next up previous
Next: OpenAntiVirus Update Up: Usage Previous: Archives and compressed files

Output format

clamscan writes all messages (only help is written to stdout by default) to stderr. In some situations you may want to redirect it to stdout with -stdout. stdout in contrast to stderr is buffered, that's why clamscan flushes this buffer after each message, to prevent the creation of trashes on the output. During scanning it writes something like this:
	/TEST/test: OK
	/TEST/Makefile: OK
	/TEST/getopt.c: OK
	/TEST/virfile: Phantom #1 FOUND
When a virus is found, its name is printed between filename: and FOUND. The example below shows scanning zip files in the current directory (/TEST), with the command clamscan -r -unzip:
	Archive:  /TEST/virii.zip
	 extracting: ph                      
	  inflating: others.c                
	  inflating: others.h                
	 extracting: vir.zip                 
	/tmp/a85793d0a566631f/ph: Phantom #1 FOUND
	/tmp/a85793d0a566631f/others.c: OK
	/tmp/a85793d0a566631f/others.h: OK
	Archive:  /tmp/a85793d0a566631f/vir.zip
	 extracting: nan                    
	  inflating: options.c               
	  inflating: options.h               
	/tmp/0521ea0370ad3c49/anke: OK
	/tmp/0521ea0370ad3c49/options.c: OK
	/tmp/0521ea0370ad3c49/options.h: OK
	/tmp/a85793d0a566631f/vir.zip: OK
	/TEST/virii.zip: Infected Archive FOUND

As you can see, zip files inside the zip file were scanned. If a virus is found in the (compressed) archive, it's noticed with Infected Archive. Infected archives are not counted as infected files - just files in them are. After scanning you should see Scan summary (it may be disabled with -disable-summary. It looks like:

	----------- SCAN SUMMARY -----------
	Known viruses: 1773
	Scanned directories: 18
	Scanned files: 172
	Data scanned: 31.33 Mb
	Infected files: 9
	I/O buffer size: 131072 bytes
	Time: 5.068 sec (0 m 5 s)



Tomasz Kojm 2002-08-22