Page 1 of 1

Antivirus

Posted: 14 May 2014 06:22
by binocular222
This script scan selected files/folder with one of these antivirus:
- Panda Command-line scanner (Freeware)
- Emsisoft Command-line scanner (Freeware)
- Avira Command-line scanner (not free)
- Clamwin (Freeware)
- Sophos (Freeware)
- Avast (never-expired-trial)
Untitled20140515093255.png
Untitled20140515093255.png (9.87 KiB) Viewed 9617 times
Are these good scanners? - Yes because:
- Use the same scan engine, the same virus definition of the world's top commercial antivirus software
- Most are free (Avira is the only exception)
- Most are fully portable (allow update virus definition. Avast is the only exception)
- The only drawback is they do not provide real-time protection, but it's not a problem because you can customize the switches to scan active programms (RAM) and system critical areas (I already added 1 more line for Emsisoft)
In my opinion, Emsisoft is the best

Code: Select all

"_Initialize"
    perm $RecentScanner, $RecentScanlog;
    if(isset($Panda) == 0 OR $Panda == "") {$Reload = "True"};
    perm $Panda = "E:\Utilities\Panda Antivirus Command-Line Scanner";
    perm $Emsisoft = "E:\Utilities\Emsisoft Commandline Scanner";
    perm $Avira = "E:\Utilities\Avira Command Line Scanner";
    perm $Clamwin = "E:\Utilities\ClamWin\bin";
    perm $ClamwinDatabase = "E:\Utilities\ClamWin\bin\db";
    perm $Sophos = "E:\Utilities\Sophos";
    perm $Avast = "E:\Utilities\Avast\Avast portable";
    perm $ESET = "E:\Utilities\ESET";
    perm $McAfee = "E:\Utilities\McAfee VirusScan Command Line";
    if($Reload == "True") {
        setting "AllowRecursion", 1;
        load self("file");
    };

    //Detect recent scanner and recent scanlog:
    $ESETLog = formatdate(property("#date.modified", "$ESET\ESETReport.txt"), "yyyymmddhhnnss") . "|ESET";
    $PandaLog = formatdate(property("#date.modified", "$Panda\Report\PandaReport.txt"), "yyyymmddhhnnss") . "|Panda";
    $EmsisoftLog = formatdate(property("#date.modified", "$Emsisoft\EmsisoftReport.txt"), "yyyymmddhhnnss") . "|Emsisoft";
    $AviraLog = formatdate(property("#date.modified", "$Avira\AviraReport.txt"), "yyyymmddhhnnss") . "|Avira";
    $ClamwinLog = formatdate(property("#date.modified", "$Clamwin\ClamwinReport.txt"), "yyyymmddhhnnss") . "|Clamwin";
    $SophosLog = formatdate(property("#date.modified", "$Sophos\SophosReport.txt"), "yyyymmddhhnnss") . "|Sophos";
    $AvastLog = formatdate(property("#date.modified", "$Avast\AvastReport.txt"), "yyyymmddhhnnss") . "|Avast";
    $McAfeeLog = formatdate(property("#date.modified", "$McAfee\McAfeeReport.txt"), "yyyymmddhhnnss") . "|McAfee";
    $List = formatlist("$ESETLog<crlf>$PandaLog<crlf>$EmsisoftLog<crlf>$AviraLog<crlf>$ClamwinLog<crlf>$SophosLog<crlf>$AvastLog<crlf>$McAfeeLog", "r", "<crlf>");
    $RecentScanner = gettoken(gettoken($List, 1, <crlf>), 2, "|");
    if($RecentScanner == "Panda") {$RecentScanlog = "$Panda\Report\PandaReport.txt"};
    Else{$RecentScanlog = eval("$" . $RecentScanner) . "\$RecentScanner" . "Report.txt"};

//"_Terminate" unset $Panda, $Emsisoft, $Avira, $Clamwin, $ClamwinDatabase, $Sophos, $Avast;

"&Emsisoft|$Emsisoft\a2cmd.exe"
    run "cmd /k start /b /d ""$Emsisoft\"" a2cmd.exe /ac /pup /archive /ntfs /x=""exe,com,scr,bat,msi,cmd,msu,msp"" /f=<selitems> -heu:1 /l=""$Emsisoft\EmsisoftReport.txt"" /q=""$Emsisoft\Quarantine""";
"McAfee|$McAfee\McAfee.ico" run "cmd /k start /b /d ""$McAfee"" scan.exe /CLEAN /MANALYZE /MIME /NODOC /PANALYZE /RECURSIVE /RPTCOR /RPTERR /RPTOBJECTS /REPORT=""$McAfee\McAfeeReport.txt"" ""<selitems>"""  //  /DEL  /CONTACTFILE=<filename> /EXCLUDE=<filename>  /EXTENSIONS
"Panda|$Panda\Panda_antivirus.ico"
    if(Tab("get", "term") == "Computer") {$item = <curitem>};
    Else {$item = <selitems>};
    run "cmd /k start /b /d ""$Panda\"" Pavcl.exe $item -aex -cmp -clv -heu:2 -nob -nos -rpt:""$Panda\Report\PandaReport.txt""";
"Avira|$Avira\Avira.ico"
    $path = trim(<curitem>,"\");
    run "cmd /k start /b /d ""$Avira\"" scancl.exe ""$path"" --allfiles --defaultaction=ask --fixallboot --heurlevel=1 --log=""$Avira\AviraReport.txt"" --logformat=singleline";
"Clamwin|$Clamwin\clamscan.exe"
    run "cmd /k start /b /d ""$Clamwin\"" clamscan.exe --database=""$ClamwinDatabase"" --recursive ""<curitem>"" --log=""$Clamwin\ClamwinReport.txt"" ";
"Sophos|$Sophos\Sophos.ico"
    run "cmd /k start /b /d ""$Sophos\"" SAV32CLI.EXE <selitems> -DI -P=""$Sophos\SophosReport.txt"" ";
"ESET|$ESET\x%osbitness%\egui.exe"
    run """$ESET\x%osbitness%\ecls.exe"" ""<selitems>"" /log-file=""$ESET\ESETReport.txt"" /aind /memory"
"Avast|$Avast\AvastUI.exe"
    run "cmd /k start /b /d ""$Avast\"" ashCmd.exe <selitems> /D /S /E=50 /_ /R=""$Avast\AvastReport.txt"""
"-"
"Emsisoft quick scan|$Emsisoft\a2cmd.exe"
    run "cmd /k start /b /d ""$Emsisoft\"" a2cmd.exe /quick /l=""$Emsisoft\EmsisoftReport.txt"" /q=""$Emsisoft\Quarantine\"" ";
"Emsisoft quarantine|$Emsisoft\a2cmd.exe"
    $Parameter = input("Emsisoft quarantine", "/ql <tab> List all items in quarrantine vault <crlf>/qr=12 <tab> Restore item No.12 <crlf>/qd=12 <tab> Delete item No.12", "/ql", "s");
    if($Parameter == "") {end 1};
    Else{run  "cmd /k start /b /d ""E:\Utilities\Emsisoft Commandline Scanner\"" a2cmd.exe $Parameter"};
"-"
"Update Emsisoft|$Emsisoft\a2cmd.exe" run """$Emsisoft\a2cmd.exe"" /u"
"Update Avira|$Avira\Avira.ico" goto $Avira; goto "http://dl.antivir.de/down/vdf/ivdf_fusebundle_nt_en.zip"
"Update Clamwin|$Clamwin\clamscan.exe"
    if(exists("$Clamwin\freshclam.conf") == 0 ) {
        writefile("$Clamwin\freshclam.conf", "DatabaseMirror database.clamav.net<crlf>DNSDatabaseInfo current.cvd.clamav.net");
        wait 100};
    run """$Clamwin\freshclam.exe"" ""--config-file=$Clamwin\freshclam.conf"" ""--datadir=$ClamwinDatabase"" --log=""$Clamwin\ClamwinReport.txt"" "
"Update Sophos|$Sophos\Sophos.ico" goto $Sophos; goto "http://www.sophos.com/downloads/ide/"
"-"
"Recent scanlog: $RecentScanner|Notepad" open $RecentScanlog
Usage note:
- Remember to customize the file path in above script.
- The last menu item has some smartness: It open the scan log of the most recent scanner you used

INSTRUCTION TO DOWNLOAD THESE ANTIVIRUS SCANNER:
======Panda Command-line scanner======
-Download setup: http://research.pandasecurity.com/blogs ... /pavcl.zip
-Donwload signature:
If you have paid account: http://acs.pandasoftware.com/member/pavsig/pav.zip
If you do not have paid account: Download http://acs.pandasoftware.com/marketing/promo/AP14.exe > install Panda Trial version > Run Update > copy pav.sig from C:\Program files > Uninstall Panda
- To run the commandline scanner in windows 7:
Right click pavcl.exe > Properties > Compatibility > Run this program in compatibility mode for Windows XP or Windows Vista AND Run as Administrator

======Emsisoft Commandline Scanner======
http://www.emsisoft.com/en/software/cmd/

======Avira Command Line Scanner======
- Core files: http://www.avira.com/downloads/frontend ... scancl&os=
- hbedv.key (Lisence key for any Avira non-free products)
- Virus definition files (vbaseX.vdf) & AntiVir Engine libraries (ae*.*) http://dl.antivir.de/down/vdf/ivdf_fusebundle_nt_en.zip

======ClamWin======
- Donwload http://www.clamwin.com/content/view/18/46/
- Install
- Copy "C:\Program Files\ClamWin" to another directory
- Uninstall Clamwin (Now you have a portable Clamwin)
- Run \\ClamWin\bin\ClamWin.exe > Tools > Preferences > File Locations > Update the file path

======Sophos======
- Download core files: http://downloads.sophos.com/tools/sav32sfx.exe
- Download Virus definition file: http://www.sophos.com/downloads/ide/
- Plase the Virus definition file (*_ides.zip) in the same place as SAV32CLI.EXE
- Command line: http://www.sophos.com/en-us/support/kno ... 13252.aspx

======Avast======
- Donwload & Install a trial version of avast! Pro antivirus
- Make a portable copy (Optional - If do this, you will not be able to update virus definition):
__+ Copy Avast folder in C:\Program files\ to another location
__+ Uninstall Avast
- Command-line: http://avast.helpmax.net/en/command-lin ... arameters/

======McAfee======
- Download main program:
____https://secure.mcafee.com/apps/downloads/free-evaluations/survey.aspx?mktg=ESD306&cid=ESD306&eval=90BCB5DB-1A0A-4D6E-9D5C-FB1E57C1F9DF&region=us
____The file name of the latest version is: vscl-w32-604-e.zip
____http://b2b-download.mcafee.com/products/evaluation/vcl/w32/vscl-w32-604-e.zip
- Donwload Virus def:
____ftp://ftp.nai.com/commonupdater2/current/vscandat1000/dat/0000/
____The name of the file is avvdat-xxxx.zip, where xxxx is a daily changing number.
- CMD: https://kc.mcafee.com/corporate/index?p ... id=KB52229