NOD32 2.7.32 under BartPE - first impressions

Discussion in 'NOD32 version 2 Forum' started by chrizio, Mar 18, 2007.

Thread Status:
Not open for further replies.
  1. chrizio

    chrizio Guest

    I just finished to run my NOD32 from BartPE for first time.
    Accordantly to descriptions in previous threads.
    Great facility! No need to generate any plug-in.
    I enjoy to have purchased NOD32 license for two next years,
    after having used it since March 2006.

    However I got some warnings. INo idea what these practically mean.
    If causal while running from BartPE or not.

    Time of completion: 20:45:55 Total scanning time: 53 sec (00:00:53)
    Scanning Log
    NOD32 version 2125 (2007031:cool: NT
    Command line: /local /adware /ah /all /antistealth+ /arch+ /clean /cleanmode /delete /heur+ /log+ /mailbox+ /ntfs+ /pack+ /quarantine /scanboot+ /scanmbr+ /scanmem+ /scroll+ /sfx+ /unsafe /unwanted /wrap+
    Checking CRC of NOD32.EXE: Status OK
    Error occurred while scanning operating memory. System memory cannot be scanned (the kernel service is not running or an error occurred while loading nod32m1.vxd).
    Error occurred while scanning MBR sector of the 2. physical disk. Error reading sector.
    Error occurred while scanning MBR sector of the 3. physical disk. Error reading sector.
    Date: 18.3.2007 Time: 14:51:59
    Anti-Stealth initialization could not be fully completed. The Anti-Stealth technology is working in limited mode.
    Scanned disks, folders and files: B:; C:; D:; E:; J:
    C:\Program Files\ 2.1\program\python-core-2. 3.4\lib\test\testtar.tar TAR - archive damaged
    Path D:\ is invalid.
    Path E:\ is invalid.
    Number of scanned files: 179659
    Number of threats found: 0
    Time of completion: 15:01:18 Total scanning time: 559 sec

    Please give me some explanation regarding
    - scanning operating memory message
    - Anti-Stealth initialization failure message

    Disks d and e (logical disks on the same drive as c disk)
    weren't accessible from BartPE at all.
    But I guess to have discuss this in other communities.
  2. ASpace

    ASpace Guest

    NOD32 cannot scan the memory because :
    1. There is no memory when you boot from the CD
    2. NOD32 needs the kernel loaded to scan the memory

    Anti-Stealth cannot be loaded . It loads only in Windows , with Admin rights and proper access .

    To sum-up , your scan was great with no problems . You don't need Anti-Stealth technology because you scanned from non-Windows environment so nothing can hide from it . All rootkits will be found .You cannot scan the memory because of the reasons given but you scan the hard drive which is the most important ... ;)
  3. GettinSadda

    GettinSadda Registered Member

    May 14, 2007
    Um, no! There is memory - the only difference with an OS like BartPE is that it can run from a read-only drive. It still runs in RAM and should be scannable
Thread Status:
Not open for further replies.