midi2k6 Posted February 1, 2008 Share Posted February 1, 2008 Are you guys interesting [sCAN] Viruses on first boot with your Apps Silent Install commandline?I believe some body already did that or you may have not, well then hope my idea is works:This will (should) works with NOD32 (all versions), i am using 3.x for an example:Fresh install OS, then silent app.cmd or runonce blah blah... we're all know this well (so i am going skip that GUIUNATTENDED), you already have:[GuiUnattended]%systemdrive%\Install\Install.cmdNow create a another batch for Nod32 scan like silent apps, i named it: NOD32_DOS_SCAN.cmd[GuiUnattended]%systemdrive%\Install\Install.cmd%systemdrive%\Install\NOD32_DOS_SCAN.cmdthe commandline here: (you can copy & paste into notepad and name it nod32 scan.cmd or whatever name.cmd you like)----------------------------------------- dos commandline start -----------------------------------------@echo offstart /wait "%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" /base-dir="%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus" log-file=nod32-dos-scan.log --auto --files --boots --arch --sfx --rtp --subdir --max-subdir-level=0 --adware --unsafe --unwanted --pattern --heur --adv-heur --action=none --quarantine --aindexit----------------------------------------- dos commandline end -----------------------------------------If you have different versions above you always can change your Nod32 path: could be \Program Files\Nod32\Nod\you can write your own commandline, to get your NOD32 commandline help, type this:"%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" --help""%systemdrive%\Nod32 Path\ecls.exe" --helpAn example from version 3.x:----------------------------------------- Help Result Start -------------------------------------------------------Options /base-dir=FOLDER load modules from FOLDER /quar-dir=FOLDER QUARANTINE folder /exclude=FOLDER exclude FOLDER from scanning /subdir scan subfolders (default) /no-subdir do not scan subfolders /max-subdir-level=LEVEL subfolder maximum nesting LEVEL (default 0 =unlimited) /symlink follow symbolic links (default) /no-symlink skip symbolic links /log-file=FILE log output to FILE /log-rewrite overwrite output file (default - append) /log-all also log clean files /no-log-all do not log clean files (default) /aind show activity indicator /auto scan and automatically clean all local disksScanner options /files scan files (default) /no-files do not scan files /boots scan boot sectors (default) /no-boots do not scan boot sectors /arch scan archives (default) /no-arch do not scan archives /max-archive-level=LEVEL maximum archive nesting LEVEL (default 0 =unlimited) /scan-timeout=LIMIT scan archives for LIMIT seconds at maximum /max-arch-size=SIZE scan only the first SIZE bytes in archives (default 0 = unlimited) /mail scan email files /no-mail do not scan email files /sfx scan self-extracting archives /no-sfx do not scan self-extracting archives /rtp scan runtime packers /no-rtp do not scan runtime packers /adware scan for Adware/Spyware/Riskware /no-adware do not scan for Adware/Spyware/Riskware /unsafe scan for potentially unsafe applications /no-unsafe do not scan for potentially unsafe applications /unwanted scan for potentially unwanted applications /no-unwanted do not scan for potentially unwanted applications /pattern use signatures /no-pattern do not use signatures /heur enable heuristics /no-heur disable heuristics /adv-heur enable Advanced heuristics /no-adv-heur disable Advanced heuristics /ext=EXTENSIONS scan only EXTENSIONS delimited by colon /ext-exclude=EXTENSIONS exclude EXTENSIONS delimited by colon from scanning /action=ACTION perform ACTION on infected objects. Available actions: none, clean, prompt /quarantine copy infected files to Quarantine (supplements ACTION) /no-quarantine do not copy infected files to QuarantineGeneral options /help show help and quit /version show version information and quitExit codes: 0 no threat found 1 threat found but not cleaned 10 some infected files were not cleaned 101 archive error 102 access error 103 internal errorExit codes greater than 100 mean that the file was not scanned and thus can be infected.----------------------------------------- Help Result End -------------------------------------------------------____________________________________________________________________________________________________change / to -- in your commandline to tell NOD32 how you want it scans, or you can use mine (deep scan, slower is better)____________________________________________________________________________________________________@echo off"%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" /base-dir="%systemdrive%\Program Files\ESET\ESET NOD32 Antivirus" log-file=nod32-dos-scan.log --auto --files --boots --arch --sfx --rtp --subdir --max-subdir-level=0 --adware --unsafe --unwanted --pattern --heur --adv-heur --action=none --quarantine --aindEXITWell, i should do this to confirm my fresh OS is (SUPER CLEAN) before doing "System Backup" like GHOST ..ect ...Sometimes we catch viruses during integrate OS, or create new Silent Apps, or some new applications (hidden viruses) that we never check randomly. Especially, when we update NEWEST ADDONS or intergrate Newer Silent Apps.ENJOY PS: I love to share my ideals + my experiences to others like the first day i've learned from people who i called them Geniuses. Link to comment Share on other sites More sharing options...
larciel Posted February 12, 2008 Share Posted February 12, 2008 Very interesting! I'll bookmark this for future need Link to comment Share on other sites More sharing options...
NaDer_GenKO Posted February 14, 2008 Share Posted February 14, 2008 Very Good Idea.. Thanks Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now