clamdscan
Scan files for viruses using ClamAV
TLDR
Scan a file or directory for vulnerabilities
Scan data from stdin
Scan the current directory and output only infected files
Print the scan report to a log file
Move infected files to a specific directory
Remove infected files
Use multiple threads to scan a directory
Pass the file descriptor instead of streaming the file to the daemon
SYNOPSIS
clamdscan [options] [file/directory/...]
PARAMETERS
-h, --help
Show help information and exit.
-V, --version
Print version number and exit.
-d
Load virus database from
--official-db-only
Only load official signatures.
--config-file=
Read configuration from
--move=
Move infected files to
--copy=
Copy infected files to
--remove
Remove infected files. Use with extreme caution!
-r, --recursive
Scan directories recursively.
--no-summary
Do not print summary at end of scanning.
--log=
Save scan results to
--tempdir=
Create temporary files in
--detect-pua
Detect Possibly Unwanted Applications.
--exclude=
Skip files matching regular expression.
--include=
Only scan files matching regular expression.
--max-filesize=
Files larger than specified size will be skipped (in bytes). Size limit is 4294967295 bytes (4096 MB).
--max-recursion=
Set maximum directory recursion depth.
DESCRIPTION
The clamdscan command is a command-line interface to the ClamAV anti-virus engine.
It connects to the clamd daemon (ClamAV's on-access scanner) via a Unix socket or TCP port, allowing for efficient scanning of files and directories. Using clamdscan is generally more efficient than clamscan, as clamd keeps the virus signature database loaded in memory. This eliminates the overhead of loading the virus definitions for each scan. clamdscan is commonly used in scripts and other automated systems for regular virus scanning.
It supports recursive directory scanning, archive handling, and can be configured to remove infected files. The program returns an exit code indicating whether any threats were found.
CAVEATS
Make sure the clamd daemon is running and properly configured before using clamdscan. The '--remove' option should be used with extreme caution to avoid data loss.
EXIT CODES
clamdscan returns the following exit codes:
0 : No virus found.
1 : Virus(es) found.
2 : An error occurred.
CONFIGURATION
clamdscan can be configured through a configuration file, typically located at /etc/clamav/clamd.conf. The location of this file can be specified with the `--config-file` option.
HISTORY
ClamAV was initially developed by Tomasz Kojm in 2002. clamdscan was created to leverage the clamd daemon for efficient virus scanning, reducing the resource overhead of loading signature databases repeatedly. It has become a standard tool for integrating virus scanning into automated workflows and server environments.