Run a Custom Scan from the Command Line Interface
- Open the Windows command line interface
- Run the scan by entering a command with the following format:
[file path]/[executable] -scan parameter1 - scan parameter2 -scan parameter3...
For example, if CCE is in C:/Comodo/CCE, then the command is:
C:/Comodo/CCE/CCE -s “[scan attribute1];[scan attribute1]” -o “[scan option1];[scan option1]” -d “[drive letter]” -p “[file path]” -shift
-
The parameters -o, -d and -p are optional
-
The parameters and arguments are explained in the following tables:
Scan Attributes
|
Scan Attributes |
|
|---|---|
|
Argument |
Description |
|
m |
Scan memory on start. |
|
c |
Scan critical areas and boot sectors. |
|
f |
Scan selected drivers for hidden files/folders. Note: if you use "f" parameter, you must add -d "drive" (explained below). |
|
r |
Scan hidden registry objects. |
|
nv |
Don't scan for viruses. |
Syntax
-s “[scan attribute1];[scan attribute1]”...
Examples:
To run a scan with the attributes 'scan memory on start', 'Scan critical areas and boot sectors' and 'Scan selected drivers for hidden files/folders' on drive 'c:', then the parameters are to be entered as:
C:/Comodo/CCE/CCE -s"m;c;f;r" -d "c"
To run a full scan of your system, just enter
C:/Comodo/CCE/CCE -s
Scan Options
|
Scan Options |
|
|---|---|
|
Argument |
Description |
|
ARCHIVE |
Scan storage files (e.g. *.zip, *.rar). |
|
HOOK |
Restore any kernel hooks before the scan. |
|
SUSMBR |
Scan selected drivers for hidden files/folders. Scan suspicious MBR modifications in full scan (Valid for single boot computers only). |
|
MODMBR |
Report all MBR modifications in full scan(Valid for single boot computers only). |
|
RESTORE |
Create a windows reinstate point before performing the scan. |
|
CAMAS |
Scan unknown processes in memory with CAMAS. |
|
CAMASTIME=NN |
CAMAS timeout seconds. |
|
Heur=N |
Heuristics Scanning level.
|
|
MAX=20 |
Do not scan files larger than 20(MB). |
|
LOGLEVEL=N |
Specifies the log level.
|
Syntax
-o “[scan option1];[scan option1]”
Examples:
To run a scan drive 'C:' with the options 'Scan archive files', 'Report all MBR modifications in full scan' and 'Scan unknown processes in memory with CAMAS' with CAMAS time out period of 300 seconds.
C:/Comodo/CCE/CCE-s -o "ARCHIVE;MODMBR;CAMAS;CAMASTIME=300 -d "c"
Scan Drives
The hard disk drive partition(s) to be scanned can be specified as arguments for the parameter -d.
Syntax
-d “[drive letter 1[;[drive letter 2]... ”
Examples:
To run a scan drive partitions 'C: and 'D:'
C:/Comodo/CCE/CCE -s -d "c;d"
Scan Specific Folders/Files
To scan specific file(s)/folder(s), you can enter the path(s) of it/them as argument to the parameter -p.
Syntax
-p “[file path 1];[file path 2]... ”
Examples:
To scan the folder 'C:/Program Files'
C:/Comodo/CCE/CCE -s -p “C:Program Files”
To run a scan files 'note1.txt' and 'note2.txt' in the folder 'C:/My Documents'
C:/Comodo/CCE/CCE -s -p “C:/My Documents/note1.txt;C:/My Documents/note2.txt”
Aggressive Mode Scanning
To start the scanning in aggressive mode, include the parameter -shift to the command.
Example:
C:/Comodo/CCE/CCE -s -shift
The CCE application will start scanning, reboot and clean threats automatically without user interaction.
Randomize Application Window Name:
Active malware may sometimes try to prevent CCE binaries from executing by blocking the CCE file-name. Sometimes this can be overcome by simply renaming the CCE executable. However, some malware goes a step further and blocks CCE by application window name. To overcome this problem, any CCE binary can be executed using the “-w” switch along with other applicable command line options:
-w [WindowName]
You can specify a name of your choice which will be used as the application window title.
Avoid Auto Reboot:
By default, CCE will automatically reboot your system if threats are discovered during a command-line scan. Use the following command line option to avoid a re-boot:
-noreboot