Running the Malware Scan task.
To run the command, go to the folder where the Kaspersky Endpoint Security executable file is located. You can also add the executable file path to the %PATH% system variable and run the command without navigating to the application folder.
Command syntax
avp.com SCAN [<scan scope>] [<action on threat detection>] [<file types>] [<scan exclusions>] [/R[A]:<report file>] [<scan technologies>] [/C:<file with scan settings>]
Scan scope |
|
|
A space-separated list of files and folders. Long paths must be enclosed in quotation marks. Short paths (MS-DOS format) do not need to be enclosed in quotation marks. For example:
|
|
Run the Malware Scan task. Kaspersky Endpoint Security scans the following objects:
|
|
Scan the Kernel memory |
|
Scan the Objects that are loaded at startup of the operating system |
|
Scan Outlook mailbox |
|
Scan removable drives. |
|
Scan hard drives. |
|
Scan network drives. |
|
Scan the files in the Kaspersky Endpoint Security Backup. |
|
Scan the files and folders from a list. Each file in the list must be on a new row. Long paths must be enclosed in quotation marks. Short paths (MS-DOS format) do not need to be enclosed in quotation marks. For example:
|
Action on threat detection |
|
|
Inform. If this option is selected, Kaspersky Endpoint Security adds the information about infected files to the list of active threats on detection of these files. |
|
Disinfect, block if disinfection fails. If this option is selected, Kaspersky Endpoint Security automatically attempts to disinfect all infected files that are detected. If disinfection is not possible, Kaspersky Endpoint Security adds the information about the infected files that are detected to the list of active threats. |
|
Disinfect, delete if disinfection fails. If this option is selected, the application automatically attempts to disinfect all infected files that are detected. If disinfection fails, the application deletes the files. This action is selected by default. |
|
Disinfect the infected files that are detected. If disinfection fails, delete the infected files. Also delete compound files (for example, archives) if the infected file cannot be disinfected or deleted. |
|
Delete infected files. Also delete compound files (for example, archives) if the infected file cannot be deleted. |
File types |
|
|
Files scanned by extension. If this setting is enabled, the application scans infectable files only. The file format is then determined based on the file's extension. |
|
Files scanned by format. If this setting is enabled, the application scans infectable files only. Before scanning a file for malicious code, the internal header of the file is analyzed to determine the format of the file (for example, .txt, .doc, or .exe). The scan also looks for files with particular file extensions. |
|
All files. If this setting is enabled, the application checks all files without exception (all formats and extensions). This is the default setting. |
Scan exclusions |
|
|
RAR, ARJ, ZIP, CAB, LHA, JAR, and ICE archives are excluded from the scan scope. |
|
Mail databases, incoming and outgoing e-mails are excluded from the scan scope. |
|
Files that match the file mask are excluded from the scan scope. For example:
|
|
Files that take longer to scan than the specified time limit (in seconds) are excluded from the scan scope. |
|
Files that are larger than the specified size limit (in megabytes) are excluded from the scan scope. |
Saving events to a report file mode (for Scan, Updater and Rollback profiles only) |
|
|
Save only critical events to the report file. |
|
Save all events to a report file. |
Scan technologies |
|
|
This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from scans by using a special algorithm that takes into account the release date of Kaspersky Endpoint Security databases, the date when the file was last scanned, and any modifications to the scan settings. There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR). |
|
This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from scans by using a special algorithm that takes into account the release date of Kaspersky Endpoint Security databases, the date when the file was last scanned, and any modifications to the scan settings. The iSwift technology is an advancement of the iChecker technology for the NTFS file system. |
Advanced settings |
|
|
File with the Malware Scan task settings. The file must be created manually and saved in TXT format. The file can have the following contents: |
Example:
|