I read way down the list of issues but could not find this. Thus I may have cause this problem for myself.

CHADD is just converting to BPP. It has been runing 10 days. Each day it reports the same number of virus found on the same server.

I would expect it to report them one day and the next day for the report to show no virus.

I will be happy to send copies of the reports. But here are the significant details on three random dates from the “Computers infected in the last 24 hours” report:

12/8/2011 SQLSERV 6 Servers CHADD Servers
DIS01 4 Default group Default settings for remote avast! clients.

12/4/2011 SQLSERV 6 Servers CHADD Servers
DIS01 4 Default group Default settings for remote avast! clients.

12/1/2011 SQLSERV 6 Servers CHADD Servers
DIS01 4 Default group Default settings for remote avast! clients.

These are the virus being reported as taken from the “Malware detected in last 24 hours” report.

Malware Name Count Computer Name Last Communication

Win32:Trojano-TT [Trj] 4 DIS01 12/8/2011 4:05:55 AM

Win32:Trojan-gen 2 SQLSERV 12/8/2011 4:28:15 AM

Win32:VBbot-N [Trj] 1 SQLSERV 12/8/2011 4:29:56 AM

BV:KillAV-BS [Trj] 1 SQLSERV 12/8/2011 4:27:58 AM

BV:NoShare-H 1 SQLSERV 12/8/2011 4:29:26 AM

Win32:Subot-C [Trj] 1 SQLSERV 12/8/2011 4:26:31 AM

I did look at the scan configuration at it is set to “Remove” the virus.

What am I going wrong?

Thanks,
Dalton Williams
IT Administrator
CHADD, Inc. (Children and Adults with Attention-Deficit/Hyperactivity Disorder
8181 Professional Place
Landover, MD 29785
Phone 240 487-2320

I see a lot of people have read this… Any Ideas on what I am doing wrong???

Hi,
is it possible to send us debug log from the client and server as well? If you don’t know how to enable it or where you can find such information, please let us know. Plus, if it’s possible could you please send us the reports from various days? This problem can be caused by various reasons - e.g. incorrect status of results on the server, problem in reports, etc. So we need more info for getting closer to the issue. Thanks, and sorry for any inconvenience, Pavel Sedina

Hello Pavels,

If you would please send me instructins of how to capture the information you need to my forum e-mail address, I will collect the information and get it off to you.

The problem is quickly getting out of hand. I tried to attach a report here for you to see how quickly this is multiplying but on posting it gives me an error that the report file is two large.

Basically the number of infrctions on our SQL Server is now more than 160 with the total number of infections approaching 300 on all systems.

Your immediate help will be greately appreciated
Dalton Williams
CHADD

Hi,
could you go to “ADMIN > Settings”, choose Troubleshooting, and press “Download troubleshooting package”. And then upload the zip with your data to avast incoming FTP (ftp://ftp.avast.com/incoming/).

i am haing the same problem. I have a virus file on my server. the scanner detects it, logs it, but does not remove it. a week later, it doers a full scan again, and finds it again, and lgs it again. i finally had to manually go into the logs, and select the virus and then choose the action to move to chest, and apply. it then moved it to the chest. this shouold be automatic, as my server AV settings are by defualt “move to chest,” then action 2 is “delete”; then action 3 is “nothing”.

SBS 2003, BPP.

I think i found the problem:
Yes, the Server and Client settings are set to “Actions > Move to Chest”.
But the BPP Console settings on the Scheduled Scna, Full Scan, are NOT set.
So here is how I permanently fixed the problem:
Start the BPP Console; Click Jobs; > Scheduler; Click Full System Scan; Select “More Details”; Select Settings;.

Click Details> Actions> Select “Automatically Apply Actions”. For each Tab (Virus, PUP, Suspicious), Select “Move to Chest”.
Click “Save”.

All done. now it will work as intended.

We are in the 30 day evaluation period. 15 days to go and I need to purchase 5 server and 25 work station licneses, but will not do so until this works!

lukas

Sorry to be so dumb, but the link to upload the dump does not work. I downloaded FileZilla and tried to connect to avast.com/incoming/ and do not connect. Can you give me a little more help. Thanks, Dalton

dodd

I was sure that I had “Automatically Apply Actions” when I setup the scans for our organization. To make sure, checked and confirmed that “Automatically Apply Actions” is checked and the action for Virus is set to “Remove” and everything else is “Move to chest”

Thanks Lucas and Dodd for you help.
Dalton Williams
IT Manager
Children and Adlults with Attention-Deficit/Hyperactivity Disorder
Washington, DC USA
240 487-2330

the link should be: ftp.avast.com/incoming/
the incoming folder looks empty, because the only thing you can do there is upload.

in filezilla you can enter my link in the HOST field and click connect and it works fine…

Ok I get it to connect. But I can not get FileZilla to let me upload the log files. I am sorry for being so clueless, but I have never used FTP.

Below is the FileZilla connection log.

Status: Resolving address of ftp.avast.com
Status: Connecting to 91.213.143.4:21…
Status: Connection established, waiting for welcome message…
Response: 220 Welcome on ftp.avast.com.
Command: USER anonymous
Response: 331 Please specify the password.
Command: PASS **************
Response: 230 Login successful.
Status: Connected
Status: Retrieving directory listing…
Command: PWD
Response: 257 “/”
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PORT 207,188,193,178,196,71
Response: 200 PORT command successful. Consider using PASV.
Command: LIST
Error: Connection timed out
Error: Failed to retrieve directory listing

In filezilla click on EDIT and choose SETTINGS

under CONNECTION there is the option FTP, click on it
then you have the option to choose for PASSIVE or ACTIVE in the TRANSFER MODE

im assuming that yours is set to active so set it to PASSIVE.

the directory listing of the INCOMING directory is empty tho, because avast doesnt allow (security reasons) to see the uploaded files

Hi,

I have just spent the another hour trying to upload the dump file. I have been trying to get this to you for almost a week now.

I have been using your software for my home computers for over 10 years without a single problem. With that in mind I convinced the organization I work for to not renew our Trend Data anti-virus and installed yours.

We have only 8 days left on our demo and have yet to make it work NOW. I have tried six different FTP programs to try to upload the dump file so you can diagnose the problem. I can’t get that to work. If you want CHADD to purchase your software (and that is my preference) then we have to fix this on December 22 your time. Send me an e-mail address where I can upload the file you need or lets do a logmein session on my computer or someting.

I MUST GET THIS RESOLVED NOW.

Sincerely,
Dalton W. Williams
CIO CHADD, Inc.
dalton_williams@chadd.org
USA Phone +240.487.2320

Dear All,

I have create the FTP server, you all may use to ftp to 114.199.89.196 with username avastforum and password avastforum

hope it can help chadd

And what shall he/we do there…???

TO SPI

Thank you very much. I was able to easily transfer the file to the site you setup.
Please pass that on to Avast.
Thank you!!!
Dalton

Hi Lukas,
the log is upload already you can get it by ftp

wish it will help avast team to get the file soon

@Asyn just help chadd communicate with avast team and no ftp issue anymore

I also upload the chadd dump file to ftp://ftp.avast.com/incoming/

I see.