clamscan

Scan single file

$ clamscan [file]

$ clamscan -r [/path/to/dir]

$ clamscan -ri [/path/to/dir]

$ clamscan -r --move=[/quarantine] [/path/to/scan]

$ clamscan -r --remove [/path/to/scan]

$ clamscan -r -l [scan.log] [/path/to/dir]

$ clamscan -r --exclude-dir=[backup] [/home]

clamscan [options] [file|directory...]

clamscan is a standalone command-line virus scanner from the ClamAV antivirus suite. It scans files and directories for viruses, trojans, malware, and other threats using the ClamAV signature database.
Each invocation loads the full virus database into memory, which makes it suitable for one-off scans but slower for repeated use. For high-volume or frequent scanning, the daemon-based clamdscan is preferred as it avoids the database reload overhead.
clamscan supports recursive directory scanning, pattern-based file inclusion and exclusion, configurable size limits, and various actions for infected files including removal, quarantine (move), and copying. Scan results can be logged to a file for audit purposes.

-r, --recursive

Scan directories recursively

Only print infected files

Remove infected files (dangerous)

Move infected files to directory

Copy infected files to directory

Write scan report to file

Exclude files matching pattern

Exclude directories

Skip files larger than size

Maximum data scanned per file

Verbose output

Update signatures before scanning:

$ sudo freshclam

--remove is dangerous due to false positives. Use --move or --copy instead. Single-threaded by default. For multi-threaded scanning, use clamdscan with clamd daemon.

freshclam(1), clamdscan(1), clamd(8)