Kaspersky Anti-Virus 6.0 R2 SOS

 
 
 

Managing Kaspersky Anti-Virus version 6.0 MP4 via command line

Back to "Settings / How to"
2012 Oct 16 ID: 2673
 
 
 
 

You can manage Kaspersky Anti-Virus via command line.

When managing Kaspersky Anti-Virus via command line you should address it from the application installation folder or by specifying full path to avp.com.

General command line syntaxavp.com <command> [parameters]

<command> can take the following values:

  • HELP – help on command syntax, list of commands.
  • SCAN – scan for malware.
  • UPDATE – start update task.
  • ROLLBACK – rollback the last fulfilled application update.
  • START – run a component or a task.
  • STOP – stop a component or a task.
  • STATUS – display current status of a component or a task.
  • STATISTICS – display statistics of a component or a task.
  • EXPORT – export protection settings of the application.
  • IMPORT – import protection settings of the application.
  • ACTIVATE – application activation via Internet with an activation code.
  • ADDKEY – application activation with a key file.
  • RESTORE – restore a file from quarantine.
  • EXIT – exit the application. 
  • TRACE – generate a traces file. 

HELP – VIEW HELP   

To view help on command line syntax:

avp.com [/?|HELP]

To view help on syntax of a particular command:

avp.com <command> /?

avp.com HELP <command>

SCAN – OBJECT SCAN 

General command syntax:

avp.com SCAN [<object to scan>] [<action>] [<file types>] [<exceptions>] [<report parameters>] [<additional parameters>]

Description of parameters:

<object to scan> - list of objects to be analyzed for malicious code.
The parameter can have several of the following values, separated with spaces:

  • <files> - list of paths to the files and/or folders to be scanned. Both, absolute and relative file path are allowed. 
    Use spaces to separate scan elements.
    Notes: 
    • object names containing spaces should be quoted.
    • if you specify a folder, all the files it contains will be scanned.
  • /ALL – full PC scan.
  • /MEMORY – RAM objects.
  • /STARTUP – autorun objects.
  • /MAIL – mail bases.
  • /REMDRIVES – all removable drives.
  • /FIXDRIVES – all local drives.
  • /NETDRIVES – all network drives.
  • /QUARANTINE – quarantined objects.
  • /@:<filelist.lst> - path to the file containing the list of objects and folders to be scanned. The file should be in a text format. Each scan object should be typed on a separate line. Both, absolute and relative file path are allowed. Paths containing spaces should be quoted.

<action> - actions to be applied to malicious objects detected by scan. If the parameter is not set, the action corresponding to the /i2 value will be applied by default. Possible values:

  • /i0 – do not apply any actions to the object, only log information about it in the report.
  • /i1- disinfect infected objects, skip if impossible to disinfect.
  • /i2 - disinfect infected objects, delete if impossible to disinfect; do not delete infected objects from containers (compound objects); delete containers with executable headers (sfx archives) (this type of action is applied by default).
  • /i3 - disinfect infected objects, delete if impossible to disinfect; delete container objects completely if impossible to delete infected files they contain.
  • /i4 - delete infected objects; delete container objects completely if impossible to delete infected files they contain.
  • /i8 – prompt user for action on detection of an infected object.
  • /i9 – prompt user for action when scan ends.

<file types> - the parameter defines the file types to be scanned. If the parameter is not set, only infectable files by content are scanned by default. Possible values:

  • /fe - scan only infectable files by extension.
  • /fi - scan only infectable files by content.
  • /fa – scan all files.

<exceptions> - this parameter defines the objects excluded from scan. The parameter can have several of the following values, separated with spaces:

  • /e:a – do not scan archives.
  • /e:b - do not scan mail bases.
  • /e:m - do not scan mail messages in plain text format.
  • /e:<mask> - do not scan objects by mask.
  • /e:<seconds> - skip objects requiring more than <seconds> second(s) to scan.

<report parameters> - this parameter defines the format of the scan report format. Both, absolute and relative file path are allowed. If the parameter is not set, the scan results contain all events and will be displayed on the screen. Possible values:

  • /R:<report_file> - write only important events to the specified report file.
  • /RA:<report_file> - write all events to the specified report file.

<additional parameters> - parameters that determine usage of antivirus scan technologies and configuration file.

  • /iChecker=<on|off> - enable / disable iChecker technology.
  • /iSwift=<on|off> - enable / disable iSwift technology.
  • /C:<configuration_file_name> - defines path to the configuration file containing application settings used for scan. Both, absolute and relative file path are allowed. If the parameter is not set, the settings configured in the application GUI will be applied. 

Example: To scan RAM, autorun objects, mail bases, folders My Documents and Program Files, and test.exe file:
avp.com SCAN /MEMORY /STARTUP /MAIL "C:\Documents and Settings\All Users\My Documents" "C:\Program Files" "C:\Downloads\test.exe"

UPDATE – ANTIVIRUS BASES AND APPLICATION MODULES UPDATE TASK

General command syntax:

avp.com UPDATE [<update_source>] [</APP=<on|off>] [<report parameters>] [<additional parameters>]

Description of parameters:

<update_source> - path to a HTTP/FTP server or a network folder to download updates from. If no path is defined, the update source will be selected according to the application update settings.

/APP=<on|off> - update application modules.

<report parameters> - this parameter defines the format of the scan report format. Both, absolute and relative file path are allowed. If the parameter is not set, the scan results contain all events and will be displayed on the screen. Possible values:

  • /R:<report_file> - write only important events to the specified report file.
  • /RA:<report_file> - write all events to the specified report file.

<additional parameters> - parameters of configuration file usage.

  • /C:<configuration_file_name> - defines path to the configuration file containing application settings used for scan. Both, absolute and relative file path are allowed. If the parameter is not set, the settings configured in the application GUI will be applied

Example: To update applications and log all events into the report: avp.com UPDATE /RA:avbases_upd.txt

ROLLBACK – ROLLBACK LAST ANTIVIRUS BASES AND APPLICATION MODULES UPDATE

General command syntax:

avp.com ROLLBACK </password=<password>> [<report parameters>]

Description of parameters:

</password=<password>> - the password set via application GUI. Command ROLLBACK cannot be executed without entering a password.

<report parameters> - this parameter defines the format of the scan report format. Both, absolute and relative file path are allowed. If the parameter is not set, the scan results contain all events and will be displayed on the screen. Possible values:

  • /R:<report_file> - write only important events to the specified report file.
  • /RA:<report_file> - write all events to the specified report file.

Example: avp.com ROLLBACK /password=123 /RA:rollback.txt

 
START|STOP - START|STOP A COMPONENT OR A TASK  

General syntax of the command START:

avp.com START <profile|task_name> [<report_parameters>]

General syntax of the command STOP:

avp.com STOP <profile|task_name> </password=<password>> 

Description of parameters:

</password=<password>> - password set via application GUI. Command STOP cannot be executed without entering a password.

<report parameters> - this parameter defines the format of the scan report format. Both, absolute and relative file path are allowed. If the parameter is not set, the scan results contain all events and will be displayed on the screen. Possible values:

  • /R:<report_file> - write only important events to the specified report file.
  • /RA:<report_file> - write all events to the specified report file.

<profile|task name> - set one of the following values:

  • Protection (RTP) – All Protection components.
  • Anti-Hacker (AH) - Anti-Hacker (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • fw - Firewall (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • ids – Intrusion detection system (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • Anti-Spam (AS) - Anti-Spam (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • Anti-Spy (ASPY) - Anti-Spy (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • AdBlocker - Anti-Banner (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • antidial - Anti-Dialer (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • Behavior_Blocking2 – Proactive defense (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • pdm2 – Application activity analyzer (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • regguard2 – Registry guard (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • File_Monitoring (FM) – File Anti-Virus.
  • Web_Monitoring - Web Anti-Virus (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • Mail_Monitoring (EM) - Mail Anti-Virus (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • Lock_Control (LC) – Access control (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • Device_Locker – Device control (Kaspersky Anti-Virus 6.0 for Windows Workstations MP4 only).
  • Scan_My_Computer – Full scan task.
  • Scan_Objects - Virus scan task.
  • Scan_Quarantine – Quarantine scan.
  • Scan_Startup (STARTUP) – Startup objects scan.
  • Updater – Update task.
  • Rollback – Rollback update task.

Example: Enable the component File Anti-Virus: avp.com START FM

 
STATUS|STATISTICS – DISPLAY STATUS|STATISTICS OF A COMPONENT OR A TASK

General syntax of the command STATUS:

avp.com STATUS <profile|task name>

General syntax of the command STATISTICS:

avp.com STATISTICS <profile|task name>

Description of parameters:

<profile|task name> - set one of the values listed for the command START|STOP.
 
EXPORT - EXPORT APPLICATION PROTECTION SETTINGS

General command syntax:

avp.com EXPORT <profile|task name><file_name>

Description of parameters:

<profile|task name> - set one of the values listed for the command START|STOP.
<file_name> - path to the file to export application settings to. Both, absolute and relative file path are allowed.

Example:

avp.com EXPORT RTP RTP_settings.dat – binary format.

avp.com EXPORT FM FM_settings.txt – text format. 


IMPORT – IMPORT APPLICATION PROTECTION SETTINGS

General command syntax:

avp.com IMPORT <v> </password=<password>>

Description of parameters:

<file_name> - path to the file to import application settings from. Both, absolute and relative file path are allowed.

</password=<password>> - password set via application GUI.

Example: avp.com IMPORT settings.dat
 


ACTIVATE - APPLICATION ACTIVATION WITH AN ACTIVATION CODE VIA INTERNET

General command syntax:

avp.com ACTIVATE<activation_code> </password=<password>>

Description of parameters:

<activation_code> - activation code: xxxxx-xxxxx-xxxxx-xxxxx

</password=<password>> - password set via application GUI.
 


ADDKEY – APPLICATION ACTIVATION WITH A KEY FILE

General command syntax:

avp.com ADDKEY<file_name> </password=<password>>

Description of parameters:

<file_name> - application key file name: xxxxxxxx.key

</password=<password>> - password set via application GUI.
 


RESTORE - RESTORE A QUARANTINED FILE

General command syntax:

avp.com RESTORE [/REPLACE] <file_name>

Description of parameters:

/REPLACE – replace existing file.

<file_name> - file to be restores.

Example: avp.com REPLACE C:\eicar.com
 


EXIT – EXIT APPLICATION

General command syntax:

avp.com EXIT</password=<password>>

Description of parameters:

</password=<password>> - password set via application GUI. The command cannot be executed without entering a password.
 
TRACE – GENERATE A TRACES FILE

General command syntax:

avp.com TRACE [file][on|off][<tracing_level>]

Description of parameters:

[file] –generate a traces file.

[on|off] - enable/disable generation of trace files.

<tracing_level> - the parameter can have value between 100 (minimum level, critical events only) and 600 (maximum level, all events).

When you address our Technical support service, you will be advised what tracing level to set. If no tracing level has been advised to you by the Technical support service, set this value to 500.

Example:

Generate trace files at the level of 500: avp.com TRACE file on 500

Disable generation of trace files: avp.com TRACE file off

 

COMMAND LINE RETURN CODES

General return codes can be returned by any command of the command line. There are general and task-specific return codes.

General return codes:

0 – Task is successfully executed  
1 – Not correct value of the parameter 
2 – Unknown error  
3 – Error when executing the task 
4 – Task execution is canceled

Return codes of antivirus scan tasks:

101 – All dangerous objects are processed 
102 – Dangerous objects detected 

 
 
 
 
Did the provided info help you?
Yes No
 
 
 

Applies To:

  • Kaspersky Anti-Virus 6.0 R2 for Windows Workstations
  • Kaspersky Anti-Virus 6.0 R2 for Windows Servers
  • Kaspersky Anti-Virus 6.0 R2 SOS