1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. VCLCDE-AA-DA - VirusScan Command Line Scanner...
  6. Product manual

McAfee VCLCDE-AA-DA - VirusScan Command Line Scanner Standard Product Manual

Product guide
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
VirusScan
version 5.20.0
McAfee
®
System Protection
Industry-leading intrusion prevention solutions
®
Command Line
Product Guide

Advertisement

Table of Contents
loading

Related Manuals for McAfee VCLCDE-AA-DA - VirusScan Command Line Scanner Standard

Summary of Contents for McAfee VCLCDE-AA-DA - VirusScan Command Line Scanner Standard

  • Page 1 Product Guide ® VirusScan Command Line version 5.20.0 McAfee ® System Protection Industry-leading intrusion prevention solutions...
  • Page 2 For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein.

  • Page 3: Table Of Contents

    Contents ® Introducing VirusScan Command Line Product features ........... 5 What’s new in this release .
  • Page 4 ® VirusScan Command Line 5.20.0 Product Guide Contents Updating your DAT files ......... 43 Index...

  • Page 5: Introducing Virusscan

    ® Introducing VirusScan Command Line The command-line scanner is a program that you can run from a command-line prompt. It provides an alternative to scanners that use a graphical user interface (GUI). Both types of scanner use the same scanning engine. This section describes: Product features What’s new in this release Using this guide...

  • Page 6: What's New In This Release

    It's faster than before: We've listened to our customers who asked for a faster Engine and it delivers superior performance to current McAfee Anti-Virus products on all supported platforms. 100% drop-in compatibility with existing McAfee Anti-Virus products and DAT files.

  • Page 7: Conventions

    Note: Supplemental information; for example, another method of executing the same command. Note Tip: Suggestions for best practices and recommendations from McAfee for threat prevention, performance and efficiency. Caution: Important advice to protect your computer system, enterprise, software installation, or data.

  • Page 8: Getting Product Information

    Getting product information Getting product information Unless otherwise noted, product documentation comes as Adobe Acrobat .PDF files, available on the product CD or from the McAfee download site. Product Guide — Product introduction and features, detailed instructions for installing and configuring the software, information on deployment, recurring tasks, and operating procedures.

  • Page 9: Contact Information

    For Products (ServicePortal account and valid grant number required) Product Evaluation McAfee Beta Program Technical Support http://www.mcafee.com/us/support/ KnowledgeBase Search http://knowledge.mcafee.com/ McAfee Technical Support ServicePortal (Logon credentials required) https://mysupport.mcafee.com/eservice_enu/start.swe Customer Service http://www.mcafee.com/us/support/index.html http://www.mcafee.com/us/about/contact/index.html Phone — US, Canada, and Latin America toll-free: +1-888-VIRUS NO or +1-888-847-8766 Monday –...

  • Page 10: Installing Virusscan Command Line

    ® Installing VirusScan Command Line ® We distribute the VirusScan Command Line software in two ways — on a CD, and as an archived file that you can download from our web site or from other electronic services. Review the Installation requirements to verify that the software will run on your system, then follow the installation steps.

  • Page 11: Installing The Software

    ® ® VirusScan Command Line 5.20.0 Product Guide Installing VirusScan Command Line Installing the software Installing the software If you suspect your computer is already infected, see Removing Infections on page 38 before you install the scanner software. 1 Create a directory for the software on your hard disk. If you are using DOS, you may MKDIR 2 Depending on the source of your command-line program files, do one of the following:...
  • Page 12 ® ® VirusScan Command Line 5.20.0 Product Guide Installing VirusScan Command Line Installing the software Sample batch file The following code is provided only as a suggestion, for you to use and modify to suit your own purposes. It has not been thoroughly tested. This sample batch file assumes that and the DAT files are in the current directory.

  • Page 13: Validating Your Files

    ® ® VirusScan Command Line 5.20.0 Product Guide Installing VirusScan Command Line Validating your files Validating your files When you download or copy files from any outside source, your computer is at risk of virus infection — even if the risk is small. Downloading our scanning software is no exception.

  • Page 14: Testing Your Installation

    ® ® VirusScan Command Line 5.20.0 Product Guide Installing VirusScan Command Line Testing your installation 7 Compare the output from VALIDATE.EXE PACKING.LST The sizes, creation dates and times, and validation codes for each file name must match exactly. If they do not, delete the file immediately. Do not open the file or examine it with any other utility;...

  • Page 15: Removing The Program

    ® ® VirusScan Command Line 5.20.0 Product Guide Installing VirusScan Command Line Removing the program Removing the program To remove the product from your system: ® 1 Change your command prompt to point to the directory that contains the VirusScan Command Line files (as set up in Step 1 under...

  • Page 16: Using The Command-Line Scanner

    Using the Command-Line Scanner The command-line scanner is a program that you can run from a command prompt. If the scanner has been added to or is in the current directory, you can run a scan PATH by typing at the command prompt with the options you want. For a complete list SCAN of options, see page...

  • Page 17: What Can You Scan

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner What can you scan? What can you scan? File types scanned by default. The following file types and many other common file types that are susceptible to infection are scanned by default: .BIN, .COM, .DLL, .DOC, .DOT, .EXE, .HTM, .INI, .OVL, .RTF, .SYS, .VBS, .VXD, .XLA, .XLS, and .XLT.

  • Page 18: Scanning Files In Remote Storage

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Scanning files in remote storage Scanning files in remote storage Under some Microsoft Windows systems, files that are not in frequent use can be stored in a remote storage system, such as the Hierarchical Storage Management (HSM) system.

  • Page 19: Using Memory Caches

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Using memory caches Using memory caches When scanning a file for viruses and other potentially unwanted software, the scanner reads the file into computer memory in amounts determined by the operating system. Although changes are not normally necessary, you can improve the scanning speed by increasing the amount of memory that the scanner uses.

  • Page 20: Scanning Processes In Memory

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Scanning processes in memory The cache is allocated “per file”, so the scanner uses a large amount of cache if there are many nested files. A larger cache size normally improves scanning speeds unless the computer has very low memory.

  • Page 21: Command-Line Conventions

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Running an on-demand scan Response and notification options — determine how the scanner responds to infected files. See page Report options — determine how the scanner displays the results of the scan. See page General options —...

  • Page 22: Configuring Scans

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Configuring scans Configuring scans Instead of running each scan with all its options directly from the command line, you can keep the options in a separate text file, known as a task file. In the file, you can specify the actions that the scanner must take when a virus is detected.

  • Page 23: Creating A List Of Infected Files

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Creating a list of infected files Example 2 To scan only files smaller than 4 and to ignore compressed executables created with LZEXE or PkLite in three separate directories, type the command: SCAN /LOAD C:\TASKS\CONFIG2.TXT /CHECKLIST C:\CHECKS\CHECK1.TXT The contents of the task file...

  • Page 24: Using Heuristic Analysis

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Using heuristic analysis Using heuristic analysis A scanner uses two techniques to detect viruses — signature matching and heuristic analysis. A virus signature is simply a binary pattern that is found in a virus-infected file. Using information in the DAT files, the scanner searches for those patterns.

  • Page 25: Choosing The Options

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Choosing the options The following sections describe the options that you can use to target your scans: Scanning options. Response and notification options on page Report options on page General options on page The options are also listed alphabetically with brief descriptions on page...
  • Page 26 ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Table 3-2 Scanning options (continued) Option Limitations Description Use heuristic analysis to find possible new viruses in /ANALYZE “clean” files. /ANALYSE This step occurs after the program has checked the file for other viruses and potentially unwanted software.
  • Page 27 ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Table 3-2 Scanning options (continued) Option Limitations Description None. Do not scan before the specified number of hours after the /FREQUENCY <HOURS> previous scan. In environments where the risk of virus infection is very low, this option prevents unnecessary scans.
  • Page 28 ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Table 3-2 Scanning options (continued) Option Limitations Description None. Do not check compressed executables created with the /NOCOMP LZEXE or PkLite file-compression programs. This reduces scanning time when a full scan is not needed. Otherwise, by default, the scanner checks inside executable, or self-decompressing files by decompressing each file in memory and checking for viruses.
  • Page 29 ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Table 3-2 Scanning options (continued) Option Limitations Description None. Scan for potentially unwanted applications. /PROGRAM Some widely available applications such as “password crackers” can be used maliciously or can pose a security threat.

  • Page 30: Response And Notification Options

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Response and notification options The response and notification options determine how the scanner responds to an infection. You can use a combination of these options to customize the scan. None of the options in the following table occur automatically.
  • Page 31 ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Table 3-3 Response and notification options (continued) Option Limitations Description None. Move any infected files to a quarantine location as specified. /MOVE <DIR> When the program moves an infected file, it replicates the full directory path for the infected file inside the quarantine directory, so that you can determine the original location of the infected file.

  • Page 32: Report Options

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Report options By default, the results of a scan appear on-screen. The following table lists the options for displaying the results elsewhere. To capture a scanner report to a text file, use with any additional options as needed.

  • Page 33: General Options

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options General options General options provide help or give extra information about the scan. You may use a combination of these options to customize the scan. None of the options in Table 3-5 occur automatically.

  • Page 34: Options In Alphabetic Order

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Options in alphabetic order For convenience, the options are repeated in this section alphabetically with a brief description. For full descriptions, see the previous sections. Table 3-6 Alphabetic list of options Option Description See ...
  • Page 35 ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Choosing the options Table 3-6 Alphabetic list of options (continued) Option Description See ... Load scanning options from the named file, or scanning profile. page 27 /LOAD <FILENAME> Halt and lock the computer if a virus is found. page 30 /LOCK Display a progress summary during the scan.

  • Page 36: Error Levels

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Error levels Table 3-6 Alphabetic list of options (continued) Option Description See ... Examine all files, decompress archive files, and use heuristic page 29 /SECURE analysis. Report any files that are packaged. page 29 /SHOWCOMP Do not display any information on-screen.

  • Page 37: Handling Error Messages

    ® VirusScan Command Line 5.20.0 Product Guide Using the Command-Line Scanner Handling error messages Handling error messages You can often correct the message, by checking Invalid switch or incorrect usage the form of the command in Options in alphabetic order on page Where an option has a parameter, insert only one space between them.

  • Page 38: Removing Infections

    Removing Infections Although they are not harmless, most viruses that infect your computer do not destroy data, play pranks, or render your computer unusable. Even the rare viruses that carry a destructive payload usually produce their nasty effects in response to a trigger event. In most cases, unless you know that a payload has activated, you have time to deal with the infection properly.
  • Page 39 ® VirusScan Command Line 5.20.0 Product Guide Removing Infections 9 If necessary, repeat Step 7 Step 8 to ensure that all effects of the original infection are removed. 10 If you cannot remove all effects of the original infection, refer to the Virus Information Library for more information about manually removing an infection.

  • Page 40: If The Scanner Detects A Virus

    ® VirusScan Command Line 5.20.0 Product Guide Removing Infections If the scanner detects a virus If the scanner detects a virus Viruses attack computer systems by infecting files — usually executable program files or macros inside documents and templates. The scanner can safely remove most common viruses from infected files.

  • Page 41: Running Additional Virus-Cleaning Tasks

    ® VirusScan Command Line 5.20.0 Product Guide Removing Infections If the scanner detects a virus Take care if you are using more than one of these options in combination. For example, if you specify /MOVE and /CLEAN together, the scanner creates a copy of an infected Caution file in the specified quarantine directory before attempting to clean the file.

  • Page 42: Preventing Infections

    To create a secure system environment and minimize the chance of infection, we recommend that you do the following: ® Install VirusScan Command Line software and other McAfee security software. Schedule scans — at system boot and/or at regular intervals. ® Make frequent backups of important files. Even if you have VirusScan...

  • Page 43: Updating Your Dat Files

    The DAT files are contained in a single compressed file. Download the new file from either of the following sources: FTP server. Open a connection to the FTP site, ftp://ftp.mcafee.com. Use anonymous as your user name and your e-mail address as your password to gain access.
  • Page 44 (See options) error levels scanning error messages setting for scan compressed files Eudora scanning inside evaluating McAfee products, skipping during virus scans general options download website types recognized by the scanner event log examples computer problems, attributing to...
  • Page 45 McAfee messages testing your installation resources displaying when a virus is found Threat Center (See Avert Labs)
  • Page 46 ® VirusScan Command Line 5.20.0 Product Guide Index using this guide audience typeface conventions and symbols version number virus definitions (See DAT files) Virus Information Library Virus Information Library (See Avert Labs Threat Library) virus scanning displaying message when virus is found preventing users from halting viruses...

This manual is also suitable for:

Virusscan command line

Table of Contents