[clamav-users] Can clamscan report the file extension?
Rishabh Shah
rishabh420 at gmail.com
Mon Mar 16 04:53:10 EDT 2015
Hi Arnaud,
I just saw your reply. It seems I didn't get the message on email due to
some odd settings.
Sure, your command is helpful to me. I issued this on a pdf file and this
is how the output looks like:
root at fwuser-virtual-machine:/home/fwuser# clamscan electricity\ bill.pdf
--debug 2>&1 | grep "Recognized"
LibClamAV debug: Recognized PDF document file
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized binary data
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized binary data
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized binary data
LibClamAV debug: Recognized ASCII text
In this case, should I rely on the first line of output?
Thanks,
Rishabh.
*Author: *Arnaud Jacques / SecuriteInfo.com <webmaster at securiteinfo.com>
*Date: *2015-03-12 13:14 +5.530
*To: *ClamAV users ML <clamav-users at lists.clamav.net>
*Subject: *Re: [clamav-users] Can clamscan report the file extension?
Hello Rishabh,
Le jeudi 12 mars 2015, 12:30:26 Rishabh Shah a écrit :
* > Hi Clamav Team, > > Can clamscan detect the file type/extension as
well?*
Yes. Clamav has build-in file type detection.
Try :
clamscan --debug
67792ACE824606664CE51973800D6B952CA4733CAF6F03CCF5F636768EFB39B1 2>&1|grep
"Recognized"
--
Best regards,
Arnaud Jacques
On Thu, Mar 12, 2015 at 12:30 PM, Rishabh Shah <rishabh420 at gmail.com> wrote:
> Hi Clamav Team,
>
> Can clamscan detect the file type/extension as well?
>
> root at fwuser-virtual-machine:/home/file_capture/tmp# clamscan
> 67792ACE824606664CE51973800D6B952CA4733CAF6F03CCF5F636768EFB39B1 --verbose
> Scanning 67792ACE824606664CE51973800D6B952CA4733CAF6F03CCF5F636768EFB39B1
> 67792ACE824606664CE51973800D6B952CA4733CAF6F03CCF5F636768EFB39B1: OK
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 3764910
> Engine version: 0.98.6
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 0.04 MB
> Data read: 0.02 MB (ratio 1.80:1)
> Time: 14.291 sec (0 m 14 s)
>
> The reason I am asking is in my case, my file name generated is SHA256 of
> the original file. I lose the file extension as well. After clamav detects
> the file as clean/virus, I need to report the file extension along with
> it's detection result.
> Thanks in advance!
>
> Regards,
> Rishabh Shah.
>
--
Regards,
Rishabh Shah.
More information about the clamav-users
mailing list