LinuxCommandLibrary
GitHub F-Droid Google Play Store

clamscan

command-line virus scanner

TLDR

Scan single file
$ clamscan [file]
copy
Scan directory recursively
$ clamscan -r [/path/to/dir]
copy
Show only infected files
$ clamscan -ri [/path/to/dir]
copy
Move infected files
$ clamscan -r --move=[/quarantine] [/path/to/scan]
copy
Remove infected files
$ clamscan -r --remove [/path/to/scan]
copy
Scan and log results
$ clamscan -r -l [scan.log] [/path/to/dir]
copy
Exclude directory
$ clamscan -r --exclude-dir=[backup] [/home]
copy

SYNOPSIS

clamscan [options] [file|directory...]

DESCRIPTION

clamscan is a standalone command-line virus scanner from the ClamAV antivirus suite. It scans files and directories for viruses, trojans, malware, and other threats using the ClamAV signature database.Each invocation loads the full virus database into memory, which makes it suitable for one-off scans but slower for repeated use. For high-volume or frequent scanning, the daemon-based clamdscan is preferred as it avoids the database reload overhead.clamscan supports recursive directory scanning, pattern-based file inclusion and exclusion, configurable size limits, and various actions for infected files including removal, quarantine (move), and copying. Scan results can be logged to a file for audit purposes.

PARAMETERS

-r, --recursive

Scan directories recursively
-i, --infected
Only print infected files
-o, --suppress-ok-results
Don't print clean files
--remove[=yes/no]
Remove infected files (dangerous; disabled by default)
--move=dir
Move infected files to directory
--copy=dir
Copy infected files to directory
-l file, --log=file
Write scan report to file
-d path, --database=path
Load virus signatures from file or directory
--exclude=REGEX
Skip files matching the regex pattern
--exclude-dir=REGEX
Skip directories matching the regex
--include=REGEX
Only scan files matching the regex
--include-dir=REGEX
Only enter directories matching the regex
--max-filesize=size
Skip files larger than size
--max-scansize=size
Maximum data scanned per container
--bell
Sound an audible alert on detection
--detect-pua[=yes/no]
Detect potentially unwanted applications
--quiet
Only print error messages
--no-summary
Suppress the final scan summary
-v, --verbose
Verbose output
--version
Print version information

DATABASE UPDATE

Update signatures before scanning:

$ sudo freshclam
copy

CAVEATS

--remove is dangerous due to false positives. Use --move or --copy instead. Single-threaded by default. For multi-threaded scanning, use clamdscan with clamd daemon.

SEE ALSO

freshclam(1), clamdscan(1), clamd(8)

Copied to clipboard
Kai

AltStyle によって変換されたページ (->オリジナル) /