Kaspersky Anti-Virus 6.0 SOS

	Useful links

Only Kaspersky Anti-Virus 6.0 and Kaspersky Internet Security 6.0 can be activated via the command prompt using the activation code

No real-time protection components are included in Kaspersky Anti-Virus 6.0 SOS that is why it cannot be managed via the command prompt.

The command prompt is available in all Kaspersky Lab's products versions 6.0 and 7.0 running under MS Windows. You can execute the following operations:

• Program activation 
• Managing program components and tasks 
• Anti-Virus scan 
• Program updates 
• Rollback the latest database update 
• Exporting settings 
• Importing settings 
• Starting the program 
• Stopping the program 
• Viewing help 
• Return codes of the command prompt

Command prompt syntax is:

avp.com <command>[settings]

The following may be used as <commands>:

• ACTIVATE – activates the program via Internet using the activation code 
• ADDKEY – activates the program with the help of a license key 
• START - starts a component or a task 
• PAUSE - pauses a component or a task 
• RESUME - resumes a component or a task 
• STOP - stops a component or a task 
• STATUS - displays the current component or task status on screen
• STATISTICS - displays statistics for the component or task on screen 
• HELP - help with command syntax and the list of commands 
• SCAN - scans objects for viruses 
• UPDATE - begins program update 
• ROLLBACK - rollbacks the latest database update
• EXIT - closes the program (you can only execute this command with the password assigned in the program interface) 
• IMPORT - Import program settings 
• EXPORT - Export program settings

Each command corresponds to its own settings specific to that particular program component.

Program activation

The program can be activated the following ways:

• via Internet using the activation code (ACTIVATE command) 
• using a license key file (ADDKEY command)

Prompt syntax:

avp.com ACTIVATE <activation_code> /password=<your_password>

avp.com ADDKEY <file_name> /password=<your_password>

Parameter description: 

• [<activation_code>] – the code to activate the program, given when purchasing the program. 
• [<file_name>] – name of the license key file to the program with the *.key extension.
• [<your_password>] – password to the product set in the product interface.

Examples:

Top of page

Managing program components and tasks

You can manage program components and tasks from the command prompt with these commands: 

• START – starts a component or a task 
• PAUSE – pauses a component or a task 
• RESUME – resumes a component or a task 
• STOP – stops a component or a task 
• STATUS - displays the current component or task status on screen 
• STATISTICS - displays statistics for the component or task on screen 

The task or component to which the command applies is determined by its parameter. STOP and PAUSE can only be executed with the program password assigned in the program interface

Prompt syntax:

avp.com <command><profile|taskid>

avp.com STOP <profile|taskid>/password=<password>

avp.com PAUSE <profile|taskid>/password=<password>

One of the following values is assigned to <profile|taskid>: 

• RTP - All protection components 
• FM - File Anti-Virus 
• EM – Mail Anti-Virus 
• WM – Web Anti-Virus 
• BM – Proactive Defense 
• ASPY – Anti-Spy 
• AH – Anti-Hacker
• AS – Anti-Spam 
• UPDATER - Updater 
• SCAN_OBJECTS - "Virus scan" task
• SCAN_MY_COMPUTER - "My Computer" task 
• SCAN_CRITICAL_AREAS - "Critical Areas" task 
• SCAN_STARTUP - "Startup Objects"
• <task_name> -  User-defined task

Components and tasks started from the command prompt are run with the settings configured with the program interface.

Examples:

To enable File Anti-Virus, type this at the command prompt: avp.com START FM

To view the current status of Proactive Defense on your computer, type the following text at the command prompt: avp.com STATUS BM

To stop a My Computer scan task from the command prompt, enter: avp.com STOP SCAN_MY_COMPUTER /password=<your_password>

Top of page

Anti-virus scan

Starting a scan of a certain area for viruses and processing malicious objects from the command prompt generally looks as follows:

avp.com SCAN [<object scanned>] [<action>] [<action query>] [<file types>] [<exclusions>] [<configuration file>] [<report settings>]

To scan objects, you can also use the tasks created in the program by start the one you need from the command prompt. The task will be run with the settings from the program interface.

Parameter description:

<object scanned> this parameter gives the list of objects that will be scanned for malicious code. It can include several values from the list provided, separated by spaces.

• <files> - list of paths to the files and/or folders to be scanned. You can enter absolute or relative paths. Items on the list are separated by a space. Notes: 
• If the object name contains a space, it must be placed in quotation marks 
• If you select a specific folder, all the files in it are scanned. 
• /MEMORY - System memory objects 
• /STARTUP - Startup objects 
• /MAIL - E-mail databases 
• /REMDRIVES - All removable media drives 
• /FIXDRIVES - All internal drives 
• /NETDRIVES - All network drives 
• /QUARANTINE - Quarantined objects 
• /ALL - Complete scan
• /@:<filelist.lst> - Path to the file with a list of objects and folders included in the scan. The file should be in a text format and each scan object must start a new line. You can enter an absolute or relative path to the file. The path must be placed in quotation marks if it contains a space.

<action> - this parameter sets responses to malicious objects detected during the scan. If this parameter is not defined, the default action is the one with the value for /i2.

• /i0 - take no actions on the object; simply record information about it in the report. 
• /i1- Treat infected objects, and if disinfection fails, skip 
• /i2 - Treat infected objects, and if disinfection fails, delete, but do not delete infected objects from compound objects, and delete compound objects with executable headers (sfx archives) (this is the default setting). 
• /i3 - Treat infected objects, and if disinfection fails, delete and delete all compound objects completely if the infected attachments cannot be deleted. 
• /i4 - Delete infected objects, and if disinfection fails, delete and delete all compound objects completely if the infected attachments cannot be deleted.

<action query> - this parameter defines which actions will prompt the user for a response during the scan. If the parameter is not defined, the action is requested by default at the end of the scan. 

• /a0 - Do not prompt 
• /a1 - Prompt for action if an infected object is detected 
• /a2 - Prompt for action at the end of the scan

<file types> -  this parameter defines the file types that will be subject to anti-virus scan. By default, if this parameter is not defined, only potentially infected files will be scanned by contents. 

• /fe - Scan only potentially infected files by extension 
• /fi - Scan only potentially infected files by contents
• /fa - Scan all files

<exclusions> - this parameter defines objects that are excluded from the scan. It can include several values from the list provided, separated by spaces. 

• /e:a - Do not scan archives 
• /e:b - Do not scan e-mail databases 
• /e:m - Do not scan plain text e-mails 
• /e:<mask> - Do not scan objects by mask 
• /e:<seconds> - Skip objects that are scanned for longer that the time specified in the parameter.

<configuration file> defines the path to the configuration file that contains the program settings for the scan. You can enter an absolute or relative path to the file. If this parameter is not defined, the values set in the program interface are used. The parameter syntax is the following: /C: <settings_file> use the settings values assigned in the file <settings_file> in the C:\ root directory.

<report settings> this parameter determines the format of the report on scan results. You can use an absolute or relative path to the file. If the parameter is not defined, the scan results are displayed on screen, and all events are displayed. 

• /R:<report_file> - Only log important events in this file 
• /RA:<report_file> - Log all events in this file

Examples:

Example 1: Start a scan of RAM, Startup programs, e-mail databases, the directories My Documents and Program Files, and the file test.exe:

avp.com SCAN /MEMORY /STARTUP /MAIL "C:\Documents and Settings\All Users\My Documents" "C:\Program Files" "C:\Downloads\test.exe"

Example 2: Pause scan of selected objects and start full computer scan, then continue to scan for viruses within the selected objects:

avp.com PAUSE SCAN_OBJECTS /password=<your_password>

avp.com START SCAN_MY_COMPUTER

avp.com RESUME SCAN_OBJECTS

Example 3: Scan the objects listed in the file object2scan.txt. Use the configuration file scan_setting.cfg. After the scan, generate a report in which all events are recorded:

avp.com SCAN /MEMORY /@:objects2scan.txt /C:scan_settings.cfg /RA:scan.log

Top of page

Program updates

The syntax for updating program modules and threat signatures from the command prompt is as follows:

avp.com UPDATE [<path/URL>] [/R[A]:<report_file>] [/C:<settings_file>] [/APP]

Parameter description: 

• [<path/URL>] - HTTP or FTP server or network folder for downloading updates. If a path is not selected, the update source will be taken from the Updater settings.
• /R:<report_file> - only log important events in the report.
• /R[A]:<report_file> - log all events in the report. You can use an absolute or relative path to the file. If the parameter is not defined, the scan results are displayed on screen, and all events are displayed.
• /C:<settings_file> - Path to the configuration file with the settings for program updates. You can enter an absolute or relative path to the file. If this parameter is not defined, the values for the settings in the program interface are used. 
• /APP - Update program modules

Examples:

Example 1: Update threat signatures after recording all events in the report:

avp.com UPDATE /RA:avbases_upd.txt

Example 2: Update the program modules by using the settings in the configuration file updateapp.ini:

avp.com UPDATE /APP /C:updateapp.ini

Top of page

Rollback the latest database update

Prompt syntax:

ROLLBACK [/R[A]:<report_file>] 

• /R:<report_file> - only log important events in the report 
• /R[A]:<report_file> - log all events in the report

You can use an absolute or relative path to the file. If the parameter is not defined, the scan results are displayed on screen, and all events are displayed.

Example:

avp.com ROLLBACK /RA:rollback.txt

Top of page

Exporting settings

Command syntax:

avp.com EXPORT <profile|taskid> <settings_file>

Parameter description:

<profile> - Component or task with the settings being exported. One of the following values may be used:

• RTP – all protection components
• FM – File Anti-Virus
• EM – E-Mail Anti-Virus
• WM – Web Anti-Virus
• BM - Proactive Defense
• ASPY – Anti-Spy
• AH – Anti-Hacker
• AS – Anti-Spam

<settings_file> - Path to the file to which the program settings are exported. You can use an absolute or relative path. You can only use binary files (cfg).

Example:

avp.com EXPORT c:\kis60settings.cfg

Top of page

Importing settings

Command syntax:

avp.com IMPORT <settings_file>, where <settings_file> is a path to the file from which the program settings are being imported. You can use an absolute or relative path. You can only use binary files (cfg).

Example:

avp.com IMPORT c:\kis60settings.cfg

Top of page

Starting the program

Command syntax:

avp.com

Top of page

Stopping the program

Command syntax:

EXIT /password=<pasword>,  where <password> is the program password assigned in the program interface. Note that you cannot execute this command without entering the password.

Top of page

Viewing Help

This command is available for viewing Help on command prompt syntax:

avp.com [ /? | HELP ]

To get help on the syntax of a specific command, you can use one of the following commands:

avp.com <command>/?

avp.com HELP <command>

Top of page

Return codes of the command prompt

This section describes return codes of the command prompt. General codes can be returned by any command of the prompt line. General codes and codes specific for some definite task belong to return codes.

General return codes:

• 0 – Task is succesfully executed 
• 1 – Not correct value of the parameter
• 2 – Unknown error 
• 3 – Error when executing the task
• 4 – tTsk execution is canceled

Return codes of the anti-virus scan tasks:

• 101 – All dangerous objects are processed
• 102 – Dangerous objects detected

Top of page