avg, appended logging (that works), and errorlevels

Discussion regarding the Standard version.
Post Reply
dreniarbs

avg, appended logging (that works), and errorlevels

Post by dreniarbs » Tue Feb 03, 2004 9:55 pm

I've created a little batch file to help avg append it's logs instead of writing over each one. here's the file i have mailenable using:

"c:\program files\grisoft\avg6\avgscan" %1 %2 %3 %4 %5 %6 /report c:\virus1.log
set dodo=%errorlevel%
copy /b /y c:\virus2.log+c:\virus1.log c:\virus.log
copy /y c:\virus.log c:\virus2.log
exit /b %dodo%

i've got the %dodo% variable because the copy commands will change the errorlevel back to 0. i've tested it out at a command prompt, i'll do an "echo %errorlevel% after running the batch file on a virus, and it'll say 6. but when i watch it in debug mode it says "returned 0"

my question is "why???"

basically all i want is for each report avg puts out to be appended to one big report so i can see exactly whats going on.

on a side note, my avg has stopped recognizing the eicar virus (avg on my workstation still does), i've uninstalled, rebooted, and reinstalled the latest download and it still ignores it. it catches this other virus file i'm using (something called psw.perfect.c), very strange.

dreniarbs

as usual, i answer my own question, partly at least

Post by dreniarbs » Tue Feb 03, 2004 10:29 pm

i pretty much just flipped the batch file around to get the proper errorlevel heres the code now:

copy /b /y c:\virus.log+c:\virus1.log c:\virus.log
"c:\program files\grisoft\avg6\avgscan" %1 %2 %3 %4 %5 %6 %7 %8 /report c:\virus1.log

it's not perfect, since the main virus.log doesn't get updated until another scan, but virus1.log contains that information. here's a sample of my virus.log:

AVG 6.0 Anti-Virus System
Copyright GRISOFT Inc. 2001
Program version 6.576, database version 365
Command line: ["C:\PROGRA~1\MAILEN~1\Scratch\AA0CEA~1.MAI\1.ATT" /ARC /NOMEM /NOHIMEM /NOSELF /NOEXPORT /report c:\virus1.log]
Testing C:\PROGRA~1\MAILEN~1\Scratch\AA0CEA~1.MAI\1.ATT serial 3C74-4381
C:\PROGRA~1\MAILEN~1\Scratch\AA0CEA~1.MAI\1.ATT Trojan horse PSW.Perfect.C


------------------------------------------------------------
Test start 2/3/2004 17:01:30
Elapsed time: 0 sec.
------------------------------------------------------------
Scanned files : 1
Scanned sectors : 3
Infected files : 1
Infected sectors : 0
------------------------------------------------------------
AVG 6.0 Anti-Virus System
Copyright GRISOFT Inc. 2001
Program version 6.576, database version 365
Command line: ["C:\PROGRA~1\MAILEN~1\Scratch\BEA1FE~1.MAI\1.ATT" /ARC /NOMEM /NOHIMEM /NOSELF /NOEXPORT /report c:\virus1.log]
Testing C:\PROGRA~1\MAILEN~1\Scratch\BEA1FE~1.MAI\1.ATT serial 3C74-4381
C:\PROGRA~1\MAILEN~1\Scratch\BEA1FE~1.MAI\1.ATT Trojan horse PSW.Perfect.C


------------------------------------------------------------
Test start 2/3/2004 17:13:32
Elapsed time: 0 sec.
------------------------------------------------------------
Scanned files : 1
Scanned sectors : 3
Infected files : 1
Infected sectors : 0
------------------------------------------------------------
AVG 6.0 Anti-Virus System
Copyright GRISOFT Inc. 2001
Program version 6.576, database version 365
Command line: ["C:\PROGRA~1\MAILEN~1\Scratch\8EC5B0~1.MAI\1.ATT" /ARC /NOMEM /NOHIMEM /NOSELF /NOEXPORT /report c:\virus1.log]
Testing C:\PROGRA~1\MAILEN~1\Scratch\8EC5B0~1.MAI\1.ATT serial 3C74-4381
C:\PROGRA~1\MAILEN~1\Scratch\8EC5B0~1.MAI\1.ATT Trojan horse PSW.Perfect.C


------------------------------------------------------------
Test start 2/3/2004 17:14:45
Elapsed time: 0 sec.
------------------------------------------------------------
Scanned files : 1
Scanned sectors : 3
Infected files : 1
Infected sectors : 0
------------------------------------------------------------

Mailenable then cleans the email and send me a notification. The only thing you have to be sure to do is create a blank file called c:\virus.log, or it'll error out . Virus's will still be cleaned, but the logs won't append.

Please post any comments or tweaks. I'm embarrassed to say this, but this is about 3 hours of work here. (last time i wrote a real batch file was when i was 12, about 15 years ago). :)

dreniarb
Posts: 316
Joined: Mon Jan 19, 2004 5:00 pm
Location: Marion, IN

Post by dreniarb » Fri Oct 08, 2004 3:40 am

Just replied to a post and suggested they use this method for virus scanning. Figured I should update this with my newest scan.bat file.

Code: Select all

TYPE c:\progra~1\mailen~1\virus1.log | find/i "identified">NUL
IF NOT ERRORLEVEL 1 copy /b /y c:\progra~1\mailen~1\virus.log+c:\progra~1\mailen~1\virus1.log c:\progra~1\mailen~1\virus.log
"c:\program files\grisoft\avg6\avgscan" %1 %2 %3 %4 %5 %6 %7 %8 /report c:\progra~1\mailen~1\virus1.log
This will only append logs that actually had detected a virus. My virus.log file was a few megs in size, full of every email scan it did. This way, only the infected emails are listed. Little bit easier to search.

Anyone know if there's a way to attach the file to the notification to the postmaster? That way they'd know what virus it was without having to look through the log file.

Kiliman
Posts: 279
Joined: Mon Feb 03, 2003 2:44 pm
Location: Chesapeake, VA

Post by Kiliman » Fri Oct 08, 2004 10:55 am

You can check out my virus scan script. It does what you're asking.

http://forum.mailenable.com/viewtopic.php?t=3605

Kiliman

Post Reply