The daemon scans archives supported by libclamav only. Clamscan tries to scan an archive with built-in code, but when it fails it's able to switch to the external unpacker:
$ clamscan --unrar rarfail.rar /home/zolw/Clam/test/rarfail.rar: RAR module failure. UNRAR 3.00 freeware Copyright (c) 1993-2002 Eugene Roshal Extracting from /home/zolw/Clam/test/rarfail.rar Extracting test1 OK All OK /tmp/44694f5b2665d2f4/test1: ClamAV-Test-Signature FOUND /home/zolw/Clam/test/rarfail.rar: Infected Archive FOUND
clamscan supports many popular compressors - it uses external programs
for each format. If the scanner runs with superuser privileges
unpackers are executed with clamav privileges, which makes the
process far more secure. It also makes sure, that clamav user
has read access to all scanned compressed files. You should have
enabled recursive scanning with the -r option (-recursive),
if you want to scan the whole content of the archive (with subdirectories),
also all archives in archives will be recursively scanned - just everything. If files in archives are virus free the archive itself is scanned - just
for prevention (it may not be an archive). Please look at the options
below, each option has an optional argument - the absolute path to unpacker.
If it can't be found in $PATH please supply it. Because Clam
AntiVirus uses the standard GNU options format, the long options with
optional arguments, you must remember about the between option
and argument. So the proper way to supply the optional arguments is for
example -unzip=/path/to/unzip.
-unzip: You probably don't need this option, because Zip is supported
by libclamav. But if libclamav will fail to unzip some file,
it may be useful.
clamscan was tested with UnZip 5.41 of 16 April 2000,
by Info-ZIP.
-unrar: Tested with UNRAR 3.00 freeware.
-unace: It uses options supported by UNACE v1.2 public version,
not tested, but should work.
-arj: Tested with arj 3.10b.
-zoo: Tested with zoo 2.1.
-lha: Tested with LHa for Unix V 1.14e.
-jar: CA uses unzip for .jar files. Tested with UnZip 5.41
of 16 April 2000, by Info-ZIP.
-tar: This option supports non-compressed archives. Tested with
GNU tar 1.13.17.
-deb: This option supports debian binary packages. Tested with
GNU ar
2.12.90.0.14. Implies -tgz , but doesn't conflict
with -tgz=FULLPATH.
-tgz: This option supports .tar.gz and .tgz files. You need GNU
tar, on non-Linux system you probably have it as gtar
and if this is in $PATH just use -tgz=gtar or
supply the full path to this command as an argument.