diff --git a/src/ClamAV/ClamAV.php b/src/ClamAV/ClamAV.php
index 83630ac..e0d54d6 100644
--- a/src/ClamAV/ClamAV.php
+++ b/src/ClamAV/ClamAV.php
@@ -130,12 +130,35 @@ public function fileScanInStream(string $file): bool
      */
     public function fileScan(string $file): bool
     {
-        $out = $this->sendCommand('SCAN ' . $file);
+        $response = $this->sendCommand('SCAN ' . $file);
 
-        $out = \explode(':', $out);
-        $stats = \end($out);
+        if (!is_string($response) || trim($response) === '') {
+            throw new \RuntimeException('Empty or invalid response from ClamAV daemon.');
+        }
 
-        return \trim($stats) === 'OK';
+        // Expected format: "/path/to/file: STATUS"
+        $parts = explode(':', $response);
+
+        if (count($parts) < 2) {
+            throw new \RuntimeException(
+                'Unexpected ClamAV response format: ' . $response
+            );
+        }
+
+        $status = trim(end($parts));
+
+        if ($status === 'OK') {
+            return true;  // Clean
+        }
+
+        if (str_ends_with($status, 'FOUND')) {
+            return false; // Infected
+        }
+
+        // Any other output (e.g. "ERROR", "UNKNOWN", empty, etc.) → exception
+        throw new \RuntimeException(
+            'Unexpected ClamAV status: ' . $status . ' | Full response: ' . $response
+        );
     }
 
     /**