How to run the antivirus scan on the command line
The article refers to Kaspersky Endpoint Security 8 for Mac
You can run the Kaspersky Endpoint Security 8 for Mac antivirus scan task at the command line. The syntax of the antivirus scan command:
kav scan <scan_object> <action> <file_types> <exclusions> <report_properties> <additional_properties>
where:
<scan_object> - the files and folders to be scanned. If there are more than one, separate them with spaces:
kav scan ~ / Documents / System / Library
the following folders will be scanned: Documents of the active user, System and Libraries in the root directory
If the path of an object contains spaces or other special symbols (@, #, &, etc), put the entire path in single quotes (or put the symbol \ before each space or special symbol), for example:
kav scan '~ / Documents / my test script.sh' ~ / Downloads / my \ cat \ @ log / file.txt
the following files will be scanned: ~ / Documents / my test script.sh and ~ / Downloads / my cat@log/file.txt
You can also indicate the following scan objects:
-remdrives - all external drives
-fixdrives - all hard drives
-netdrives - all network volumes
-quarantine - objects in quarantine
- @: <filelist.lst> - take the list of file objects
<action> - defines the actions applicable to the detected malicious objects (-i8 by default):
-i0 - do not apply any actions, just record the event in the report;
-i1 - disinfect infected objects, omit if disinfection is impossible;
-i2 - disinfect infected objects, eliminate if disinfection is impossible; do not eliminate infected objects in containers (compound objects); eliminate compound objects with executable headers (self-extracting or sfx files);
-i3 - disinfect the infected files, eliminate if disinfection is impossible; completely remove containers that contain infected objects that can not be deleted;
-i4 - delete infected objects; completely remove containers that contain infected objects that can not be deleted;
-i8 - ask the user about the action when detecting an infected object. It is the default action;
-i9 - ask the user about the action at the end of the analysis.
<file_types> - determines what file types are analyzed. By default, only the infected files are scanned for content. You can use the following values:
-fe - analyze by extension only the infected files;
-fi - analyze only the infected files by content (by default);
-fa - analyze all the files.
<exclusions> - determines the exposed files of the analysis. You can indicate several values in the following list (separate them by the space symbol):
-e: a - do not scan the archived objects;
-e: b - do not scan mail bases;
-e: m - do not scan textual mail messages;
-e: <mask> - do not scan the objects by the mask;
-e: <seconds> - omit the objects if your analysis takes more than seconds;
-e: <size> - omit the objects if their size exceeds so many MB.
<report_configuration> - defines the format of the scan results report. It can be an absolute or relative route. Without any value, the results of the scan go to the screen and contain all the events. You can use the following values:
-r: <report_file> - record only the important events;
-ra: <report_file> - record all events.
<additional_properties> - defines the use of antivirus scanning technologies and the configuration file.
-iSwift = <on | off> - enable / disable the use of iSwift technology;
-c: <configuration_file_name> - defines the configuration file path (contains the properties of the antivirus scan). It can be an absolute or relative route. Without any value, the properties configured in the graphical interface are applied.
Example
The following command scans the Downloads folder within the user's folder, but the mail databases and files larger than 100 MB, and generates a report.txt file containing a complete report:
0 komentar:
Posting Komentar