Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

"Malware 'Unscannable' was detected and blocked in a download" Every Minutes

Hi,  i've got this message every minute since yesterday.

Have you got a any idea ?



This thread was automatically locked due to age.
  • I'm on virtual appliance SFOS 19.0.1 MR-1-Build365 XG

  • __________________________________________________________________________________________________________________

  • Thank you for your feedback but this solution does not work for me.

  • Check the pattern version of your appliance. 

    __________________________________________________________________________________________________________________

  • AP Firmware
    11.0.020
    -
    16:32:26, Sep 06 2022
    Success
    ATP
    1.0.0436
    -
    09:35:48, Oct 10 2022
    Success
    Avira AV
    1.0.420123
    -
    09:50:48, Oct 10 2022
    Success
    Authentication Clients
    1.0.0020
    -
    11:53:30, Mar 31 2022
    Success
    Geoip ip2country DB
    2.0.014
    -
    08:53:29, Oct 07 2022
    Success
    IPS and Application signatures
    18.19.72
    -
    16:56:54, Oct 07 2022
    Success
    Sophos Connect Clients
    2.2.000
    -
    17:05:30, Jun 27 2022
    Success
    RED Firmware
    3.0.008
    -
    08:54:18, Jul 15 2022
    Success
    Sophos AntiSpam Interface
    1.0.236
    -
    14:54:28, Oct 07 2022
    Success
    Sophos AV
    1.0.18170
    -
    09:51:44, Oct 10 2022
    Success
    SSLVPN Clients
    1.0.009
    -
    16:54:49, Dec 14 2021
    Success
  • All patern are up to date. 

  • Can you check the u2d.log and savi log? 

    docs.sophos.com/.../index.html

    __________________________________________________________________________________________________________________

  • SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 u2d.log | more
    DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_redfw_cv = 2.00
    DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_odt_version = 1.0.006
    DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_odt_cv = 1.00
    DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_sasi_version = 1.0.236
    DEBUG     2022-10-10 16:30:54Z [23636]: --pkg_sasi_cv = 1.00
    DEBUG     2022-10-10 16:30:54Z [23636]: --oem = Sophos
    DEBUG     2022-10-10 16:30:54Z [23636]: --central_mgmt = 1.0
    DEBUG     2022-10-10 16:30:54Z [23636]: --server = u2d.sophos.com
    DEBUG     2022-10-10 16:30:54Z [23636]: --port = 443
    DEBUG     2022-10-10 16:30:54Z [23636]: Added new server : Host - u2d.sophos.com, Port - 443
    DEBUG     2022-10-10 16:30:54Z [23636]: --u2d_proto = 2.00
    DEBUG     2022-10-10 16:30:54Z [23636]: Final query string is :
    ?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_ips_version=18.19.73&pkg_ips_type=ips_app&pkg_ips_cv=19.0&pkg_atp_version=1.0.0436&pkg_atp_cv=1.00&pkg_savi_version=1.0.18171&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.420126&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=2.0.014&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0020&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.020&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.008&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.009&pkg_sslvpn_cv=1.02&pkg_ipsec_version=2.2.000&pkg_ipsec_cv=1.00&central_mgmt=1.0&pkg_odt_version=1.0.006&pkg_odt_cv=1.00&pkg_sasi_version=1.0.236&pkg_sasi_cv=1.00&u2d_proto=2.00
    DEBUG     2022-10-10 16:30:55Z [23636]: Response code : 200
    DEBUG     2022-10-10 16:30:55Z [23636]: Response body :
    <Up2Date/>
    
    DEBUG     2022-10-10 16:30:55Z [23636]: Response length : 11
    DEBUG     2022-10-10 16:31:25Z [23872]: --serial = C01001B3783Q7BC
    DEBUG     2022-10-10 16:31:25Z [23872]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d
    DEBUG     2022-10-10 16:31:25Z [23872]: --fwversion = 19.0.1.365
    DEBUG     2022-10-10 16:31:25Z [23872]: --productcode = CN
    DEBUG     2022-10-10 16:31:25Z [23872]: --model = SF01V
    DEBUG     2022-10-10 16:31:25Z [23872]: --vendor = VM01
    DEBUG     2022-10-10 16:31:25Z [23872]: --pkg_sysupdate_version = 4
    DEBUG     2022-10-10 16:31:25Z [23872]: Added new server : Host - eu-west-1.u2d.sophos.com., Port - 443
    DEBUG     2022-10-10 16:31:25Z [23872]: Added new server : Host - us-west-2.u2d.sophos.com., Port - 443
    DEBUG     2022-10-10 16:31:25Z [23872]: Added new server : Host - ap-northeast-1.u2d.sophos.com., Port - 443
    DEBUG     2022-10-10 16:31:25Z [23872]: --u2d_proto = 2.00
    DEBUG     2022-10-10 16:31:25Z [23872]: Final query string is :
    ?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=&pkg_sysupdate_version=4&u2d_proto=2.00
    DEBUG     2022-10-10 16:31:47Z [23872]: Response code : 200
    DEBUG     2022-10-10 16:31:47Z [23872]: Response body :
    <Up2Date/>
    
    DEBUG     2022-10-10 16:31:47Z [23872]: Response length : 11
    DEBUG     2022-10-10 16:41:32Z [26802]: --serial = C01001B3783Q7BC
    DEBUG     2022-10-10 16:41:32Z [26802]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d
    DEBUG     2022-10-10 16:41:32Z [26802]: --fwversion = 19.0.1.365
    DEBUG     2022-10-10 16:41:32Z [26802]: --productcode = CN
    DEBUG     2022-10-10 16:41:32Z [26802]: --model = SF01V
    DEBUG     2022-10-10 16:41:32Z [26802]: --vendor = VM01
    DEBUG     2022-10-10 16:41:32Z [26802]: --pkg_sysupdate_version = 4
    DEBUG     2022-10-10 16:41:32Z [26802]: --oem = Sophos
    DEBUG     2022-10-10 16:41:32Z [26802]: --central_mgmt = 1.0
    DEBUG     2022-10-10 16:41:32Z [26802]: --server = u2d.sophos.com
    DEBUG     2022-10-10 16:41:32Z [26802]: --port = 443
    DEBUG     2022-10-10 16:41:32Z [26802]: Added new server : Host - u2d.sophos.com, Port - 443
    DEBUG     2022-10-10 16:41:32Z [26802]: --u2d_proto = 2.00
    DEBUG     2022-10-10 16:41:32Z [26802]: Final query string is :
    ?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_sysupdate_version=4&central_mgmt=1.0&u2d_proto=2.00
    DEBUG     2022-10-10 16:41:33Z [26802]: Response code : 200
    DEBUG     2022-10-10 16:41:33Z [26802]: Response body :
    <Up2Date/>
    
    DEBUG     2022-10-10 16:41:33Z [26802]: Response length : 11
    DEBUG     2022-10-10 16:45:57Z [27992]: --serial = C01001B3783Q7BC
    DEBUG     2022-10-10 16:45:57Z [27992]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d
    DEBUG     2022-10-10 16:45:57Z [27992]: --fwversion = 19.0.1.365
    DEBUG     2022-10-10 16:45:57Z [27992]: --productcode = CN
    DEBUG     2022-10-10 16:45:57Z [27992]: --model = SF01V
    DEBUG     2022-10-10 16:45:57Z [27992]: --vendor = VM01
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ips_version = 18.19.73
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ips_cv = 19.0
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ips_type = ips_app
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_atp_version = 1.0.0436
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_atp_cv = 1.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_savi_version = 1.0.18171
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_savi_cv = 1.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_avira_version = 1.0.420126
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_avira_cv = 4.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_apfw_version = 11.0.020
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_apfw_cv = 1.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_sslvpn_version = 1.0.009
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_sslvpn_cv = 1.02
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ipsec_version = 2.2.000
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_ipsec_cv = 1.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_geoip_version = 2.0.014
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_geoip_cv = 1.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_clientauth_version = 1.0.0020
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_clientauth_cv = 2.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_redfw_version = 3.0.008
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_redfw_cv = 2.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_odt_version = 1.0.006
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_odt_cv = 1.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_sasi_version = 1.0.236
    DEBUG     2022-10-10 16:45:57Z [27992]: --pkg_sasi_cv = 1.00
    DEBUG     2022-10-10 16:45:57Z [27992]: --oem = Sophos
    DEBUG     2022-10-10 16:45:57Z [27992]: --central_mgmt = 1.0
    DEBUG     2022-10-10 16:45:57Z [27992]: --server = u2d.sophos.com
    DEBUG     2022-10-10 16:45:57Z [27992]: --port = 443
    DEBUG     2022-10-10 16:45:57Z [27992]: Added new server : Host - u2d.sophos.com, Port - 443
    DEBUG     2022-10-10 16:45:57Z [27992]: --u2d_proto = 2.00
    DEBUG     2022-10-10 16:45:57Z [27992]: Final query string is :
    ?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_ips_version=18.19.73&pkg_ips_type=ips_app&pkg_ips_cv=19.0&pkg_atp_version=1.0.0436&pkg_atp_cv=1.00&pkg_savi_version=1.0.18171&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.420126&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=2.0.014&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0020&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.020&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.008&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.009&pkg_sslvpn_cv=1.02&pkg_ipsec_version=2.2.000&pkg_ipsec_cv=1.00&central_mgmt=1.0&pkg_odt_version=1.0.006&pkg_odt_cv=1.00&pkg_sasi_version=1.0.236&pkg_sasi_cv=1.00&u2d_proto=2.00
    DEBUG     2022-10-10 16:45:58Z [27992]: Response code : 200
    DEBUG     2022-10-10 16:45:58Z [27992]: Response body :
    <Up2Date/>
    
    

    I've got no log in live log > Malware

    Thanks a lot for your help LuCar Toni Slight smile

  • Looks fine. What about the other logs? av.log etc. 

    Can you create a support case? 

    __________________________________________________________________________________________________________________

  • The av.log log is empty as you can see below.
    I put you the avg.log logs in addition.
    
    Is it possible to create a support case with the use of the evaluating version of sophos xg ?

    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more
    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# vi av.log
    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more
    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanPng                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMp3                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMpeg                  1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanWmf                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Xml                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlOdoc                    1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Hfs                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Guid                       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dmg                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Swf                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AS3                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dex                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AXml                       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Plist                      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ISO9660                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: JSEmul                     1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: LimitJSEmulation           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullMacroSweep             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullPdf                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrictPdf                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrongPdf                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: PDFUnifiedTextExtract      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullSweep                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MarkTampered               1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReport              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAll           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAddtolist     0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageDetOnly             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetection      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: UnixArchive                1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Rpm                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Saveset                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ExtensiveScan              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SampleSubmit               0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CloudSandbox               1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLEnabled                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLVeexReporting            0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VeexMiscPeTreeCbkEnabled   0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: DecomprSizeCb              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLimit             25
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLines             500
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetectionLevel 1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxRecursionDepth          16
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxIntRecDepth             25
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BuffCacheSize              4
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxSampleSubmitSize        10240
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSuper                   2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpArchiveUnpack           2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSelfExtract             2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpExecutable              2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpInternet                2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMSOffice                2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMisc                    2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpDisinfect               2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpClean                   2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebArchive              2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebEncoding             2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: HtmlMaxExtStrmSize         104857600
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlMaxExtStrCnt            1000000
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: NamespaceSupport           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAutoStop             1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnablePdfAutoStop          0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourMalware           1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourSuspicious        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: PuaDetection               0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ThreatAccumulation         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: DetectSecondaries          0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ApplicationControl         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataDir               /sdisk/savi/vdl
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataName              vdl
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: IdeDir                     /sdisk/savi/ide
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AllowPartialVirusData      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductMobile              1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductGateway             1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductCLI                 0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductWeb                 1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductDesktop             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductUnspecified         1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAllowedLists         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableOSSpecificLoad       0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataIntegrityChecking 0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLLiveProtection          1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLEvaluation              1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchDelay             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLTimeout                 250
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchThreadCount       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchQueueSize         200
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheEnable             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheSize               20
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheFileStub
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLDLL
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLData
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: LRLib
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Engine version number              : 3.85
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Extended version                   : 1
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Threat data version string(IDE)    : 5.94
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Number of detectable threats       : 75386748
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Date of threat data (D/M/Y)        : 12/7/2022
    
    2022-10-11 05:52:44Z :[INFO]  99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning
    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanPng                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMp3                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMpeg                  1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanWmf                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Xml                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlOdoc                    1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Hfs                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Guid                       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dmg                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Swf                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AS3                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dex                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AXml                       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Plist                      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ISO9660                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: JSEmul                     1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: LimitJSEmulation           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullMacroSweep             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullPdf                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrictPdf                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrongPdf                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: PDFUnifiedTextExtract      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullSweep                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MarkTampered               1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReport              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAll           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAddtolist     0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageDetOnly             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetection      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: UnixArchive                1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Rpm                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Saveset                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ExtensiveScan              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SampleSubmit               0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CloudSandbox               1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLEnabled                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLVeexReporting            0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VeexMiscPeTreeCbkEnabled   0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: DecomprSizeCb              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLimit             25
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLines             500
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetectionLevel 1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxRecursionDepth          16
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxIntRecDepth             25
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BuffCacheSize              4
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxSampleSubmitSize        10240
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSuper                   2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpArchiveUnpack           2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSelfExtract             2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpExecutable              2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpInternet                2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMSOffice                2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMisc                    2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpDisinfect               2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpClean                   2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebArchive              2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebEncoding             2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: HtmlMaxExtStrmSize         104857600
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlMaxExtStrCnt            1000000
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: NamespaceSupport           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAutoStop             1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnablePdfAutoStop          0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourMalware           1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourSuspicious        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: PuaDetection               0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ThreatAccumulation         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: DetectSecondaries          0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ApplicationControl         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataDir               /sdisk/savi/vdl
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataName              vdl
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: IdeDir                     /sdisk/savi/ide
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AllowPartialVirusData      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductMobile              1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductGateway             1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductCLI                 0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductWeb                 1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductDesktop             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductUnspecified         1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAllowedLists         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableOSSpecificLoad       0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataIntegrityChecking 0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLLiveProtection          1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLEvaluation              1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchDelay             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLTimeout                 250
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchThreadCount       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchQueueSize         200
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheEnable             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheSize               20
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheFileStub
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLDLL
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLData
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: LRLib
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Engine version number              : 3.85
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Extended version                   : 1
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Threat data version string(IDE)    : 5.94
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Number of detectable threats       : 75386748
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Date of threat data (D/M/Y)        : 12/7/2022
    
    2022-10-11 05:52:44Z :[INFO]  99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning
    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more
    SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanPng                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMp3                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanMpeg                  1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CleanWmf                   1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Xml                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlOdoc                    1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Hfs                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Guid                       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dmg                        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Swf                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AS3                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Dex                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AXml                       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Plist                      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ISO9660                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: JSEmul                     1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: LimitJSEmulation           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullMacroSweep             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullPdf                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrictPdf                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StrongPdf                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: PDFUnifiedTextExtract      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: FullSweep                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MarkTampered               1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReport              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAll           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageReportAddtolist     0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: StorageDetOnly             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetection      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: UnixArchive                1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Rpm                        1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: Saveset                    0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ExtensiveScan              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SampleSubmit               0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: CloudSandbox               1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLEnabled                  0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLVeexReporting            0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VeexMiscPeTreeCbkEnabled   0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: DecomprSizeCb              0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLimit             25
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MimeEmbedLines             500
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: TrueFileTypeDetectionLevel 1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxRecursionDepth          16
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxIntRecDepth             25
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BuffCacheSize              4
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MaxSampleSubmitSize        10240
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSuper                   2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpArchiveUnpack           2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpSelfExtract             2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpExecutable              2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpInternet                2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMSOffice                2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpMisc                    2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpDisinfect               2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpClean                   2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebArchive              2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: GrpWebEncoding             2
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: HtmlMaxExtStrmSize         104857600
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: XmlMaxExtStrCnt            1000000
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: NamespaceSupport           0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAutoStop             1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnablePdfAutoStop          0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourMalware           1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: BehaviourSuspicious        0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: PuaDetection               0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ThreatAccumulation         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: DetectSecondaries          0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ApplicationControl         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataDir               /sdisk/savi/vdl
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataName              vdl
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: IdeDir                     /sdisk/savi/ide
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: AllowPartialVirusData      0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductMobile              1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductGateway             1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductCLI                 0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductWeb                 1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductDesktop             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: ProductUnspecified         1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableAllowedLists         0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: EnableOSSpecificLoad       0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: VirusDataIntegrityChecking 0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLLiveProtection          1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLEvaluation              1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchDelay             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLTimeout                 250
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchThreadCount       1
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLAsynchQueueSize         200
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheEnable             0
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheSize               20
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: SXLCacheFileStub
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLDLL
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: MLData
    2022-10-11 05:52:43Z :[INFO]  4 describe_config: LRLib
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Engine version number              : 3.85
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Extended version                   : 1
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Threat data version string(IDE)    : 5.94
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Number of detectable threats       : 75386748
    2022-10-11 05:52:43Z :[INFO]  4 display_sophos_version: Date of threat data (D/M/Y)        : 12/7/2022
    
    2022-10-11 05:52:44Z :[INFO]  99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning