[clamav-users] Can clamscan report the file extension?

Rishabh Shah rishabh420 at gmail.com
Mon Mar 16 04:53:10 EDT 2015


Hi Arnaud,

I just saw your reply. It seems I didn't get the message on email due to
some odd settings.
Sure, your command is helpful to me. I issued this on a pdf file and this
is how the output looks like:

root at fwuser-virtual-machine:/home/fwuser# clamscan electricity\ bill.pdf
--debug 2>&1 | grep "Recognized"
LibClamAV debug: Recognized PDF document file
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized binary data
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized binary data
LibClamAV debug: Recognized ASCII text
LibClamAV debug: Recognized binary data
LibClamAV debug: Recognized ASCII text

In this case, should I rely on the first line of output?

Thanks,
Rishabh.

*Author: *Arnaud Jacques / SecuriteInfo.com <webmaster at securiteinfo.com>
*Date: *2015-03-12 13:14 +5.530
*To: *ClamAV users ML <clamav-users at lists.clamav.net>
*Subject: *Re: [clamav-users] Can clamscan report the file extension?
Hello Rishabh,

Le jeudi 12 mars 2015, 12:30:26 Rishabh Shah a écrit :


* > Hi Clamav Team, > > Can clamscan detect the file type/extension as
well?*

Yes. Clamav has build-in file type detection.

Try :

clamscan --debug
67792ACE824606664CE51973800D6B952CA4733CAF6F03CCF5F636768EFB39B1 2>&1|grep
"Recognized"

-- 
Best regards,



Arnaud Jacques

On Thu, Mar 12, 2015 at 12:30 PM, Rishabh Shah <rishabh420 at gmail.com> wrote:

> Hi Clamav Team,
>
> Can clamscan detect the file type/extension as well?
>
> root at fwuser-virtual-machine:/home/file_capture/tmp# clamscan
> 67792ACE824606664CE51973800D6B952CA4733CAF6F03CCF5F636768EFB39B1 --verbose
> Scanning 67792ACE824606664CE51973800D6B952CA4733CAF6F03CCF5F636768EFB39B1
> 67792ACE824606664CE51973800D6B952CA4733CAF6F03CCF5F636768EFB39B1: OK
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 3764910
> Engine version: 0.98.6
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 0.04 MB
> Data read: 0.02 MB (ratio 1.80:1)
> Time: 14.291 sec (0 m 14 s)
>
> The reason I am asking is in my case, my file name generated is SHA256 of
> the original file. I lose the file extension as well. After clamav detects
> the file as clean/virus, I need to report the file extension along with
> it's detection result.
> Thanks in advance!
>
> Regards,
> Rishabh Shah.
>



-- 
Regards,
Rishabh Shah.



More information about the clamav-users mailing list