2-Phase Parsing

Meaning: Once receiving an alert, parse it first and then send another alert back (in same or different format) to the parser to parse it using different rules.


Why Need It?


1. To keep things simpler and make the maintenance easier.

   The first parsing usually is to parse the email message body to drop off false alerts and send out valid information out. The second parsing is the regular parsing to retrieve the membership groups and take different actions based on that. Processing alerts is divided in 2 phases and they are independent of each other, which make the maintenance easier.
   

2. To achieve unique functionality.

   You cannot accomplish the same functionality by parsing alerts only once. This is because the action parsing is based only on email subject. Scripting will not change this. Using 2-phase parsing , false alerts will be eliminated first and different actions will be set later on for different membership types.

Cannot Drag Taskbar?

A technician came up this morning and told me one of our client's taskbar had been moved to the left side and would not be moved back on the bottom. I remotely logged into the computer with VNC and found out I could not move it either. The taskbar was not locked or hidden.  I did have no problem to resize it or move the separation bars. I tried to get help from Google and none of the ways were worked. I dragged it again and again and suddenly it moved when I held the taskbar at somewhere near the icon area. Then I realized the Quick Launch toolbar expended too much and covered almost all toolbar area. So what I dragged before was Quick Launch toolbar instead of the actual taskbar. If you have similar problems as our client, just turn off all toolbars and then move the taskbar. Hope it works for you!

MSE - Correct Syntax for Command-Line Scan

Microsoft Security Essentials MpCmdRun.Exe Command-Line Help Is Incorrect

Here is the correct syntax for running a command-line scan:

[Quick Scan]

MpCmdRun.exe -Scan -ScanType 1

[Full Scan]

MpCmdRun.exe -Scan -ScanType 2

How to Use AVG Command Line Scan

AVG command line scanning allows advanced users to run anti-virus scans directly from the command prompt or customized scripts. Command line scan in AVG offers most of the features available in the graphical interface.

To run command line scan, enter the command prompt (click Windows Start > Run > type cmd and press Enter), chdir to your AVG installation directory (usually C:\Program Files\AVG\AVG8) and type the following command:

• avgscanx for Windows 32-bit
• avgscana for Windows 64-bit

Type avgscanx /HELP or avgscana /HELP for help. You can provide multiple parameters at a given time.

AVG Command Line Scan Parameters

Below is a non-comprehensive list of the AVG Command Line Scan parameters. Use /HELP parameter for a complete list.

• /SCAN /[PATH] - specify path(s) to be scanned
• /COMP - scan entire computer
• /HEUR - use heuristics
• /EXCLUDE - exclude files or path from the scan
• /EXT=[DLL,EXE,COM] - scan only files with the listed extensions
• /NOEXT=[GIF,PNG] - omit files with listed extensions from scan
• /ARC - scan archives
• /CLEAN - recursively clean all threats found
• /TRASH - move infected files to the Virus Vault
• /QT - run a quick scan of the system
• /MACROW - report macros
• /PWDW - report password-protected files

You can cancel scan process at any time by pressing Ctrl+C while the command window is active.

Digested from http://www.sytru.com/support/avg/196

AutoIt Console Application ConsoleRead Replacement

; Need #include <WinAPI.au3>

Func ReadCMD()
    Local $tBuffer = DllStructCreate("char"), $nRead, $sRet = ""
    Local $hFile = _WinAPI_CreateFile("CON", 2, 2)

    While 1
        _WinAPI_ReadFile($hFile, DllStructGetPtr($tBuffer), 1, $nRead)
        If DllStructGetData($tBuffer, 1) = @CR Then ExitLoop
        If $nRead > 0 Then $sRet &= DllStructGetData($tBuffer, 1)
    WEnd

    _WinAPI_CloseHandle($hFile)
    Return $sRet

EndFunc   ;==>_ConsoleRead