Installing ESET SysRescue on WinXPsp3

Discussion in 'ESET NOD32 Antivirus' started by rnfolsom, Nov 1, 2012.

Thread Status:
Not open for further replies.
  1. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    I am a very new user of NOD32 v5.2.9.1 (until three days ago I was using NOD32 v4,2,71,2).

    I have installed and run SysInspector with no problems so far.

    And I am now considering installing SysRescue.

    However, I have become a bit unglued by the following text in ESET_EAV5_UserGuide_enu, Page 88, regarding the minimum requirements for installing SysRescue (which include WinXPsp3, which I am using, so that's not my problem). But the minimum requirements include also the following:

    "ESET SysRescue works in the Microsoft Windows Preinstallation Environment (Windows PE) version 2.x, which is based on Windows Vista.
    Windows PE is a part of the free package Windows Automated Installation Kit (Windows AIK), and therefore Windows AIK must be installed before creating ESET SysRescue (http://go.eset.eu/AIK). . . ."

    Given Vista's awful reputation, and the probability that Microsoft created it after Windows XP (and maybe after XPsp3), I'm uncomfortable with installing anything that involves Vista.

    Also, I'm not sure where to get Windows PE v2.x: At ESET's http://go.eset.eu/AIK, or at somewhere unknown to me on a Microsoft website? (I haven't yet tried a Google search.)

    If anyone reading this has ever tried installing SysRescue on a WinXPsp3 computer, and has either failed or succeeded, I would very much appreciate your comments, suggestions, or help.

    Thanks.

    Roger Folsom

    ----------------------------------------------------------------

    P.S. My quotation above continues as follows: "Due to the support of the 32-bit version of Windows PE, it is necessary to use a 32-bit installation package of ESET Security solution when creating ESET SysRescue on 64-bit systems. ESET SysRescue supports Windows AIK 1.1 and higher."
    But that's not an issue for me because my WinXPsp3 is 32 bit.
     
  2. dwomack

    dwomack Eset Staff Account

    Joined:
    Mar 2, 2011
    Posts:
    588
  3. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    dwomack:

    Thanks for the link. I do appreciate your taking the time to reply.

    But at least for now I'll have to do without SysRescue, because in my judgment the sequence of steps for "Install Microsoft Windows Automated Installation Kit (WAIK)" is not clear. For example, What is the purpose of IMAPIv2.0 (Image Mastering API)? And should an XPsp3 user download and install IMAPIv2.0 (Image Mastering API) before or after downloading WAIK? Or does before or after make no difference?

    It would take me several days merely to learn what IMAPIv2.0 (Image Mastering API) does --- I don't even know what Image Mastering means.

    But thanks for trying. I've now realized that I don't have enough time to learn how to install SysRescue on WinXPsp3. Maybe next year.

    Roger Folsom
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Just to follow-up and provide a little background/context, the Windows Automated Installation Kit (WAIK) makes use of Windows PE (WinPE), which is kind of a lightweight version of the Windows operating system which can be booted from to perform certain utility and maintenance functions, it contains enough of the functionality of a regular installation of Windows to allow one to troubleshoot a Windows installation, deploy a new version of the operating system and so forth. In a way, WAIK can be thought of as the descendent of the old MS-DOS boot diskettes which were used to boot from in order to troubleshot problems.

    When you download and install a version of the WAIK, you are not installing a new operating system onto your PC, but rather the tools to create a bootable disk (or disk image, as the case may be).

    Each version of WAIK (or it's successor for Windows 8, WADK) contains the tools necessary to build and configure a WinPE installation (such as a CD/DVD, USB or ISO file). The version of WinPE included in each version of WAIK varies, but is compatible with earlier and new versions of Windows.

    ESET makes use of WAIK to create a custom WinPE boot disk (disk image) that contains a version of ESET's software that can scan and clean a machine without having to boot a computer from its hard disk drive, which might be infected.

    In order to create a CD/DVD disc (or an ISO file containing an image of one), ESET SysRescue needs to make use of the CD/DVD burning functionality present in the operating system, the Image Mastering Application Programming Interface (IMAPI). The minimum version of IMAPI required is version 2.0, which was released around 2007. If a computer has an older version of IMAPI (perhaps because it is running Microsoft Windows XP), the IMAPI software on it will need to be updated before an ESET SysRescue disc can be made.

    Regards,

    Aryeh Goretsky
     
  5. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    Mr. Goretsky:

    Please excuse my tardy reply to your post of 03 December. For the past two weeks I have been upgrading my wife's Win2kSp4 laptop to WinXPsp3, and due to some errors made in the original installation of a new hard disk by a professional shop (several years ago), I've been working full time to clean up the resulting mess. It wasn't obvious until I installed the upgrade to WinXPsp3.

    But I very much appreciate your response. You clarified a lot of ambiguities. So earlier today I went to ESET's SysRescue website, "How do I use ESET SysRescue to create a bootable USB flash drive, CD or DVD? (5.x) KB Solution ID: SOLN2889|Last Revised: December 13, 2012," at http://kb.eset.com/esetkb/index?page=content&id=SOLN2889

    Unfortunately, there are some ambiguities there that confuse me and perhaps others. If you agree with any of the following comments, I hope you can persuade the Eset knowledge base article writers to clarify at least some of the issues I raise below.

    I will start with some relatively unimportant issues.

    a) For those of us using older computers, the built-in USB ports are 1.x rather than 2.0. So we connect to USB devices (in my case, external hard disks that rotate from home to bank vault) by inserting a Cardbus card that has two USB 2.0 ports. I don't know whether a USB flash drive that was plugged into a Cardbus card would be bootable.

    b) Also, Figure 1-3 includes the statement that "When selecting 'USB', connect your Mass Storage Device (USB drive, USB HDD,...) to a USB port on your PC." Until then I thought that the only acceptable bootable USB device was a USB Flash Drive, because that's in the title of the article and is the only USB device mentioned anywhere in the article's text (I did a search). Either the wording previous to Figure 1-3 or the wording in Figure 1-3 ought to be corrected.

    More important to me are Section I, Subsection 2 (paragraphs 3 and 4) and Subsection 3, which I will quote in italics, with my questions and uncertainties inserted and surrounded by curly braces {}.

    c) Windows XP/ Windows Server 2003 R2 users: Download WAIK. To install WAIK (Windows XP and Server 2003 R2 only) you will need to use a virtual DVD program to access the .iso file, {What ISO file? I'm guessing that the downloaded WAIK file is the .iso file, but I shouldn't have to guess.} or use a tool such as 7zip or WinRAR to extract the files {For zipped files, I use the now ancient WinZip 9.0 SR-1, but I don't know if it would deal with an ISO file, assuming that's what the WAIK file is.} and run StartCD.exe from the extracted folder. {When using WinZip to open a Zip file, I extract files, not a folder. Am I correct in guessing that 7zip and WinRAR are very different from WinZip?

    d) Windows XP users must also install Windows IMAPIv2.0 (Image Mastering API): Download the Image Mastering API v2.0 for Windows XP. {But which should be installed first: WAIK, or IMAPIv2.0? Or does the installation sequence make no difference?}

    e) 3. After installing ADK or WAIK {and for WinXP, also IMAPIv2.0? Or should it be installed before WAIK?} restart your computer.

    f) In Section II, Figure 1-4 and surrounding text refer to the ESS/EAV folder. No folder on my computer includes either "ESS" or "EAV". So I'm guessing that "ESS/EAV" represents the folder in which either Eset's Smart Security or Eset's NOD32 is installed. My Eset NOD32 installation folder has a huge collection of files with undefined titles, so I don't know whether virus signatures are stored there or somewhere else. Also, my Eset NOD32 installation folder does not contain an MSI subfolder, and I haven't found an MSI folder anywhere else. My Eset NOD32 folder does have files (ranging from em000_32.dat to em023_32.dat) that I suspect are virus signatures, but that's a guess.

    Thanks for reading this. I probably will be able to figure out the answers to my ambiguities and questions, but computing life would be easier if there were fewer guesses to be made!

    Cordially, R.N. (Roger) Folsom
     
  6. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    In response to your questions:
    • I do not know whether USB devices attached via a USB to CardBus adapter would be bootable, either. This would depend on the specifics of the brand and model of the notebook computer, brand and model of the USB to CardBus adapter, and brand and model of the USB devices attached to the adapter. My initial suspicion, though, is that such a configuration would not be bootable: It has been a while since I worked with equipment of that vintage, but I seem to remember that accessing a CD-ROM typically required booting the computer from a floppy diskette drives and the like.
      I do have one laptop (IBM ThinkPad T23) which has only USB 1.1 interfaces and it does boot from an external USB DVD±RW and USB flash drives, but that may be the exception rather than the rule.
    • I will let the technical writers know the article needs to be updated.
    • The Microsoft WAIK is distributed as an .ISO file. Recent versions of 7-Zip and WinRAR are able to open .ISO files—essentially, they treat them as .ZIP files. A more recent version of WinZip may be able to do this as well (I don't know). I believe 7-Zip and WinRAR were used in the KB article to give examples of both free and commercial solutions for managing an .ISO file, otherwise, they are similar in function to WinZip, PKZIP and other file archiving programs.
    • IMAPI v2.0 should be installed before WAIK.
    • I don't understand the question. Could you re-phrase it, please?
    • "ESS" refers to ESET Smart Security, and "EAV" refers to ESET NOD32 Antivirus. "ESS/EAV Folder" was used to make the dialog in the ESET SysRescue creation wizard more readable. The "MSI file" option is largely for users of 64-bit editions of Microsoft Windows to point to a 32-bit version of ESET NOD32 Antivirus to use for creation of an ESET SysRescue disc, which is 32-bit.

      I will ask the tech writers to make the knowledgebase article more descriptive about which folder to use, and its contents.
    Thank you for the feedback.



    Regards,


    Aryeh Goretsky
     
  7. dwomack

    dwomack Eset Staff Account

    Joined:
    Mar 2, 2011
    Posts:
    588
    Knowledgebase article SOLN2889 has been republished, with a number of updates intended to address the major concerns that have been addressed here.

    Our writers also wanted to pass on their gratitude to rnfolsom for bringing this to our attention. Your input played a big part in helping re-tool this article. Thank you!

    If after reading the updated article you find that there are still some questions or concerns that need to be addressed, please reply here and we'll look at ways to get them answered and resolved.
     
  8. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    In response to Aryeh Goretsky's post:

    Once again, please excuse my tardy reply. Cleaning up the operating system mess on my wife's IBM A31 laptop took even more time than I expected. And then came preparations for and enjoyment of Christmas.

    After finishing a "final" draft of this message, following your message I discovered a message from Eset Moderator dwomack, that the technical writers have made definite improvements in the Knowledgebase documentation for creating a SysRescue tool. But I decided to post this message anyway, because I very much appreciate the time you took to provide answers to my questions a) - f).
    And I think some of my difficulties about Figure 1-4 (item f)) remain, even after your explanations and the generally excellent work the technical writers have done.

    a) You wrote "I do not know whether USB devices attached via a USB to CardBus adapter would be bootable, either. . . ." Thanks for that answer. I may experiment using a Flash Drive; they're not very expensive.

    b) Thanks for asking the technical writers to clarify whether a SysRescue USB device must be a Flash Drive, and the other ambiguities and contradictions that I noticed in the earlier Eset Knowledgebase article, "How do I use ESET SysRescue to create a bootable USB flash drive, CD, or DVD?", now revised.

    c) You wrote" "The Microsoft WAIK is distributed as an .ISO file. . . ." Thanks for clarifying that. I will try using my ancient WinZip 9.0 SR-1, and if that doesn't work I will get either 7-Zip or WinRAR [or ISO reader, as suggested in the new documentation version].

    d) Thanks for clarifying that for Windows XP, "IMAPI v2.0 should be installed before WAIK." (I'm guessing that XPsp3, which I am using, may be needed, or at least Sp2, and almost certainly not Sp1 and especially not the initial XP version, which has a very bad reputation. But since my wife's and my laptops use XPsp3, I don't have to worry about that.)

    e) You wrote: "I don't understand the question. Could you re-phrase it, please?"
    Rather clumsily, I put my question in the middle of a quotation from the Knowledgebase article's section I item 3: "After installing ADK or WAIK {and for WinXP, also IMAPI v2.0? Or should it be installed before WAIK?} restart your computer." But my non-italicized questions were about IMAPI v2.0, because I didn't know its role in the sequence of installations.
    But your answer to my question d) makes my question e) redundant, because I now know that the correct sequence of installations on a WinXP computer is IMAPI v2.0 (probably followed by a reboot, which might not be necessary but which surely wouldn't hurt), then WAIK, then another reboot, then opening EAV (or ESS) from the Notification Area icon, selecting Tools > ESET SysRescue, and following the Wizard's instructions.

    f) I now understand the meaning of "ESS/EAV," and that in Knowledgebase article's Figure 1-4, the ESS/EAV/folder/MSI file does not mean an MSI file in a folder which is a subfolder of either an ESS or EAV folder. And I now know that the MSI file has to do with 64-bit Windows versions.
    But I still don't know for sure where that ESS or EAV folder is located. So I'm still "guessing that ESS/EAV represents the folder in which either Eset's Smart Security or Eset's NOD32 is installed." [In my case, NOD32 is installed in a unique location: C:\Program Files\Accessories\AntiVirus,AntiSpy-NOD32v5(Eset), to match my system of other software installations.] In the Knowledgebase Figure 1-4, what I have called an installation folder apparently is C:\Program Files\ESET\ Smart Security [or NOD32 AV] (a reasonable alternative to the folder I actually created and used). But the Virus signature database folder is given as ESS/EAV/folder/MSI file. Ignoring the MSI file, Figure 1-4 would lead me to think that the signatures that I download every day are not in the installation folder. But at least on my computers, even after running separate searches for folders with update and database in their name, I can find no folder that appears to be a separate Eset Virus signature database folder.

    On the other hand, Figure 1-5 does define the ESS/EAV folder as the installation folder. But on the other other hand, that definition conflicts with Figure 1-4's and Figure 1-6's definition of Virus signature database folder. Perhaps what I should say is that the Virus signature database folder's location is not clearly defined anywhere.
    Maybe in these figures, forward slashes should be replaced by the word "or."

    Also, Nup files are mentioned in the text following Figure 1-4, but Nup (which I assume is an acronym of some sort) is not defined (maybe; I'm notoriously unobservant). A Google search for define:Nup gave me a mere 6,840,000 hits, but at least on the first page of results I could not find anything relevant.

    Despite those possible issues, your help has made it possible for me to say that I think I now know enough to create a SysRescue tool, either as a Flash drive or as a CD. Thank you very much.
    Please do not feel obligated to respond to this message, especially given the major improvements in the revised Knowledgebase article, "How do I use ESET SysRescue to create a bootable USB disk, CD or DVD on a 32-bit Windows system? (5.x)," at
    http://kb.eset.com/esetkb/index?page=content&id=SOLN2889&ref=wsf

    R.N. (Roger) Folsom
     
    Last edited: Dec 31, 2012
  9. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    First, thank you for the kind words. I am very pleased that my post was useful.

    Eset's technology Knowledgebase writers have truly made substantial improvements to the SysRescue Knowledgebase documentation.

    As for remaining questions and concerns, I have just finished a reply to Aryeh Goretsky. Most of the issues raised in my initial posts, and discussed in his responses to my initial posts and in my replies to his responses, now have now been dealt with [although reading my new wordings may (or may not!) be useful reading].

    But in my latest reply to Mr. Goretsky, my post's item f) may suggest some remaining useful improvements.

    In any case, I am glad that my earlier suggestions were useful.

    R.N. (Roger) Folsom
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,790
    Location:
    Texas
    Off topic post removed.
     
  11. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    In reply to your response:
    • I am not very familiar with IBM ThinkPad A31's, but it may also be possible to use an ESET SysRescue CD or DVD, which might be faster to boot from than a USB flash drive on a USB 1.1 interface.
    • You're welcome.
    • Yes, there are numerous software packages, both free and commercial, to accomplish this.
    • Yes, it is a good idea to say current with service packs for Microsoft Windows XP, as well as post-service pack hotfixes and rollups.
    • Yes, that sequence is correct.
    • Normally, the software would be installed into "C:\Program Files\ESET\ESET NOD32 Antivirus\" on a system running Microsoft Windows XP, but if you specified a custom path at install time, it would need to point to that.

      I do not have a Microsoft Windows XP SP3 machine handy, but I believe the .NUP (NOD Update) files are located in a subdirectory named "\updfiles\" under the parent directory.

      Leaving the Virus signature database option set to "ESS/EAV folder/MSI file" for the NUP Files Location should be the correct choice for your system.
    Please let us know if you have any further questions. A number of ESET's moderators (although not myself, alas) do work directly on the Knowledgebase articles, and constructive feedback on them like yours is always welcome.

    Regards,

    Aryeh Goretsky


     
Thread Status:
Not open for further replies.