NOD32 command-line questions

Hi all,

I installed NOD32 today but I'm having trouble with it. I need to use it from the command line on Windows machines (2000, NT and XP) to scan an individual file or folder. Is this possible?

What is the format for the command line? Do I just run nod32.exe with parameters? I entered "nod32.exe /?" and it pops up the help file with parameters listed, but none of them tell me the overall format of the command line (e.g. do I type a path to scan before or after the other parameters?)

Also, I need to be able to run it in "quiet" or "silent" mode, but I don't find anything like that mentioned in the help. Is there any way to make it not pop up any windows or ask for any input? Other virus scanners can do this from the command line, so I'm hoping NOD32 can do it too.

I'm asking all of this because I wrote an application that checks e-mails for viruses by calling/running other anti-virus software that the user might already have installed on his/her computer. I want it to be able to run in the background (so it can't pop up any windows or ask for any input) and it needs to be able to scan either one file or all files within a folder. So, I'm testing as many command-line anti-virus applications as possible. The AV software also needs to be able to send my application an exit code, and NOD32 seems like it can do that.

Thanks and regards,

Bob

 

I guess nobody knows if doing those things are possible in NOD32. Hopefully someone will post an answer soon.

Thanks,

Bob

 

Try reading through this Post from BlackSpear. It shows all the command line arguments and should help you out

https://www.wilderssecurity.com/showpost.php?p=833156&postcount=96

 

Hi Bob, this function is already included with NOD32, both IMON and EMON provide such automated protection without the need to implore any commandline switches.

Cheers

 

Hi Capp,

Thanks for the reply, but none of those command line arguments help. The NOD32 window pops up no matter which arguments I use, so it can't be used with my program.

I also tried the DOS version (NOD32DOS.EXE) and that opens up a DOS graphical user interface, so it doesn't work either. It also has an annoying prompt at the beginning (because it is a trial version) and so the user has to hit a key before it continues. Therefore, I can't fully test it anyways. And, if I use too many arguments, the command can't run in the command line window (I have Windows XP and open the window using the "cmd" command). Maybe it's because NOD32DOS is trying to open the graphics mode which might not be able to handle that many arguments or the length of the arguments.

Lastly, neither version found the standard EICAR test virus file that I have, but that might be a command line argument that I missed.

Anyway, thanks for the help and I'll just continue testing other anti-virus apps. I'm sure NOD32 is a good one; just not for my specific purposes.

Regards,

Bob

 

Hi Blackspear,

Yes, I'm sure most of the popular anti-virus applications can do this using their own commands and interfaces, but my app is more specific and for an audience who might not want to clean/delete viral e-mails immediately for one reason or another.

For example, some people just don't trust anti-virus software to delete or clean files or e-mails because there is always the possibility of a "false positive" (a virus is found when it really isn't a virus). My application works with an anti-spam software application. It will mark any e-mails that contain viruses as "spam". Then the user can peek at the e-mail to make sure they want to delete it. Peeking at the e-mail in the anti-spam software won't execute any viruses in the e-mail, so it is safe to do.

I'm sure most people will want to just delete the e-mail to make sure they don't get an infection, but there are others who are more curious and need to "see it with their own eyes".

Regards,

Bob

 

(email checking)

In addition to Bob's remarks: on (file-) access scanners are harmful in many cases. Some programs are "not happy" if you deny access to files and may crash.

Intercepting POP3 or IMAP ports can also cause problems (e.g. with personal firewalls) and I don't even use POP3 or IMAP to get my emails (Pegasus Mail direct delivery to mail folder).

I prefer to call the scanner when I think it's the right moment. An example:

For Pegasus mail exists a plugin calling an external application for every attachment stores. At the moment I use F-Prot, and I can use their command line scanner fpcmd to scan files silently - it doesn't bother me if nothing is found.

Since F-Prot missed today another worm, I plan to switch to another scanner at the latest when the F-Prot license expires this spring. Hmm, F-Prot volume licenses were really cheap...

Oliver

 

See http://www.nod32cn.com/support/ans/commandline.htm

 

Hello,

The NOD32 for Windows user interface is always displayed, even if just for a fraction of a second when the program is launched.

If you are interested in developing a product with uses the NOD32 engine inside of it, you should contact ESET directly and ask to speak with someone in business development about licensing the SDK.

Regards,

Aryeh Goretsky