PARTNERS

Using the command line interface

Bitdefender Endpoint Security Tools allows you to automatically run local on-demand scanning tasks and updates by using the Product Console, a command line interface found in the product installation folder on your Windows machines.

The BEST command line interface has two working modes:

  • Multiple commands at once. This mode uses own command line interface and allows you to enter commands and receive results until you exit.

    To access this mode:

    1. Go to c:\Program Files\Bitdefender\Endpoint Security or to the folder where BEST was installed.

    2. Find and double-click the product.console executable. The command line interface opens up.

    3. Execute the desired command.

      Example:

      GetVersion antivirus

      The returned result represents the version number of the antimalware signatures.

    4. Execute exit to close the command line interface.

      product-console-interactive.png
  • One command at a time. This mode uses the Command Prompt and returns to the system prompt after the command is executed.

    To access this mode:

    1. Open Command Prompt (cmd.exe).

    2. Use the cd command to navigate to the Bitdefender Endpoint Security Tools installation folder.

    3. Execute the desired command.

      Example:

      • C:\Program Files\Bitdefender\Endpoint Security > product.console.exe /c StartUpdate
    4. If the command is succesfully executed the returned result is error 0.

      product-console-cmd.png

Supported commands

The command line interface supports several commands, some of them requiring parameters to return valid results.

All examples in this section are given using the Product Console from the BEST installation folder.

GetUpdateStatus product|antivirus

Retrieve information about the last update(s).

This command requires one of these parameters:

  • product – refers to the BEST version.

  • antivirus – refers to the version of the antimalware signatures.

Example:

getupdatestatus_product_antivirus.png
GetVersion product|antivirus

Retrieve information about the product's current version.

This command requires one of these parameters:

  • product – refers to the BEST version.

  • antivirus – refers to the version of the antimalware signatures.

Example:

getversion_product_antivirus.png
IsUpdateInProgress

Verify if a product update is in progress.

Output values:

  • true - a product update is in progress.

  • false - no product update is in progress.

Example:

update_in_progress.png
IsUpdateRestartNeeded

Verify if a machine requires a system restart after the update.

Output values:

  • true - the machine requires a system restart after the update.

  • false - the machines does not require a system restart after the update.

Example:

restart_needed.png
StartUpdate

Start an update and retrieve the result without waiting for the task to finish.

Example:

StartUpdate

Output format: error 0 (the command has been executed successfully)

start_update.png
StartUpdate -force

Override the product update settings and start a forced update process. The command returns an error code.

Note

This command requires administrator privileges.

FileScan.OnDemand.RunScanTask custom [option]

Starts an on-demand scan and displays the path to the scan log and the summary of the scan.

This command requires the parameter custom, followed, if needed, by one or more options. For example:

scan_task_custom.png

With options, you can customize a scanning task. These options are not mandatory.

Each option has two or more available values, but you can use only one value.

When the FileScan.OnDemand.RunScanTask command does not specify any option, the custom scan takes into account the default value of that option. For example, if you run this command without mentioning the scanKeyloggers option, that means Bitdefender Endpoint Security Tools will still scan for keyloggers, according to the scanKeyloggers default value (true).

Note

There are no specific commands for Quick scan or Full scan. However, you can configure FileScan.OnDemand.RunScanTask to scan either only the OS location or the entire system, with all options enabled, as needed.

Options

path="<path>"

Enter the path of the scan target location. For multiple paths use: path="<path1>" path="<path2>".

Example:

FileScan.OnDemand.RunScanTask custom path="C:\Program Files"
scan_path.png

infectedAction1=ignore|disinfect|disinfectOnly|delete|quarantine

Select the first action taken when an infected file is detected: ignore, disinfect, delete or move it to quarantine. You can use this action together with infectedAction2.

Default value: disinfect

Example:

infected_action1_ignore.png

infectedAction2=ignore|disinfect|disinfectOnly|delete|quarantine

Select the second action taken when an infected file is detected if the first action fails.

Default value: quarantine

Example:

infected_action2_quarantine.png

suspiciousAction1=ignore|delete|quarantine

Select the first action to take when a suspicious file is detected. You can use this action together with suspiciousAction2.

Default value: ignore

Example:

suspicious_action1_quarantine.png

suspiciousAction2=ignore|delete|quarantine

Select the second action taken when a suspicious file is detected if the first action fails.

Default value: ignore

Example:

suspicious_action2_delete.png

scanBootSectors=true|false

Scan the boot sectors of your hard disk.

Default value: false

Example:

scan_bootsectors.png

scanRegistry=true|false

Scan the registry keys on your machine.

Default value: false

Example:

scan_registry.png

scanMemory=true|false

Scan the programs running in your system’s memory.

Default value: false

Example:

scan_memory.png

smartScan=true|false

Scan only new and changed files.

Default value: true

Example:

scan_smart.png

scanRootKits=true|false

Scan for rootkits and hidden objects using such software.

Default value: false

Example:

scan_rootkits.png

scanKeyloggers=true|false

Scan for keylogger software.

Default value: true

Example:

scan_keyloggers.png

scanPUA=true|false

Scan Potentially Unwanted Applications (PUA).

Default value: false

Example:

scan_pua.png

scanArchives=true|false

Scan for infected files inside archives.

Default value: true

Example:

scan_archives.png

extensionType=all|application|custom|none

Scan files depending on their extension: all files, only executable files, only files with the extensions you want, or do not scan any file.

Default value: all

Example:

extension_type.png

customExt="<string>"

This option helps you scan only the files with the extensions you want. It requires a string with each extension between vertical bars (such as "|exe|ini|txt|"). This option is valid only together with the option extensionType=custom.

Example:

custom_ext.png

lowPriority=true|false

Run the task with low priority.

Default value: false

Example:

low_priority.png

These options are an alternative to the options available in BEST console. For more information refer to Configuring and Running a Custom Scan.

Command line error codes

The command line utility may return the following error codes:

Error code

Description

0

Command executed successfully

87

Invalid parameter

160

Bad arguments

1627

Function failed – an error occurred while executing the command.