Frequently Asked Question

The ESET NOD32 scanner can be executed in four ways:

1. From the main window of the ESET NOD32 Control Center
2. From the desktop (by clicking the ESET NOD32 icon)
3. Automatically, as a scheduled task
4. Automatically or manually by command line execution

When running the scanner from the command line, a number of parameters and switches can be used to specify the various options.

Scanning a particular file or directory:

If you want to scan a directory, you can go to "Start" -> "Run", and then type:
"c:program fileseset od32.exe" "c:folder_want_to_scan"

If you want to scan a file, it is similar, just go to "Start" -> "Run", and then type:
"c:program fileseset od32.exe" "c: oolsfile_want_to_scan.exe"

The parameters and their effects:

Many parameters are enabled or disabled with a plus(+) or minus (-) sign. For example, to enable the scanner self-check use “/selfcheck+” , to disable it, use “/selfcheck-”.

General

• /help Display the list of program switches
• /selfcheck+ (-) Self-test enable (disable)
• /expire+ (-) Enable (disable) the program expiration notice
• /subdir+ (-) Enable (disable) the sub-directories scanning
• /multi+ (-) Multiple diskette scanning enable (disable)
• /sound+ (-) Sound warning enable (disable)
• /list+ Create the list of all tested objects in the Log
• /list- Include in the Log only the objects infected
• /break+ (-) Enable (disable) testing intermission
• /scroll+ (-) Enable (disable) Log scrolling
• /quit+ (-) Quit/do not quit the program after scanning

Detection

• /pattern+ (-) Enable (disable) testing using virus signatures
• /heur+ (-) Enable (disable) heuristic analysis
• /scanfile+ (-) Enable (disable) scanning of files
• /scanboot+ (-) Enable (disable) boot sector scanning
• /scanmbr+ (-) Enable (disable) master boot record (MBR) scanning
• /arch+ (-) Enable (disable) archives (ZIP, ARJ and RAR) scanning
• /pack+ (-) Enable (disable) internal runtime packer files scanning
• /mailbox+ (-) Enable (disable) internal email files scanning
• /local Scan all local non-removable media
• /network Scan all network disks
• /ext=<LIST> Add a new extension to the list of tested files. (Multiple entries permitted, e.g., /ext=EXT1,EXT2
• /all Scan all files regardless of extension

Heuristic analysis

• /ah Enables advanced heuristics
• /heursafe Set safe heuristic sensitivity (minimize false alarms)
• /heurstd Set standard heuristic sensitivity
• /heurdeep Set deep heuristic sensitivity

Protocol

• /log+ (-) Enable (disable) Log file generation
• /wrap+ (-) Enable (disable) text wrapping in the Log file
• /logappend Enable Log file append option
• /logrewrite Enable rewriting of the Log file
• /logsize=N Set Log file to a maximum size of N KB)
• /log=<FILENAME> Set the Log file name (e.g.: /log=NOD.LOG)

Cleaning

• /clean Clean infected objects (if applicable)
• /prompt Offer an action upon virus detection
• /rename Rename infected files
• /delete Delete infected files
• /replace Replace the code within infected boot sectors with appropriate standard code

Note: If the switches: /prompt, /rename, /delete/ or /replace are used concurrently with the /clean switch, the corresponding action is carried out only if the virus can be cleaned.