Introduction

This page stores the antivirus scanners that people have used together with the Attachment Checker.
This is not a comprehensive list of antivirus products. If you have managed to use another product, do let us know so that we can update this list

The requirements for the Command Line Scanner for the Attachment Checker are

The scanner should allow scanning of a single file
The file to be scanned should be the last parameter
The scanner should return the exit code value 0 if there is no threat found. Other values if there is a possible infection

List of Command Line Scanners

Product	Name of Command Line Scanner	Remarks
Avast! Internet Security	ashcmd.exe	The command line takes a long time to start up, thus not recommended The free version does not come with the command line scanner
AVG Scan	avgscanx.exe	avgscanx requires the path of the scan as an argument parameter. The attachment checker assumes the file to be scanned is the last name after the last space character avgscanx /scan=filename.exe
ClamAV	clamscan	The manual page is available at http://linux.die.net/man/1/clamscan
Eset	ecls.exe	The supported parameters for ecls can be found at http://support.eset.com/kb3417/?viewlocale=en_EN
F-Prot	fpscan.exe	The supported parameters for fpscan can be found at http://www.f-prot.com/support/windows/fpwin_faq/445.html The return values can be found at http://www.f-prot.com/support/windows/fpwin_faq/310.html
Kaspersky Endpoint Security for Linux	kesl-control
McAfee VirusScan (Linux)	uvscan
McAfee VirusScan (Windows)	scan.exe	Those using Attachment Checker for Jira 2.7.0 and above, add /ALL to the Additional Options to allow scanning of any file extensions.
Sophos Antivirus	savscan	The supported parameters can savscan can be found at https://www.sophos.com/en-us/medialibrary/PDFs/documentation/savl_9_cgeng.pdf
Symantec Endpoint Protection	DoScan.exe	The exit code will always return 0 even if virus is detected.
Trellix E	amcfg.exe	The exit code will always return 0 even if virus is detected
Trend Micro OfficeScan	wofielauncher.exe	The exit code will always return 0 even if virus is detected
Windows Defender	MpCmdRun.exe	The configuration manual is available at Configuring virus scanner full path with additional options Newer versions of Windows Defender will always return 0 even if virus is detected. Please check

For additional information, please refer to Additional steps for anti-virus scanning

How to check if your antivirus scanner is compatible

Download eicar.txt from https://www.eicar.org/download-anti-malware-testfile/
From: https://en.wikipedia.org/wiki/EICAR_test_file

The EICAR Anti-Virus Test File or EICAR test file is a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization (CARO), to test the response of computer antivirus (AV) programs. Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use a real computer virus.
Execute the command line scanner to scan the file.
```
C:\Program Files (x86)\MpCmdRun.exe -Scan -ScanType -File eicar.txt
```
This command is for Windows Defender. Please update the command and options for the virus scanner you are using
Check the errorLevel returned by the previous command
For Microsoft Windows
```
echo "returning errorLevel = " %ERRORLEVEL%
```
For Linux
```
echo "returning errorLevel = " $?
```
If the error level is not 0, then it is compatible