clamdscan

Scan a file or directory for vulnerabilities

$ clamdscan [path/to/file_or_directory]

$ [command] | clamdscan -

$ clamdscan --infected

$ clamdscan --log [path/to/log_file]

$ clamdscan --move [path/to/quarantine_directory]

$ clamdscan --remove

$ clamdscan --multiscan

$ clamdscan --fdpass

clamdscan [options] [file/directory]

clamdscan is a clamd client which may be used as a clamscan replacement. It accepts all the options implemented in clamscan but most of them will be ignored because its scanning abilities only depend on clamd.

-h, --help

Display help information and exit.

-V, --version

Print version number and exit.

-v, --verbose

Be verbose.

--quiet

Be quiet - only output error messages.

--stdout

Write all messages (except for libclamav output) to the standard output (stdout).

--config-file=FILE

Read clamd settings from FILE.

-l FILE, --log=FILE

Save the scan report to FILE.

-f FILE, --file-list=FILE

Scan files listed line by line in FILE.

-p A[:I], --ping A[:I]

Ping clamd up to [A] times at optional interval [I] until it responds.

-w, --wait

Wait up to 30 seconds for clamd to start. Optionally use alongside ping to set attempts [A] and interval [I] to check clamd.

-m, --multiscan

In the multiscan mode clamd will attempt to scan the directory contents in parallel using available threads. This option is especially useful on multiprocessor and multi-core systems. If you pass more than one file or directory in the command line, they are put in a queue and sent to clamd individually. This means, that single files are always scanned by a single thread. Similarly, clamdscan will wait for clamd to finish a directory scan (performed in multiscan mode) before sending request to scan another directory. This option can be combined with --fdpass (see below).

-z, --allmatch

After a match, continue scanning within the file for additional matches.

--remove

Remove infected files. Be careful.

--move=DIRECTORY

Move infected files into DIRECTORY.

--copy=DIRECTORY

Copy infected files into DIRECTORY.

--no-summary

Do not display summary at the end of scanning.

--reload

Request clamd to reload virus database.

--allmatch

Continue scanning within file after finding a match.

--fdpass

Pass the file descriptor permissions to clamd. This is useful if clamd is running as a different user as it is faster than streaming the file to clamd. Only available if connected to clamd via local(unix) socket.

--stream

Forces file streaming to clamd. This is generally not needed as clamdscan detects automatically if streaming is required. This option only exists for debugging and testing purposes, in all other cases --fdpass is preferred.

(0) To scan a one file:

clamdscan file

(1) To scan a current working directory:

clamdscan

(2) To scan all files in /home:

clamdscan /home

(3) To scan a file when clamd is running as a different user:

clamdscan --fdpass ~/downloads

(4) To scan from standard input:

clamdscan - < file_to_scan

cat file_to_scan | clamdscan -

0 : No virus found.

1 : Virus(es) found.

2 : An error occurred.

Please check the full documentation for credits.

clamd(8), clamd.conf(5), clamscan(1)

Tomasz Kojm <tkojm@clamav.net>