31
34
Write all messages (except for libclamav output) to the standard output (stdout).
37
Do not display summary at the end of scanning.
39
\fB\-i, \-\-infected\fR
40
Only print infected files.
42
\fB\-o, \-\-suppress\-ok\-results\fR
43
Skip printing OK files
46
Sound bell on virus detection.
48
\fB\-\-tempdir=DIRECTORY\fR
49
Create temporary files in DIRECTORY. Directory must be writable for the '@CLAMAVUSER@' user or unprivileged user running clamscan.
51
\fB\-\-leave\-temps\fR
52
Do not remove temporary files.
33
54
\fB\-d FILE/DIR, \-\-database=FILE/DIR\fR
34
55
Load virus database from FILE or load all virus database files from DIR.
39
60
\fB\-l FILE, \-\-log=FILE\fR
40
61
Save scan report to FILE.
42
\fB\-\-tempdir=DIRECTORY\fR
43
Create temporary files in DIRECTORY. Directory must be writable for the '@CLAMAVUSER@' user or unprivileged user running clamscan.
45
\fB\-\-leave\-temps\fR
46
Do not remove temporary files.
48
\fB\-f FILE, \-\-file\-list=FILE\fR
49
Scan files listed line by line in FILE.
51
63
\fB\-r, \-\-recursive\fR
52
64
Scan directories recursively. All the subdirectories in the given directory will be scanned.
63
75
\fB\-\-follow\-file\-symlinks=[0/1(*)/2]\fR
64
76
Follow file symlinks. There are 3 options: 0 - never follow file symlinks, 1 (default) - only follow file symlinks, which are passed as direct arguments to clamscan. 2 - always follow file symlinks.
67
Sound bell on virus detection.
70
Do not display summary at the end of scanning.
72
\fB\-\-exclude=REGEX, \-\-exclude\-dir=REGEX\fR
73
Don't scan file/directory names matching regular expression. These options can be used multiple times.
75
\fB\-\-include=REGEX, \-\-include\-dir=REGEX\fR
76
Only scan file/directory matching regular expression. These options can be used multiple times.
78
\fB\-i, \-\-infected\fR
79
Only print infected files.
78
\fB\-f FILE, \-\-file\-list=FILE\fR
79
Scan files listed line by line in FILE.
81
81
\fB\-\-remove[=yes/no(*)]\fR
82
Remove infected files. \fBBe careful.\fR
82
Remove infected files. \fBBe careful!\fR
84
84
\fB\-\-move=DIRECTORY\fR
85
85
Move infected files into DIRECTORY. Directory must be writable for the '@CLAMAVUSER@' user or unprivileged user running clamscan.
87
87
\fB\-\-copy=DIRECTORY\fR
88
88
Copy infected files into DIRECTORY. Directory must be writable for the '@CLAMAVUSER@' user or unprivileged user running clamscan.
90
\fB\-\-exclude=REGEX, \-\-exclude\-dir=REGEX\fR
91
Don't scan file/directory names matching regular expression. These options can be used multiple times.
93
\fB\-\-include=REGEX, \-\-include\-dir=REGEX\fR
94
Only scan file/directory matching regular expression. These options can be used multiple times.
90
96
\fB\-\-bytecode[=yes(*)/no]\fR
91
97
With this option enabled ClamAV will load bytecode from the database. It is highly recommended you keep this option turned on, otherwise you may miss detections for many new viruses.
138
144
\fB\-\-phishing\-cloak[=yes/no(*)]\fR
139
145
Block cloaked URLs (might lead to some false positives).
147
\fB\-\-partition\-intersection[=yes/no(*)]\fR
148
Detect partition intersections in raw disk images using heuristics.
141
150
\fB\-\-algorithmic\-detection[=yes(*)/no]\fR
142
151
In some cases (eg. complex malware, exploits in graphic files, and others), ClamAV uses special algorithms to provide accurate detection. This option can be used to control the algorithmic detection.
153
162
\fB\-\-scan\-pdf[=yes(*)/no]\fR
154
163
Scan within PDF files. If you turn off this option, the original files will still be scanned, but without decoding and additional processing.
165
\fB\-\-scan\-swf[=yes(*)/no]\fR
166
Scan SWF files. If you turn off this option, the original files will still be scanned but without additional processing.
156
168
\fB\-\-scan\-html[=yes(*)/no]\fR
157
169
Detect, normalize/decrypt and scan HTML files and embedded scripts. If you turn off this option, the original files will still be scanned, but without additional processing.
165
177
\fB\-\-block\-encrypted[=yes/no(*)]\fR
166
178
Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
180
\fB\-\-max\-filesize=#n\fR
181
Extract and scan at most #n bytes from each archive. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 25 MB, max: <4 GB)
183
\fB\-\-max\-scansize=#n\fR
184
Extract and scan at most #n bytes from each archive. The size the archive plus the sum of the sizes of all files within archive count toward the scan size. For example, a 1M uncompressed archive containing a single 1M inner file counts as 2M toward max-scansize. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 100 MB, max: <4 GB)
168
186
\fB\-\-max\-files=#n\fR
169
187
Extract at most #n files from each scanned file (when this is an archive, a document or another kind of container). This option protects your system against DoS attacks (default: 10000)
171
\fB\-\-max\-filesize=#n\fR
172
Extract and scan at most #n kilobytes from each archive. You may pass the value in megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 25 MB, max: <4 GB)
174
\fB\-\-max\-scansize=#n\fR
175
Extract and scan at most #n kilobytes from each scanned file. You may pass the value in megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 100 MB, max: <4 GB)
177
189
\fB\-\-max\-recursion=#n\fR
178
190
Set archive recursion level limit. This option protects your system against DoS attacks (default: 16).
180
192
\fB\-\-max\-dir\-recursion=#n\fR
181
193
Maximum depth directories are scanned at (default: 15).
196
\fB\-\-max\-embeddedpe=#n\fR
197
Maximum size file to check for embedded PE. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number (default: 10 MB, max: <4 GB).
199
\fB\-\-max\-htmlnormalize=#n\fR
200
Maximum size of HTML file to normalize. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number (default: 10 MB, max: <4 GB).
202
\fB\-\-max\-htmlnotags=#n\fR
203
Maximum size of normalized HTML file to scan. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number (default: 2 MB, max: <4 GB).
205
\fB\-\-max\-scriptnormalize=#n\fR
206
Maximum size of script file to normalize. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number (default: 5 MB, max: <4 GB).
208
\fB\-\-max\-ziptypercg=#n\fR
209
Maximum size zip to type reanalyze. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number (default: 1 MB, max: <4 GB).
211
\fB\-\-max\-partitions=#n\fR
212
This option sets the maximum number of partitions of a raw disk image to be scanned. This must be a positive integer (default: 50).
214
\fB\-\-max\-iconspe=#n\fR
215
This option sets the maximum number of icons within a PE to be scanned. This must be a positive integer (default: 100).
217
\fB\-\-enable\-stats\fR
218
This option enables submission of statistical data. (Default: stats submissions disabled)
220
\fB\-\-stats\-host\-id\fR
221
This option sets the HostID, in the form of an UUID, to use when submitting statistical information.
223
\fB\-\-disable\-pe\-stats\fR
224
This option disables the submission of PE section data. (Default: submitting of PE section data enabled if stats submissions as a whole is enabled).
226
\fB\-\-stats\-timeout=#n\fR
227
This option sets the timeout in seconds to wait for communication back from the stats server. (Default: 10).
added
removed
docs/man/clamscan.1.in
