VirusScan Command Line Scanner 6.1.x for Windows switches
Technical Articles ID:
KB52229
Last Modified: 11/26/2018
Last Modified: 11/26/2018
Environment
McAfee VirusScan Command Line Scanner 6.1.x
Summary
You can obtain the following information from the Windows command prompt. Use either of the following commands from the directory where SCAN.EXE is stored:
-
scan.exe /?
-
scan.exe /help
Syntax
Scan [object1] [object2...] [option1] [option2...]
Command Line options in alphabetical order:
| Option | Description |
| /? | Display this help screen. |
| /AD | Scan all drives (not removable media). |
| /ADL | Scan all local drives (not removable media). |
| /ADN | Scan all network drives. |
| /AFC=<cache size> | Set the size(in MB) of the internal cache used when decompressing archive files. |
| /ALL | Scan all files regardless of file name extension. |
| /ALLOLE | Treat all files as compound/OLE regardless of extension. |
| /ANALYZE | Turn on heuristic analysis for programs and macros. |
| /APPEND | Append to report file rather than overwriting. |
| /APPENDBAD | Append to bad file rather than overwriting. |
| /ASCII | Display file names as ASCII text. |
| /BADLIST=<filename> | File name and path for bad list log file. |
| /BOOT | Scan boot sector and master boot record only. |
| /CHECKLIST=<filename> | Scan list of files contained in <filename>. |
| /CLEAN | Clean viruses from infected files and system areas. |
| /CONTACTFILE=<filename> | Display contents of <filename> when a virus is found. |
| /DAM | Remove all macros from infected Microsoft Office files. |
| /DEL | Delete infected files. |
| /DOHSM | Scan migrated files (hierarchical storage management). |
| /DRIVER=<dir> | Directory specifying location of DAT files. |
| /EXCLUDE=<filename> | Do not scan files listed in <filename>. |
| /EXTENSIONS | Scan defaults and user extension list. |
| /EXTLIST | List file extensions scanned by default. |
| /EXTRA = <filename> | Scan using an Extra.DAT file. Specify the full path and file name of the Extra.DAT file. |
| /FAM |
Find all macros - not just infected macros. Use with /DAM to remove all macros. |
| /FDC | Force digital signature check. |
| /FREQUENCY=<hours> | Do not scan <hours> after the previous scan. |
| /HELP | Display this help screen. |
| /HTML=<filename> | Create an HTML report file. |
| /LOAD=<filename> | Load options from <filename>. |
| /LOUD | Include all scanned files in the /REPORT file. |
| /MAILBOX | Scan inside plain text mailboxes. |
| /MANALYZE | Turn on macro heuristics. |
| /MANY | Scan many floppy diskettes. |
| /MAXFILESIZE=<size> | Examine only those files smaller than the specified size (in KB). |
| /MEMSIZE=<size> | File size (in KB) to load into memory for scanning limited by a maximum file size defaulting to 1 MB. |
| /MIME | Scan inside MIME, UUE, XXE, and BinHex files. |
| /MOVE=<dir> | Move infected files into directory <dir>, preservingpath. |
| /NOBKSEM | Prevent scanning of files that are normally protected. |
| /NOBOOT | Do not scan boot sectors. |
| /NOBREAK | Disable Ctrl-C / Ctrl-Break during scanning. |
| /NOCOMP | Do not scan self-extracting executables by default. |
| /NOD | Do not switch into /ALL mode when repairing. |
| /NODDA | No direct disk access. |
| /NODECRYPT | Do not scan password-protected Microsoft Office documents. |
| /NODOC | Do not scan Microsoft Office files. |
| /NOEXPIRE | Disable data files expiration date notice. |
| /NOJOKES | Do not alert on joke files. |
| /NOMEM | Do not scan memory for viruses. |
| /NORECALL | Do not move files from remote storage into local storage after scanning. |
| /NORENAME | Do not rename infected files that cannot be cleaned. |
| /NOSCRIPT | Do not scan files that contain HTML, JavaScript, Visual Basic, or Script Component Type Libraries. |
| /PANALYZE | Turn on program heuristics. |
| /PAUSE | Pause at end of each screen page. |
| /PLAD | Preserve Last Access Dates on Novell NetWare drives. |
| /PROGRAM | Scan for potentially unwanted applications. |
| /RECURSIVE | Examine any subdirectories in addition to the specified target directory. |
| /REPORT=<filename> | Report names of viruses found into <filename>. |
| /RPTALL | Include all scanned files in the /REPORT file. |
| /RPTCOR | Include corrupted files in /REPORT file. |
| /RPTERR | Include errors in /REPORT file. |
| /RPTOBJECTS | Reports number of objects at all levels scanned in summary. |
| /SECURE | Equivalent to Analyze, doall, unzip. |
| /SHOWCOMP | Report any files that are packaged. |
| /SILENT | Disable all screen output. |
| /STREAMS | Scan inside NTFS streams (NT only). |
| /SUB | Scan subdirectories. |
| /THREADS=<nn> | Set scan thread count. |
| /TIMEOUT=<seconds> | Set the maximum time to spend scanning any one file. |
| /UNZIP | Scan inside archive files, such as those saved in ZIP, LHA, PKarc, ARJ, TAR, CHM, and RAR. |
| /VERSION | Display the scanner's version number. |
| /VIRLIST | Display virus list. |
| /WINMEM[=<pid>] | If pid given, scans the Windows Process with Process ID <pid>; otherwise scans all Windows Processes. |
| /XMLPATH=<filename> | File name and path for XML log file. |
For additional information, see your VirusScan Command Line Scanner Product Guide.
For McAfee product documents, go to the Enterprise Product Documentation portal at https://docs.mcafee.com.
Error Levels
When you run the on-demand scanner in the MS-DOS environment, an error level is set. You can use the ERRORLEVEL value in batch files to act based on the results of the scan. See your MS-DOS operating system documentation for more information.
The on-demand scanner can return the following error levels:
| Error Level | Description |
| 0 | The scanner found no viruses or other potentially unwanted software, and returned no errors. |
| 2 | Integrity check on DAT file failed. |
| 6 | A general problem occurred. |
| 8 | The scanner was unable to find a DAT file. |
| 10 | A virus was found in memory. |
| 12 | The scanner tried to clean a file, the attempt failed, and the file is still infected. |
| 13 | The scanner found one or more viruses or hostile objects such as a trojan horse program, joke program, or test file. |
| 15 | The scanner's self-check failed; the scanner might be infected or damaged. |
| 19 | The scanner succeeded in cleaning all infected files. |
| 20 | Scanning was prevented because of the /FREQUENCY option. |
| 21 | Computer requires a reboot to clean the infection. |
| 102 | The user quit via ESC-X, ^C or EXIT button. This feature can be disabled with the /NOBREAK option. |
Related Information
See also:
NOTE: Running scan.exe from the command prompt against a target provides you with version information about the Scan Engine and the DAT file used.
- For more information about performing a command-line scan in Windows, see KB51141.
- For how to set exclusions in VirusScan Command Line Scanner, see KB69551.
NOTE: Running scan.exe from the command prompt against a target provides you with version information about the Scan Engine and the DAT file used.
Example:
scan c:\
Result:
The root of C: is scanned and the follow additional information is also shown:
scan c:\
Result:
The root of C: is scanned and the follow additional information is also shown:
McAfee VirusScan Command Line for Win32 Version: 6.0.3.356
Copyright (C) 2010 McAfee, Inc.
(408) 988-3832 LICENSED COPY - April 11 2012
AV Engine version: 5400.1158 for Win32.
DAT set version: 6676 created Apr 10 2012
Scanning for 619012 viruses, trojans, and variants.
Copyright (C) 2010 McAfee, Inc.
(408) 988-3832 LICENSED COPY - April 11 2012
AV Engine version: 5400.1158 for Win32.
DAT set version: 6676 created Apr 10 2012
Scanning for 619012 viruses, trojans, and variants.
