I've just been testing declude.virus the past few days, and so far so good. I am having an odd issue though. After running through Decludes battery of email virus tests, all were caught, even the Eicar.zip one. Today I received several zipped files that apparently slipped through Declude line of defense. The kicker is that both scanning clients I use share the same signature file.
I use PandaSoftware's BusinesSecure as my server/workstation scanner, and the bundled CL for Declude. Granted up until now, I've never used the command line scanner, but it has picked off the Eicar.zip file, so I assume that I've configured my argument correctly. Per Declude's suggestion, and verified by the manual: SCANFILE C:\Panda\Pavcl32\PAVCL.COM /NOM /NOB /AEX /CMP /NOS /NOR /HEU VIRUSCODE 13 VIRUSCODE 16777472 Once the mail passes through Delude, upon saving the zip to my desktop, my workstation scanner detects it as W32.Netsky.Z The sig file for both are the same, so what am I doing wrong? -------------------------------------------------- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
