Re: clamscan to check dos .exe files

To: debian-user@lists.debian.org
Subject: Re: clamscan to check dos .exe files
From: Scott Ferguson <prettyfly.productions@gmail.com>
Date: Tue, 27 Dec 2011 18:40:05 +1100
Message-id: <[🔎] 4EF97655.5090505@gmail.com>
In-reply-to: <[🔎] 4ef971b6.d139e30a.2f32.ffffc22c@mx.google.com>
References: <[🔎] 4ef84f34.6551b40a.79e9.ffff844f@mx.google.com> <[🔎] 4EF853B1.7080603@gmail.com> <[🔎] 4ef971b6.d139e30a.2f32.ffffc22c@mx.google.com>

On 27/12/11 18:20, Sthu Deus wrote:
> Thank You for Your time and answer, Scott:
> 
>>> How do I scan dos .exe files w/ clamscan? Or it is impossible?
>>>
>>> I have downloaded a windos exe and want to try it w/ wine. But first
>>> I want to check it but clamscan seems does not scan it - in its
>>> statistics it shows zero data scanned.
>>>
>>>
>>> Thanks for Your time.
>>>
>>>
>> Have you run the updates?
>>
>> It should "just work". eg.:-
> 
>> scott@work:~/.cxoffice/default/drive_c/Program Files/Internet Explorer$
>> clamscan iexplore.exe
>> iexplore.exe: OK
>>
>> ----------- SCAN SUMMARY -----------
>> Known viruses: 1097623
>> Engine version: 0.97.3
>> Scanned directories: 0
>> Scanned files: 1
>> Infected files: 0
>> Data scanned: 0.02 MB
>> Data read: 0.02 MB (ratio 1.00:1)
>> Time: 10.355 sec (0 m 10 s)
> 
> Weird. For me, sometimes it does, sometimes, not:
> 
> $ clamscan INSTALL.EXE 
> ----------- SCAN SUMMARY -----------
> Known viruses: 1098882
> Engine version: 0.97.3
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 1.35 MB
> Data read: 1.34 MB (ratio 1.01:1)
> Time: 5.472 sec (0 m 5 s)
> 
> $ clamscan setup.exe
> ----------- SCAN SUMMARY -----------
> Known viruses: 1098882
> Engine version: 0.97.3
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 0.00 MB
> Data read: 203.75 MB (ratio 0.00:1)
> Time: 5.209 sec (0 m 5 s)
> 
> Do You know if it scans for viruses in FLAC / video - format files?
> 
> 
It will scan multimedia files (if you mean - for virus).

I don't think it does Data Loss Protection (structured) scans by default
though - check your settings.

By default heuristics and phishing scans is off. I don't know if flac is
capable of being used to download malicious code but you could alway
enable phishing scans and try piping the flac through clamscan.

Best ask those questions of clamav:-
http://www.clamav.net/lang/en/ml/



Cheers

-- 
Iceweasel/Firefox extensions for finding answers to Debian questions:-
https://addons.mozilla.org/en-US/firefox/collections/Scott_Ferguson/debian/

Reply to:

References:
- clamscan to check dos .exe files
  - From: Sthu Deus <sthu.deus@gmail.com>
- Re: clamscan to check dos .exe files
  - From: Scott Ferguson <prettyfly.productions@gmail.com>
- Re: clamscan to check dos .exe files
  - From: Sthu Deus <sthu.deus@gmail.com>

Prev by Date: Re: clamscan to check dos .exe files
Next by Date: Re: Dell Latitude E6410 - Upgrading to Backports Kernel
Previous by thread: Re: clamscan to check dos .exe files
Next by thread: port direction definition
Index(es):
- Date
- Thread