.\" Manual page created by Tomasz Kojm, 14/15 IV 2002 .TH "clamscan" "1" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus" .SH "NAME" .LP clamscan \- scan files and directories against viruses .SH "SYNOPSIS" .LP clamscan [options] [file/directory/\-] .SH "DESCRIPTION" .LP clamscan is a command line anti\-virus scanner. It's a part of the Clam AntiVirus package. .SH "OPTIONS" .LP .TP \fB\-h, \-\-help\fR Print help information and exit. .TP \fB\-V, \-\-version\fR Print version number and exit. .TP \fB\-v, \-\-verbose\fR Be verbose. .TP \fB\-\-debug\fR Enable debug messages (from libclamav). .TP \fB\-\-quiet\fR Be quiet (only print error messages). .TP \fB\-\-stdout\fR Write all messages to the standard output (stdout) instead of the standard error output (stderr). .TP \fB\-d FILE/DIR, \-\-database=FILE/DIR\fR Load virus database from FILE or load all virus database files from DIR. .TP \fB\-l FILE, \-\-log=FILE\fR Save scan report to FILE. .TP \fB\-\-tempdir=DIRECTORY\fR Create temporary files in DIRECTORY. Directory must be writeable for the 'clamav' user or unprivileged user running clamscan. .TP \fB\-r, \-\-recursive\fR Scan directories recursively. All the subdirectories in the given directory will be scanned. .TP \fB\-\-bell\fR Sound bell on virus detection. .TP \fB\-\-no\-summary\fR Disable summary printing at the end of scanning. .TP \fB\-\-exclude=PATT\fR Don't scan file names containing PATT. It may be used multiple times. .TP \fB\-\-include=PATT\fR Only scan file names containing PATT. It may be used multiple times. .TP \fB\-\-mbox\fR Enable scanning of various mail file types (also treat stdin as a mailbox \- for backward compatibility). .TP \fB\-i, \-\-infected\fR Only print infected files. .TP \fB\-\-remove\fR Remove infected files. \fBBe careful.\fR .TP \fB\-\-move=DIRECTORY\fR Move infected files into DIRECTORY. Directory must be writeable for the 'clamav' user or unprivileged user running clamscan. .TP EXTRACTION OPTIONS: .TP \fB\-\-no\-ole2\fR Disable support for Microsoft Office document files. .TP \fB\-\-no\-archive\fR Disable archive support built in libclamav. .TP \fB\-\-block\-encrypted\fR Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). .TP \fB\-\-max\-files=#n\fR Extract first #n files from each archive. This option protects your system against DoS attacks (default: 500) .TP \fB\-\-max\-space=#n\fR Extract first #n kilobytes from each archive. You may give the number in megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 10 MB) .TP \fB\-\-max\-recursion=#n\fR Set archive recursion level limit. This option protects your system against DoS attacks (default: 5). .TP \fB\-\-max\-ratio=#n\fR Set maximum archive compression ratio limit. This option protects your system against DoS attacks (default: 200). .TP \fB\-\-unzip[=FULLPATH]\fR In most cases you don't need this option \- the built\-in unarchiver will do extract Zip archives. This option however may be used as a backup for internal unpacker \- see the full documentation for more information. When enabled without an argument, unzip program will be searched in $PATH. If unzip cannot be found in $PATH, you must force it with =pathname. Remember about '=' between the option and an argument. .TP \fB\-\-unrar[=FULLPATH]\fR Scan .rar files. .TP \fB\-\-unarj[=FULLPATH]\fR Scan .arj files. .TP \fB\-\-unzoo[=FULLPATH]\fR Scan .zoo files. .TP \fB\-\-lha[=FULLPATH]\fR Scan .lzh files. .TP \fB\-\-jar[=FULLPATH]\fR clamscan uses unzip for .jar files, so optionally eventually you will need to pass a full path to unzip. .TP \fB\-\-deb[=FULLPATH]\fR This option supports debian binary packages. Implies \-\-tgz, but doesn't conflict with \-\-tgz=FULLPATH. It requires ar utility. .TP \fB\-\-tar[=FULLPATH]\fR This option supports non\-compressed archives. .TP \fB\-\-tgz[=FULLPATH]\fR This option supports tar.gz and .tgz files. You need GNU tar, on non\-Linux system you probably have it installed as gtar. If it's in $PATH, please use \-\-tgz=gtar in other case please pass a full path. .SH "EXAMPLES" .LP .TP (0) Scan selected file: \fBclamscan file\fR .TP (1) Scan current working directory: \fBclamscan\fR .TP (2) Scan all files (and subdirectories) in /home: \fBclamscan \-r /home\fR .TP (3) Load database from selected file and limit disk usage to 50 Mb: \fBclamscan \-d /tmp/newclamdb \-\-max\-space=50m \-r /tmp\fR .TP (4) Scan data stream: \fBcat testfile | clamscan \-\fR .TP (5) Scan mail spool directory: \fBclamscan \-r \-\-mbox /var/spool/mail\fR .SH "RETURN CODES" .LP Note: some return codes may only appear in a one file mode (clamscan is started with file argument). Those are marked with \fB(ofm)\fR. 0 : No virus found. .TP 1 : Virus(es) found. .TP 40: Unknown option passed. .TP 50: Database initialization error. .TP 52: Not supported file type. .TP 53: Can't open directory. .TP 54: Can't open file. (ofm) .TP 55: Error reading file. (ofm) .TP 56: Can't stat input file / directory. .TP 57: Can't get absolute path name of current working directory. .TP 58: I/O error, please check your filesystem. .TP 59: Can't get information about current user from /etc/passwd. .TP 60: Can't get information about user 'clamav' (default name) from /etc/passwd. .TP 61: Can't fork. .TP 63: Can't create temporary files/directories (check permissions). .TP 64: Can't write to temporary directory (please specify another one). .TP 70: Can't allocate and clear memory (calloc). .TP 71: Can't allocate memory (malloc). .SH "CREDITS" Please check the full documentation for credits. .SH "AUTHOR" .LP Tomasz Kojm .SH "SEE ALSO" .LP clamdscan(1), freshclam(1)