=2.00
DEBUG     2022-10-10 16:31:47Z [23872]: Response code : 200
DEBUG     2022-10-10 16:31:47Z [23872]: Response body :
<Up2Date/>

DEBUG     2022-10-10 16:31:47Z [23872]: Response length : 11
DEBUG     2022-10-10 16:41:32Z [26802]: --serial = C01001B3783Q7BC
DEBUG     2022-10-10 16:41:32Z [26802]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d
DEBUG     2022-10-10 16:41:32Z [26802]: --fwversion = 19.0.1.365
DEBUG     2022-10-10 16:41:32Z [26802]: --productcode = CN
DEBUG     2022-10-10 16:41:32Z [26802]: --model = SF01V
DEBUG     2022-10-10 16:41:32Z [26802]: --vendor = VM01
DEBUG     2022-10-10 16:41:32Z [26802]: --pkg_sysupdate_version = 4
DEBUG     2022-10-10 16:41:32Z [26802]: --oem = Sophos
DEBUG     2022-10-10 16:41:32Z [26802]: --central_mgmt = 1.0
DEBUG     2022-10-10 16:41:32Z [26802]: --server = u2d.sophos.com
DEBUG     2022-10-10 16:41:32Z [26802]: --port = 443
DEBUG     2022-10-10 16:41:32Z [26802]: Added new server : Host - u2d.sophos.com, Port - 443
DEBUG     2022-10-10 16:41:32Z [26802]: --u2d_proto = 2.00
DEBUG     2022-10-10 16:41:32Z [26802]: Final query string is :
?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_sysupdate_version=4&central_mgmt=1.0&u2d_proto=2.00
DEBUG     2022-10-10 16:41:33Z [26802]: Response code : 200
DEBUG     2022-10-10 16:41:33Z [26802]: Response body :
<Up2Date/>

DEBUG     2022-10-10 16:41:33Z [26802]: Response length : 11
DEBUG     2022-10-10 16:45:57Z [27992]: --serial = C01001B3783Q7BC
DEBUG     2022-10-10 16:45:57Z [27992]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d
DEBUG     2022-10-10 16:45:57Z [27992]: --fwversion = 19.0.1.365
DEBUG     2022-10-10 16:45:57Z [27992]: --productcode = CN
DEBUG     2022-10-10 16:45:57Z [27992]: --model = SF01V
DEBUG     2022-10-10 16:45:57Z [27992]: --vendor = VM01
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ips_version = 18.19.73
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ips_cv = 19.0
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ips_type = ips_app
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_atp_version = 1.0.0436
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_atp_cv = 1.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_savi_version = 1.0.18171
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_savi_cv = 1.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_avira_version = 1.0.420126
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_avira_cv = 4.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_apfw_version = 11.0.020
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_apfw_cv = 1.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_sslvpn_version = 1.0.009
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_sslvpn_cv = 1.02
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ipsec_version = 2.2.000
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ipsec_cv = 1.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_geoip_version = 2.0.014
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_geoip_cv = 1.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_clientauth_version = 1.0.0020
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_clientauth_cv = 2.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_redfw_version = 3.0.008
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_redfw_cv = 2.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_odt_version = 1.0.006
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_odt_cv = 1.00
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_sasi_version = 1.0.236
DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_sasi_cv = 1.00
DEBUG     2022-10-10 16:45:57Z [27992]: --oem = Sophos
DEBUG     2022-10-10 16:45:57Z [27992]: --central_mgmt = 1.0
DEBUG     2022-10-10 16:45:57Z [27992]: --server = u2d.sophos.com
DEBUG     2022-10-10 16:45:57Z [27992]: --port = 443
DEBUG     2022-10-10 16:45:57Z [27992]: Added new server : Host - u2d.sophos.com, Port - 443
DEBUG     2022-10-10 16:45:57Z [27992]: --u2d_proto = 2.00
DEBUG     2022-10-10 16:45:57Z [27992]: Final query string is :
?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_ips_version=18.19.73&pkg_ips_type=ips_app&pkg_ips_cv=19.0&pkg_atp_version=1.0.0436&pkg_atp_cv=1.00&pkg_savi_version=1.0.18171&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.420126&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=2.0.014&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0020&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.020&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.008&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.009&pkg_sslvpn_cv=1.02&pkg_ipsec_version=2.2.000&pkg_ipsec_cv=1.00&central_mgmt=1.0&pkg_odt_version=1.0.006&pkg_odt_cv=1.00&pkg_sasi_version=1.0.236&pkg_sasi_cv=1.00&u2d_proto=2.00
DEBUG     2022-10-10 16:45:58Z [27992]: Response code : 200
DEBUG     2022-10-10 16:45:58Z [27992]: Response body :
<Up2Date/>

    I've got no log in live log > Malware

    Thanks a lot for your help LuCar Toni Slight smile

  • 0 in reply to Xitey

    Looks fine. What about the other logs? av.log etc. 

    Can you create a support case? 

    __________________________________________________________________________________________________________________

  • +1 in reply to LuCar Toni 
    The av.log log is empty as you can see below.
I put you the avg.log logs in addition.

Is it possible to create a support case with the use of the evaluating version of sophos xg ?

    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more
SFVH_VM01_SFOS 19.0.1 MR-1-Build365# vi av.log
SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more
SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanPng                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMp3                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMpeg                  1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanWmf                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Xml                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlOdoc                    1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Hfs                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Guid                       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dmg                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Swf                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AS3                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dex                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AXml                       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Plist                      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ISO9660                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: JSEmul                     1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: LimitJSEmulation           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullMacroSweep             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullPdf                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrictPdf                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrongPdf                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: PDFUnifiedTextExtract      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullSweep                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MarkTampered               1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReport              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAll           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAddtolist     0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageDetOnly             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetection      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: UnixArchive                1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Rpm                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Saveset                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ExtensiveScan              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SampleSubmit               0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CloudSandbox               1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLEnabled                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLVeexReporting            0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VeexMiscPeTreeCbkEnabled   0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: DecomprSizeCb              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLimit             25
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLines             500
2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetectionLevel 1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxRecursionDepth          16
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxIntRecDepth             25
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BuffCacheSize              4
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxSampleSubmitSize        10240
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSuper                   2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpArchiveUnpack           2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSelfExtract             2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpExecutable              2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpInternet                2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMSOffice                2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMisc                    2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpDisinfect               2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpClean                   2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebArchive              2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebEncoding             2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: HtmlMaxExtStrmSize         104857600
2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlMaxExtStrCnt            1000000
2022-10-11 05:52:43Z :[INFO]  4 describe_config: NamespaceSupport           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAutoStop             1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnablePdfAutoStop          0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourMalware           1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourSuspicious        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: PuaDetection               0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ThreatAccumulation         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: DetectSecondaries          0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ApplicationControl         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataDir               /sdisk/savi/vdl
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataName              vdl
2022-10-11 05:52:43Z :[INFO]  4 describe_config: IdeDir                     /sdisk/savi/ide
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AllowPartialVirusData      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductMobile              1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductGateway             1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductCLI                 0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductWeb                 1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductDesktop             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductUnspecified         1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAllowedLists         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableOSSpecificLoad       0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataIntegrityChecking 0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLLiveProtection          1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLEvaluation              1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchDelay             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLTimeout                 250
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchThreadCount       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchQueueSize         200
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheEnable             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheSize               20
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheFileStub
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLDLL
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLData
2022-10-11 05:52:43Z :[INFO]  4 describe_config: LRLib
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Engine version number              : 3.85
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Extended version                   : 1
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Threat data version string(IDE)    : 5.94
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Number of detectable threats       : 75386748
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Date of threat data (D/M/Y)        : 12/7/2022

2022-10-11 05:52:44Z :[INFO]  99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning
SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanPng                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMp3                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMpeg                  1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanWmf                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Xml                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlOdoc                    1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Hfs                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Guid                       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dmg                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Swf                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AS3                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dex                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AXml                       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Plist                      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ISO9660                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: JSEmul                     1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: LimitJSEmulation           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullMacroSweep             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullPdf                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrictPdf                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrongPdf                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: PDFUnifiedTextExtract      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullSweep                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MarkTampered               1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReport              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAll           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAddtolist     0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageDetOnly             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetection      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: UnixArchive                1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Rpm                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Saveset                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ExtensiveScan              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SampleSubmit               0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CloudSandbox               1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLEnabled                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLVeexReporting            0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VeexMiscPeTreeCbkEnabled   0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: DecomprSizeCb              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLimit             25
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLines             500
2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetectionLevel 1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxRecursionDepth          16
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxIntRecDepth             25
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BuffCacheSize              4
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxSampleSubmitSize        10240
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSuper                   2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpArchiveUnpack           2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSelfExtract             2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpExecutable              2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpInternet                2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMSOffice                2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMisc                    2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpDisinfect               2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpClean                   2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebArchive              2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebEncoding             2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: HtmlMaxExtStrmSize         104857600
2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlMaxExtStrCnt            1000000
2022-10-11 05:52:43Z :[INFO]  4 describe_config: NamespaceSupport           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAutoStop             1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnablePdfAutoStop          0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourMalware           1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourSuspicious        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: PuaDetection               0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ThreatAccumulation         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: DetectSecondaries          0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ApplicationControl         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataDir               /sdisk/savi/vdl
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataName              vdl
2022-10-11 05:52:43Z :[INFO]  4 describe_config: IdeDir                     /sdisk/savi/ide
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AllowPartialVirusData      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductMobile              1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductGateway             1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductCLI                 0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductWeb                 1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductDesktop             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductUnspecified         1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAllowedLists         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableOSSpecificLoad       0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataIntegrityChecking 0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLLiveProtection          1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLEvaluation              1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchDelay             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLTimeout                 250
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchThreadCount       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchQueueSize         200
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheEnable             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheSize               20
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheFileStub
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLDLL
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLData
2022-10-11 05:52:43Z :[INFO]  4 describe_config: LRLib
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Engine version number              : 3.85
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Extended version                   : 1
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Threat data version string(IDE)    : 5.94
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Number of detectable threats       : 75386748
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Date of threat data (D/M/Y)        : 12/7/2022

2022-10-11 05:52:44Z :[INFO]  99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning
SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more
SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanPng                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMp3                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMpeg                  1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanWmf                   1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Xml                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlOdoc                    1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Hfs                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Guid                       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dmg                        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Swf                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AS3                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dex                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AXml                       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Plist                      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ISO9660                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: JSEmul                     1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: LimitJSEmulation           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullMacroSweep             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullPdf                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrictPdf                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrongPdf                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: PDFUnifiedTextExtract      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullSweep                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MarkTampered               1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReport              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAll           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAddtolist     0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageDetOnly             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetection      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: UnixArchive                1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Rpm                        1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: Saveset                    0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ExtensiveScan              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SampleSubmit               0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: CloudSandbox               1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLEnabled                  0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLVeexReporting            0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VeexMiscPeTreeCbkEnabled   0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: DecomprSizeCb              0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLimit             25
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLines             500
2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetectionLevel 1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxRecursionDepth          16
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxIntRecDepth             25
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BuffCacheSize              4
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxSampleSubmitSize        10240
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSuper                   2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpArchiveUnpack           2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSelfExtract             2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpExecutable              2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpInternet                2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMSOffice                2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMisc                    2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpDisinfect               2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpClean                   2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebArchive              2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebEncoding             2
2022-10-11 05:52:43Z :[INFO]  4 describe_config: HtmlMaxExtStrmSize         104857600
2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlMaxExtStrCnt            1000000
2022-10-11 05:52:43Z :[INFO]  4 describe_config: NamespaceSupport           0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAutoStop             1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnablePdfAutoStop          0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourMalware           1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourSuspicious        0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: PuaDetection               0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ThreatAccumulation         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: DetectSecondaries          0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ApplicationControl         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataDir               /sdisk/savi/vdl
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataName              vdl
2022-10-11 05:52:43Z :[INFO]  4 describe_config: IdeDir                     /sdisk/savi/ide
2022-10-11 05:52:43Z :[INFO]  4 describe_config: AllowPartialVirusData      0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductMobile              1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductGateway             1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductCLI                 0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductWeb                 1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductDesktop             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductUnspecified         1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAllowedLists         0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableOSSpecificLoad       0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataIntegrityChecking 0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLLiveProtection          1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLEvaluation              1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchDelay             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLTimeout                 250
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchThreadCount       1
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchQueueSize         200
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheEnable             0
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheSize               20
2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheFileStub
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLDLL
2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLData
2022-10-11 05:52:43Z :[INFO]  4 describe_config: LRLib
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Engine version number              : 3.85
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Extended version                   : 1
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Threat data version string(IDE)    : 5.94
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Number of detectable threats       : 75386748
2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Date of threat data (D/M/Y)        : 12/7/2022

2022-10-11 05:52:44Z :[INFO]  99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning

Unfiltered HTML