clamscan
command-line virus scanner
TLDR
SYNOPSIS
clamscan [options] [file|directory...]
DESCRIPTION
clamscan is a standalone command-line virus scanner from the ClamAV antivirus suite. It scans files and directories for viruses, trojans, malware, and other threats using the ClamAV signature database.Each invocation loads the full virus database into memory, which makes it suitable for one-off scans but slower for repeated use. For high-volume or frequent scanning, the daemon-based clamdscan is preferred as it avoids the database reload overhead.clamscan supports recursive directory scanning, pattern-based file inclusion and exclusion, configurable size limits, and various actions for infected files including removal, quarantine (move), and copying. Scan results can be logged to a file for audit purposes.
PARAMETERS
-r, --recursive
Scan directories recursively-i, --infected
Only print infected files-o, --suppress-ok-results
Don't print clean files--remove[=yes/no]
Remove infected files (dangerous; disabled by default)--move=dir
Move infected files to directory--copy=dir
Copy infected files to directory-l file, --log=file
Write scan report to file-d path, --database=path
Load virus signatures from file or directory--exclude=REGEX
Skip files matching the regex pattern--exclude-dir=REGEX
Skip directories matching the regex--include=REGEX
Only scan files matching the regex--include-dir=REGEX
Only enter directories matching the regex--max-filesize=size
Skip files larger than size--max-scansize=size
Maximum data scanned per container--bell
Sound an audible alert on detection--detect-pua[=yes/no]
Detect potentially unwanted applications--quiet
Only print error messages--no-summary
Suppress the final scan summary-v, --verbose
Verbose output--version
Print version information
DATABASE UPDATE
Update signatures before scanning:
CAVEATS
--remove is dangerous due to false positives. Use --move or --copy instead. Single-threaded by default. For multi-threaded scanning, use clamdscan with clamd daemon.