PDA

View Full Version : is it possible to log only infected files with ecls?

asili
December 2nd, 2007, 05:14 AM
I am using the ecls.exe process to do the scanning but even with the
/no-log-all parameter i'm still getting the clean files either.

is there an option getting only the infected files?

thanx
nodyforever
December 2nd, 2007, 09:18 AM
{QUOTE-> I am using the ecls.exe process to do the scanning but even with the
/no-log-all parameter i'm still getting the clean files either.

is there an option getting only the infected files?

thanx <-QUOTE}


See:

"C:\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" /base-dir="C:\Program Files\ESET\ESET NOD32 Antivirus" /auto /files /boots /arch /mail /sfx /rtp /subdir /max-subdir-level=0 /symlink /adware /unsafe /unwanted /pattern /heur /adv-heur /action=clean /quarantine /aind /log-all




More information:


"C:\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" /help


or


Help and Support - Open Help - Tools - Command Line




Best Regards :)
asili
December 2nd, 2007, 10:06 AM
thanx for your answer but i want to log only the infected files.
/log-all logs all of the scanned files and thats not what i am looking for.

btw is there an option updating the virus signatures by command line?
thanx
nodyforever
December 2nd, 2007, 12:08 PM
{QUOTE-> thanx for your answer but i want to log only the infected files.
/log-all logs all of the scanned files and thats not what i am looking for.

btw is there an option updating the virus signatures by command line?
thanx <-QUOTE}

Four options:

Logs:
--log-file=FILE log output to FILE
--log-rewrite overwrite output file (default - append)
--log-all also log clean files
--no-log-all do not log clean files (default)


----------


No updating the virus signature by command line. Command line use database signatures updating EAV or ESS



Best Regards
ASpace
December 2nd, 2007, 06:15 PM
asili , that is a known bug with the ECLS logging which is already fixed in the new release ( I got confirmation from ESET Support) . We can only hope it becomes available sooner :thumb:
BradenD
December 3rd, 2007, 08:35 PM
For now, you can easily circumvent the logging bug with the following command:

find /i /v "is OK" log.txt|find /i /v "error opening" > parsedlog.txt

Replace log.txt with the name of your log, of course.
This method actually kind of has advantages, as then you have both logs!