You want to use the Symantec Protection Engine Command Line Scanner (SSECLS).
NOTE: This tool is only for testing and is not supported for use in production.
Use SSECLS from a command line. The following is the basic command line syntax.
ssecls [options] <file|directory> [file|directory]
Notes: In the line above there is a single space between each part. For example there is a space between ssecls and [options]. When inserting an option, replace [options] with the command. For example: ssecls -verbose
You can use several options with SSECLS. The following lists each option and associated defaults:
-server <IP1>
Defaults to server 127.0.0.1:1344.
Multiple servers can be specified for load balancing.
Notes:
In the option above, insert the IP address for <IP1>
You can add multiple IP addresses and ports using the syntax -server <IP1>
An example: -server 127.0.0.1:1344;127.122.122.1:8081
-mode <scan|scanrepair>
Defaults to the Protection Engine's scan policy.
-verbose
Display file name and infection status for every file scanned.
-details
Display detailed infection information for infected files.
-timing
Display the total time required to scan the file.
-recurse
Recurse through directories.
-onerror leave|delete
Defaults to delete infected file when error occurs replacing the file.
Additional notes for Symantec Protection Engine Command Line Scanner included with Symantec Protection Engine Engine 7.0 and up:
The command-line scanner has been enhanced with new options to exclude certain files from scanning, and with the ability to redirect console output to a log file. Three command line arguments control these new capabilities.
Enhanced Logging
-log path
To redirect console output to a log file, use the argument '-log _path_' where _path_ is a full or partial path to a file. The file will be created if it does not exist, or overwritten if it does exist. When running in this mode, most output is sent to the log file instead of the screen; instead, savsecls writes a series of dots to the screen as it scans files so that you can 'see' progress.
Exclusions
-exclude *.ext | path/to/file | /path/to/dir
To exclude files by name, a rule file must be created. The format of the file is one string per line, where the string may contain:
Once a rule file has been created, run savsecls with the argument '-exclude _path_' where _path_ is the path to the rule file created above.
-maxsize size in bytes
To exclude files above a certain size from being scanned, use the argument '-maxsize _bytes_' where any file _bytes_ size or greater will be skipped by savsecls (e.g. such files are never sent to the scan engine.)
Notes: