Is there any way to DOWNLOAD virus definition updates from different computer

Discussion in 'NOD32 version 2 Forum' started by want2bemalwarefree, Feb 4, 2005.

Thread Status:
Not open for further replies.
  1. want2bemalwarefree

    want2bemalwarefree Registered Member

    Joined:
    Jan 20, 2005
    Posts:
    19
    Location:
    Texas
    I have recently had to completely reinstall my computer from scratch and I do not want to connect it to the Internet until I have fully hardened it so it is not destroyed by malware again. I have installed NOD32 but the virus definitions are 4 months out of date (even though I bought NOD32 only a few weeks ago). As I put all my software back on the system I want NOD32 to ensure that no malware gets installed.

    Is there any way to download an updated set of virus definition files from a different computer (which does not have NOD32 installed), burn them to CD-R, and then install them on the disconnected computer which is running NOD32?

    I have emailed Eset but have not received any response yet.

    Thanks for any help you can provide.
     
  2. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    if you have an enterprise version, you can save definitions locally using the "mirror" function" - these can then be copied to a folder called nod_upd on your C: drive and used to update.

    hth

    Greg Hewitt-Long
     
  3. want2bemalwarefree

    want2bemalwarefree Registered Member

    Joined:
    Jan 20, 2005
    Posts:
    19
    Location:
    Texas
    Thanks for your suggestion, Greg, but I do not have that edition, nor can I install any edition of NOD32 on the computer that I am using to make these posts.

    So the only solution is to be able to download the definition file(s) somehow or for the NOD32 folks to email them to me. I searched their website extensively and can find no reference to any way to download the definitions from a different computer that does not have NOD32 installed.
     
  4. Butters

    Butters Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    39

    If you run behind a good firewall, you should be fine. The only connections that can be established are ones that you permit. If you open NOD32 first, establish a connection and select, "update now", you should be fine. I understand where you are coming from, once you have a bad experience you don't want to repeat it, but keep in mind that the initial infection only occcured most likely after many thousands of interactions on the Internet. While technically possible, the odds of getting an infection from simply establishing a firewalled connection are minuscule. An update takes only a few seconds using NOD32.
     
  5. want2bemalwarefree

    want2bemalwarefree Registered Member

    Joined:
    Jan 20, 2005
    Posts:
    19
    Location:
    Texas
    Butters, thanks for your suggestion. Due to the complexity of configuring LooknStop, and the difficulty of finding and learning to customize phant0ms v6 rules to my situation, I anticipate that it will take at least a day or two before I have my firewall properly configured and ready to go. In the mean time I want to install the rest of my software with NOD32 and numerous other tools actively checking that nothing I copy from the previous system will infect the new one. For this reason I need a way to update the definitions from a different machine today in order to get everything else safely installed.
     
  6. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    With nothing but your OS,LnS and NOD installed it should not take 2 days to configure your firewall!! I don't think that LnS is all that complicated to install, if you have that much trouble configuring it you should perhaps move to a different firewall.
     
  7. want2bemalwarefree

    want2bemalwarefree Registered Member

    Joined:
    Jan 20, 2005
    Posts:
    19
    Location:
    Texas
    flyrfan111,

    The two day estimate encompasses the time to search the web for information on customizing phant0m's v6 rules, after I actually manage to find them from a safe location. Apparently, although I do not know all the details, there was a website where his ruleset was located which contained detailed instructions for customizing the rules. This website is no longer available and the information is no longer easy to find. I think there are at least two other forum sites which have information about this but it will take some time to research all of this before finally embarking on the customization itself. I am also assuming I will need to learn a little about network security in the process. My guess is that this was MUCH easier when the former website was available but now that it is gone I am guessing that it will take several days to sort all this out and get the rules customized for my ADSL / router / gateway / ISP situation. Hence my desire to be installing other software, while researching this, with the latest definitions for NOD32 to protect me from bringing anything from my previous system onto the current one. I have almost all of my software burned to CD-R so I am able to install almost everything (including all the Windows XP updates) without ever connecting to the Internet.

    LooknStop itself is very easy to install. If you are happy with the default settings, or enhanced ruleset, and everything works for your situation then you are done. In my case I want extremely effective blocking of as many of the known attack methods possible in order to avoid the catastrophic destruction which I have previously encountered. I understand that thiss is only achievable by using phant0m's rules and customizing them to your particular situation.

    If I am mistaken about this, and there is an easier methodology to achieving maximum protectoin with LooknStop, would someone please correct me and post that information here. Thanks.
     
  8. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    want2bemalwarefree,

    Please hop over the the LnS support forum over here for questions in regard to LooknStop ;) .

    regards,

    paul
     
  9. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Just load the Enhanced Ruleset for the time it takes to update NOD.

    I am restricted to dial-up here but the updating of definitions for a fresh download of NOD has in the past only taken me 5 minutes or so. Obviously this will be even faster on cable/broadband.

    You are obviously a little wary after your past experience but as long as you only visit recognised safe sites for the important downloads you should be okay with the Enhanced rule-set ;) Then you can take your time in setting up the Phant0m's Ruleset.
     
  10. want2bemalwarefree

    want2bemalwarefree Registered Member

    Joined:
    Jan 20, 2005
    Posts:
    19
    Location:
    Texas
    Paul,

    Sorry for the off-topic remark - I answered the previous post that way to ensure that I was not providing misinformatoin and so that people did not get the wrong idea about configuring LooknStop.

    Blackcat,

    Thank you for your suggestion. If the NOD32 folks do not provide me with the definitions by this evening, or do not respond to the email I sent them yesterday, then I will follow your suggestion. I am trying to approach this from a purist standpoint to ensure that I can get my system back to where it was, malware-free, and then make a complete backup so that if something does hit me in the future I will not lose nearly as much time recovering.
     
  11. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Sorry want2bemalwarefree, I was thinking along the lines of Blackcat's suggestion, a minimal setup to get your NOD up to date and then that would allow you to install everything else with NOD checking against the latest sig file.
     
  12. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    We normally run XP's firewall, then connect to the internet and update Nod32, and then install all Windows updates, after this all Spyware Programs...

    Cheers :D
     
  13. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Do you use the free version or one supported by advertising? :D
     
  14. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  15. want2bemalwarefree

    want2bemalwarefree Registered Member

    Joined:
    Jan 20, 2005
    Posts:
    19
    Location:
    Texas
    Thanks Blackspear, I suppose I was being overly-cautious due to my recent encounter with malware. After giving all these suggestions some thought it does seem reasonable to use the enhanced ruleset to connect just long enough to update NOD32. Since I will not be going to any websites directly with a browser I should be fine.
     
  16. Culvin

    Culvin Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    47
    Along with wanting to update your definitions on a fresh install, there's other good reasons for wanting manual updates. I always manually update everything I can because I like having that control, and also because I prefer not to give internet access (through my firewall) to any more programs than I have to. I would very much like to see Eset offer manual updates for Nod32.
     
Thread Status:
Not open for further replies.