Executing an antivirus scan in command line

 

 

Kaspersky Endpoint Security 8 for Mac

 
 
 

Executing an antivirus scan in command line

Back to "Local Management"
2012 Jan 23 ID: 4678
 
 
 
 

Applies to Kaspersky Endpoint Security 8.0 for Mac

You can execute a Kaspersky Endpoint Security 8.0 for Mac antivirus scan in command line. The antivirus scan command syntax:

kav scan <scan_object> <action> <file_types> <exclusions> <report_settings> <additional settings>

where:

  • <scan_object> - files and folders to scan. They should be separated with a space if more than one:

    kav scan ~/Documents /System /Libraries

    the following folders will be scanned: current user's Documents, and System and Libraries in the root folder.


    If the object path contains spaces or special symbols (@, #, &, etc), you should single-quote the entire path (or put the \ sign before each space or special symbol), for example:

    kav scan '~/Documents/my test script.sh' ~/Downloads/my\ cat\@log/file.txt

    the following files will be scanned: ~/Documents/my test script.sh and ~/Downloads/my cat@log/file.txt.

    You can also indicate the following scan objects:

    -remdrives – all removable disks
    -fixdrives – all local disks
    -netdrives – all network disks
    -quarantine – quarantined objects
    -@:<filelist.lst> - take the list of objects from the file


  • <action> - defines the action applied to detected malicious objects (-i8 is used by default):

    -i0 – apply no actions, just register the fact in the report;
    -i1 – disinfect infected objects, skip if disinfection fails;
    -i2 – disinfect infected objects, delete if disinfection fails; do not delete infected objects in containers (compound objects); delete containers with executable headers (sfx archives);
    -i3 – disinfect infected objects, delete if disinfection fails; entirely delete the containers with non-deletable infected objects inside;
    -i4 – delete infected objects; entirely delete the containers with non-deletable infected objects inside;
    -i8 – prompt the user upon detecting an infected object. The default action;
    -i9 – prompt the user after completing the scan.

  • <file_types> - defines the file types to scan. By default, only infectable files are scanned by content. The following values can be used:

    -fe – scan only infectable files by extension;
    -fi – scan only infectable files by content (by default);
    -fa – scan all files.

  • <exclusions> - defines the objects excluded form scan. You can list several values from the following list (separate with a space):

    -e:a – do not scan archives;
    -e:b – do not scan mail bases;
    -e:m – do not scan text mail messages;
    -e:<mask> – do not scan objects by mask
    -e:<seconds> – skip objects with scan time larger than (in seconds);
    -e:<size> – skip objects with size larger than (in megabytes).

  • <report_settings> – defines the scan results report format. It can be an an absolute or a relative path. Without a value, the scan results are displayed and contain all events. The following values can be used:

    -r:<report_file> – register important events only;
    -ra:<report_file> – register all events.

  • <additional_settings> – defines the usage of antivirus scan technologies and the configuration file.

-iSwift=<on|off> – enable / disable the iSwift technology usage;

-c:<configuration_file_name> – defines the configuration file (containing antivirus scan settings) path. It can be an an absolute or a relative path. Without a value, the settings will be taken from the application graphical interface.

Example

The following command will scan the Downloads folder in user's home folder excluding mail databases and files larger than 100 MB, and generate a full report in the report.txt file:

kav scan ~/Downloads -e:b -e:100MB -ra:report.txt

 
 
 
 
Was this information helpful?
Yes No
 

 
 

Have you found what you were looking for?

Please let us know how we can make this website more comfortable for you

Send feedback Send feedback

Thank you!

Thank you for submitting your feedback.
We will review your feedback shortly.