[midi2k6]

Are you guys interesting [SCAN] Viruses on first boot with your Apps Silent Install commandline?
I believe some body already did that or you may have not, well then hope my idea is works:

This will (should) works with NOD32 (all versions), i am using 3.x for an example:

Fresh install OS, then silent app.cmd or runonce blah blah... we're all know this well (so i am going skip that GUIUNATTENDED), you already have:

[GuiUnattended]
%systemdrive%\Install\Install.cmd

Now create a another batch for Nod32 scan like silent apps, i named it: NOD32_DOS_SCAN.cmd

[GuiUnattended]
%systemdrive%\Install\Install.cmd
%systemdrive%\Install\NOD32_DOS_SCAN.cmd

the commandline here: (you can copy & paste into notepad and name it nod32 scan.cmd or whatever name.cmd you like)

----------------------------------------- dos commandline start -----------------------------------------
@echo off

start /wait "%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" /base-dir="%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus" log-file=nod32-dos-scan.log --auto --files --boots --arch --sfx --rtp --subdir --max-subdir-level=0 --adware --unsafe --unwanted --pattern --heur --adv-heur --action=none --quarantine --aind

exit
----------------------------------------- dos commandline end -----------------------------------------

If you have different versions above you always can change your Nod32 path: could be \Program Files\Nod32\Nod\
you can write your own commandline, to get your NOD32 commandline help, type this:
"%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" --help"

"%systemdrive%\Nod32 Path\ecls.exe" --help

An example from version 3.x:
----------------------------------------- Help Result Start -------------------------------------------------------
Options
/base-dir=FOLDER load modules from FOLDER
/quar-dir=FOLDER QUARANTINE folder
/exclude=FOLDER exclude FOLDER from scanning
/subdir scan subfolders (default)
/no-subdir do not scan subfolders
/max-subdir-level=LEVEL subfolder maximum nesting LEVEL (default 0 =unlimited)
/symlink follow symbolic links (default)
/no-symlink skip symbolic links
/log-file=FILE log output to FILE
/log-rewrite overwrite output file (default - append)
/log-all also log clean files
/no-log-all do not log clean files (default)
/aind show activity indicator
/auto scan and automatically clean all local disks
Scanner options
/files scan files (default)
/no-files do not scan files
/boots scan boot sectors (default)
/no-boots do not scan boot sectors
/arch scan archives (default)
/no-arch do not scan archives
/max-archive-level=LEVEL maximum archive nesting LEVEL (default 0 =unlimited)
/scan-timeout=LIMIT scan archives for LIMIT seconds at maximum
/max-arch-size=SIZE scan only the first SIZE bytes in archives
(default 0 = unlimited)
/mail scan email files
/no-mail do not scan email files
/sfx scan self-extracting archives
/no-sfx do not scan self-extracting archives
/rtp scan runtime packers
/no-rtp do not scan runtime packers
/adware scan for Adware/Spyware/Riskware
/no-adware do not scan for Adware/Spyware/Riskware
/unsafe scan for potentially unsafe applications
/no-unsafe do not scan for potentially unsafe applications
/unwanted scan for potentially unwanted applications
/no-unwanted do not scan for potentially unwanted applications
/pattern use signatures
/no-pattern do not use signatures
/heur enable heuristics
/no-heur disable heuristics
/adv-heur enable Advanced heuristics
/no-adv-heur disable Advanced heuristics
/ext=EXTENSIONS scan only EXTENSIONS delimited by colon
/ext-exclude=EXTENSIONS exclude EXTENSIONS delimited by colon from scanning
/action=ACTION perform ACTION on infected objects. Available actions: none, clean, prompt
/quarantine copy infected files to Quarantine (supplements ACTION)
/no-quarantine do not copy infected files to Quarantine
General options
/help show help and quit
/version show version information and quit

Exit codes:
0 no threat found
1 threat found but not cleaned
10 some infected files were not cleaned
101 archive error
102 access error
103 internal error
Exit codes greater than 100 mean that the file was not scanned and thus can be infected.
----------------------------------------- Help Result End -------------------------------------------------------
____________________________________________________________________________________________________

change / to -- in your commandline to tell NOD32 how you want it scans, or you can use mine (deep scan, slower is better)
____________________________________________________________________________________________________

@echo off

"%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" /base-dir="%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus" log-file=nod32-dos-scan.log --auto --files --boots --arch --sfx --rtp --subdir --max-subdir-level=0 --adware --unsafe --unwanted --pattern --heur --adv-heur --action=none --quarantine --aind

EXIT

Well, i should do this to confirm my fresh OS is (SUPER CLEAN) before doing "System Backup" like GHOST ..ect ...
Sometimes we catch viruses during integrate OS, or create new Silent Apps, or some new applications (hidden viruses) that we never check randomly. Especially, when we update NEWEST ADDONS or intergrate Newer Silent Apps.

ENJOY

PS: I love to share my ideals + my experiences to others like the first day i've learned from people who i called them Geniuses.

[larciel]

Very interesting! I'll bookmark this for future need

[NaDer_GenKO]

Very Good Idea.. Thanks