Hi, I am a newbie, so I am unfamiliar with programming.
So, what I want to do is to only unpack malwares in specified directory and
store unpacked malwares
Currently, based on advice and manual, I wrote a simple code like this
--------------------------------------------------------
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <clamav.h>
int main(int argc, char **argv)
{
static struct cl_engine *engine = NULL;
char tempDir[100];
unsigned int sigs = 0;
const char *virname = NULL;
char file[256];
//initialize
cl_init(CL_INIT_DEFAULT);
//create Engine
if(!(engine = cl_engine_new())) {
printf("!Can't initialize antivirus engine\n");
return -1;
}
//copy temp directory
strcpy(tempDir, argv[1]);
//set the temporary dir
cl_engine_set_str(engine, CL_ENGINE_TMPDIR, tempDir);
cl_engine_set_num(engine, CL_ENGINE_KEEPTMP, 1);
//load default db
cl_load(cl_retdbdir(), engine, &sigs, CL_DB_STDOPT);
//compile engine
cl_engine_compile(engine);
//unpack
if(cl_scanfile(file, &virname, NULL, engine, CL_SCAN_PE) == CL_VIRUS)
{
printf("virus detected\n");
}
else
{
printf("no virus \n");
}
//free
cl_engine_free(engine);
return 1;
}
--------------------------------------------------------
But, its result shows "no virus" and of course no stored results for
unpacking(no file)
Could give me some advice for me?
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
