open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ClamAV is an open source (GPLv2) anti-virus toolkit.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4454 Commits
40 Branches
228 Tags
220 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 730d97fb2b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '730d97fb2b'
${ noResults }
clamav/docs/html/node29.html

100 lines
3.5 KiB
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!--Converted with LaTeX2HTML 2002-2-1 (1.71)
original version by: Nikos Drakos, CBLU, University of Leeds
* revised and updated by: Marcus Hennecke, Ross Moore, Herb Swan
* with significant contributions from:
Jens Lippmann, Marek Rouchal, Martin Wilck and others -->
<HTML>
<HEAD>
<TITLE>clamscan</TITLE>
<META NAME="description" CONTENT="clamscan">
<META NAME="keywords" CONTENT="clamdoc">
<META NAME="resource-type" CONTENT="document">
<META NAME="distribution" CONTENT="global">
<META NAME="Generator" CONTENT="LaTeX2HTML v2002-2-1">
<META HTTP-EQUIV="Content-Style-Type" CONTENT="text/css">
<LINK REL="STYLESHEET" HREF="clamdoc.css">
<LINK REL="next" HREF="node30.html">
<LINK REL="previous" HREF="node28.html">
<LINK REL="up" HREF="node28.html">
<LINK REL="next" HREF="node30.html">
</HEAD>
<BODY >
<DIV CLASS="navigation"><!--Navigation Panel-->
<A NAME="tex2html565"
HREF="node30.html">
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
<A NAME="tex2html561"
HREF="node28.html">
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
<A NAME="tex2html555"
HREF="node28.html">
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
<A NAME="tex2html563"
HREF="node1.html">
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
<BR>
<B> Next:</B> <A NAME="tex2html566"
HREF="node30.html">clamd</A>
<B> Up:</B> <A NAME="tex2html562"
HREF="node28.html">Output format</A>
<B> Previous:</B> <A NAME="tex2html556"
HREF="node28.html">Output format</A>
&nbsp; <B> <A NAME="tex2html564"
HREF="node1.html">Contents</A></B>
<BR>
<BR></DIV>
<!--End of Navigation Panel-->
<H3><A NAME="SECTION00064100000000000000">
clamscan</A>
</H3>
<code>clamscan</code> writes all regular program messages to <SPAN CLASS="textbf">stdout</SPAN> and
errors/warnings to <SPAN CLASS="textbf">stderr</SPAN>. You can use the option <code>--stdout</code>
to redirect all program messages to <SPAN CLASS="textbf">stdout</SPAN>. Warnings and error
messages from <code>libclamav</code> are always printed to <SPAN CLASS="textbf">stderr</SPAN>.
A typical output from <code>clamscan</code> looks like this:
<PRE>
/tmp/test/removal-tool.exe: Worm.Sober FOUND
/tmp/test/md5.o: OK
/tmp/test/blob.c: OK
/tmp/test/message.c: OK
/tmp/test/error.hta: VBS.Inor.D FOUND
</PRE>
When a virus is found its name is printed between the <code>filename:</code> and
<code>FOUND</code> strings. In case of archives the scanner depends on libclamav
and only prints the first virus found within an archive:
<PRE>
zolw@localhost:/tmp$ clamscan malware.zip
malware.zip: Worm.Mydoom.U FOUND
</PRE>
<SPAN CLASS="textit"><SPAN CLASS="textbf">TIP:</SPAN> You can force clamscan to list all infected
files in an archive using -no-archive (this option disables
transparent decompressors built into libclamav) and enabling external
decompressors: -unzip -unrar...</SPAN>.
<BR> <PRE>
zolw@localhost:/tmp$ clamscan --no-archive --unzip malware.zip
Archive: /tmp/malware.zip
inflating: test1.exe
inflating: test2.exe
inflating: test3.exe
/tmp/clamav-77e7bfdbb2d3872b/test1.exe: Worm.Mydoom.U FOUND
/tmp/clamav-77e7bfdbb2d3872b/test2.exe: Trojan.Taskkill.A FOUND
/tmp/clamav-77e7bfdbb2d3872b/test3.exe: Worm.Nyxem.D FOUND
/tmp/malware.zip: Infected.Archive FOUND
</PRE>
<P>
<BR><HR>
<ADDRESS>
Tomasz Kojm
2008-11-26
</ADDRESS>
</BODY>
</HTML>