NOD32 on bootable media - real world options?

Discussion in 'NOD32 version 2 Forum' started by LowWaterMark, Sep 16, 2004.

Thread Status:
Not open for further replies.
  1. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Recently, a question similar to this was asked here: When will Eset provide instructions (or better yet, an actual kit) for creating a bootable CD capable of allowing NOD32 to scan and clean systems? The answer provided stated that there are indeed plans to provide such a thing, but no time frame was given because of other priorities. This is a valid answer, if not the one most people wanted to hear.

    So, I've created this thread for you all to explore any technical alternatives that exist today, that would allow people to create such a thing for themselves. This is assuming it is even possible given the complexities, the most limiting of which is probably the need to support NTFS drives from outside the NT-based Windows operating systems.

    On topic posts include any thoughts and ideas regarding how to build such a thing. Of course, we need to stay completely legal, as well, meaning no cracked NTFS drivers or such.

    Off topic posts include such things as merely posting complaints that Eset hasn't already provided such a thing. We've explored that already and we know people are not happy about it. Also off topic would be recommendations to use/buy some other AV package.

    Let's just see if there are real alternatives for making bootable media that provides an environment capable of running a NOD32 based scanner, which isn't too complicated to put together or expensive to make. This may not even be practical, but let's find out.
     
  2. fredra

    fredra Registered Member

    Joined:
    Jul 25, 2004
    Posts:
    366
    I have been reading some of these threads on the "boot Cd" issue and I KNOW I read somewhere about someone creating one, but I can't find that specific item. However, I have located some other pieces of information, which I present here. This is taken from another forum (hope I am not going against the TOS), so I have to give credit to them for providing this information.
    THE LINKS DID NOT APPEAR TO WORK BY CLICKING, SO YOU WILL HAVE TO COPY & PASTE

    BEGIN
    It came out of the ultimate boot cd forum as users where wanting a windows based version.

    The windows ultimate boot cd is more in line with wininternals administrator pack.

    The Windows UBCD and Ultimate BootCD are two entirely different projects the only similarity is the name.


    Here is some more history and examples

    Hopefully this will stop the confusion people are having between the 2 CD's.

    The CD's are by different people.


    http://www.windowsubcd.com (Windows Ultimate Bootcd Homepage)

    http://www.ultimatebootcd.com (Ultimate Bootcd Homepage)



    Windows UBCD needs extra files provided by the user ie the I386 folder of the WinXP installation cd (SP1 or SP2 needs to be slipstreamed)
    Ultimate BootCD (UBCD) is a complete ISO that needs no other files to burn it to CD and it works.

    Windows UBCD gives the user a Windows user interface
    UBCD gives the user a DOS based user interface (won't complicate it by saying it's a Linux boot CD for the sake of simplicity it's dos)

    Windows Ultimate BootCD boots once and you can access all programs, no further reboot required
    UBCD boot you need to reboot each time to access different program

    Windows UBCD gives you full read/write access to NTFS/FAT/FATS32 drives
    UBCD gives read/write to FAT/FATS32 and ONLY read access to NTFS (this means you can't alter any data)

    Windows UBCD limited support for USB devices ie external hdd's providing they are plugged in at boot
    UBCD no USB support

    There are more differences between the two I'll limit it to this.

    The UBCD is still a valuable tool for any admin or home user, the Windows UBCD is a enhancement not a replacement.

    Some real world examples of the difference.
    You have a virus on a WinXP PC with a NTFS drive. The UBCD will not be able to remove it, as you are limited to running one program at a time, it has NTFS read capabilities but can't run the virus scanner at the same time, even if it could you only have READ capabilities this means you can't write or delete data from the drive.

    Now the Windows UBCD has full read/write access. This means it can remove virus's from a NTFS drive, so the Windows UBCD can do what the UBCD can't.

    Another example is data simple data recovery. Your hard drive won't boot but the data is OK. The UBCD will give you read access but you can only write the data to either FAT or FATS32 drive neither can you write data to a USB hdd.

    The Windows UBCD gives you full read/write access to your drives. This means that if you have two NTFS hard drives you could copy your data from one hard drive to another to rescue your data. If you have a USB external hard drive you will be able to plug it in and copy the data that way. With original UBCD you wouldn't be able to do this.
    END

    I hope this will help and we will not have to re-invent the wheel. Please no flaming, I am just presenting the information.
    Cheers :)
     
  3. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Thank you Fredra. That was very informative. :)

    Basically, that rules out the UBCD, because one would want to read from and write to NTFS partitions with the DOS NOD on demand scanner.

    Can the DOS version of NOD on demand scanner be run from the Windows UBCD?
    Would the DOS NOD be able to scan/clean NTFS partitions in such a case?
    How effective would the DOS NOD scanner be compared to NOD32 on demand scanner? (Advanced Heuristics, etc.?)

    Can the NOD32 on demand scanner be installed and run from a Windows UBCD?
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    In one of the screen shots of WinUBCD it shows e-scan antivirus. It seems that if e-scan will work that it should be possible to use nod instead. I am not a programer so I might be just running in the wrong direction and it might not be possible. But I don't see why one of our very knowledgable members couldn't be able to reach a solution.


    just a thought
    bigc
     
  5. fredra

    fredra Registered Member

    Joined:
    Jul 25, 2004
    Posts:
    366
    As I mentioned in #2
    "I KNOW I read somewhere about someone creating one, but I can't find that specific item"
    I think I found it here

    http://nyquil-kid.dyndns.org/
    Public AntiVirus CD (approx 95 megs)

    Other folks have used it, however, I have not, so I have no knowledge about its effectiveness OR if it can read an NTFS partition.
    I have been informed that he uses freely available AV's (no lic. required) and he updates it with new definitions.
    I have no connections with the writer so I can't vouch for its integrity.
    Check it out and use at your own risk.
    Cheers :)
     
  6. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    I'm sorry but I got totally lost in fredra's explanation. :( My head is spinning. The names are too similar and I could not keep straight which one does what but doesn't do other things that the other one does. :p

    I would like to see someone write a NOD32 plugin (or update the existing one) for BART PE. That to me seems to be the way to go.
     
  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    We are working on this solution, it will take time to see if the current author will be willing to alter his software to be compatible with the latest version fo Nod32...

    If/when this happens I'll post a step by step tutorial...

    Cheers :D
     
  8. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Ahhh...that is great! Plus, with your excellent tutorials all of us will be able to make one successfully. Wonderful news. :) ( I don't mean to sound too optimistic but I bet the author will be willing to upgrade his plug-in).
     
  9. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Also keep in mind that this thread was meant to gather ideas and maybe some technical data just to see what possibilities exist. It wasn't expected to yield an easy to use solution immediately, and that's mainly because if it was that easy, it would probably already be available.
     
  10. webmedic

    webmedic Guest

    I do quite q few barts plugins and make cd's. I'm also an authorized nod32 seller. At any rate I have a version of nod that runs from barts pe. I'm not sure if anybody else has worked on this but I wouldn't mind making a plugin for it.

    I'm not sure if email addies or anything are legal here but

    bah@webmedic.net is my email. Anybody that would be interested in this let me know. Especially the nod32 admins here.
     
  11. webmedic

    webmedic Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    123
    Location:
    just curious how much info you can get into here a
    I'm signed up now also. and watching this thread for replies.
     
  12. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I had a go, well one of my techs did, he is now bald and has been committed...

    Welcome to Wilders Webmedic. At a later date (I'm a little busy on the home front at the moment) I'd like to give your version a go...

    Cheers :D
     
  13. webmedic

    webmedic Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    123
    Location:
    just curious how much info you can get into here a
    Well I would say one of my techs but I own the company and I do allot of this kind of stuff myself. I would rather stay hands on. Sure I have the files working as they are but have not made it into a plugin. For now it's a matter of me having everything in one folder that I just execute nod by hand from. This is only for the scanner component as the rest of it is not really needed under barts pe anyway.

    I could easily have it inot a plugin by tomarrow though.
     
  14. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi webmedic,

    a BartPE plugin would highly interest me as well ;)

    regards,

    gkweb.
     
  15. webmedic

    webmedic Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    123
    Location:
    just curious how much info you can get into here a
    OK i have it done I'll have it up in a few minutes. The only thing about this is that it is just the scanner but that is all we really need anyway. So everytime you need to update the files just grab them out of your nod32 folder and you will be good to go.

    I know of no way to load the whole gui at this time but a scanner is what we really need and not the whole gui anyway as the only thing the gui provides that we would need would be the auto download of definition updates.


    Now one more thing as far as I know this will work with the trial version also but of course you will limited to 30 days of definition updates.
     
  16. webmedic

    webmedic Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    123
    Location:
    just curious how much info you can get into here a
    sorry I made one last change to autoload settings. I'm testing it right now then I'll release if there are no issues.
     
  17. webmedic

    webmedic Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    123
    Location:
    just curious how much info you can get into here a
  18. pc-support

    pc-support Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    285
    Location:
    Edinburgh, UK
    I have a plugin for NOD32 and BartPE. If anyone wants to use it then email me at richard.burt at mac.com and I will forward it on to you.

    Richard

    PS Cheers Ronjor!
     
    Last edited: Jun 22, 2005
  19. webmedic

    webmedic Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    123
    Location:
    just curious how much info you can get into here a
  20. Peter DG

    Peter DG Registered Member

    Joined:
    Sep 17, 2004
    Posts:
    1
    Hi, I'm an authorised reseller and have been reading the threads with enthusiasm.
    But I have lost the point of how to build the cd.
    I have tried to burn nod 32 dos onto a cd that was made bootable by Nero that uses Dr Dos as a boot agent.
    The computer boots into the prompt A:, and then I enter the command line provided by Eset, "nod32dos.exe" but I only get "bad command"

    Since I repair computers, many customers bring them in when they are totally not booting into windows. I do use Norton System works, which does get some bugs, but I would like to have a more aggressive bootable cd, which would reduce the elimination "time" involved in such painstaking process.

    So if some could present a straight forward creation process it would be very much appreciated. :D
     
  21. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    We simply slave the infected drive off a clean protected system and have Nod32 run a scan on the infected drive.

    Hope this helps...

    Cheers :D
     
  22. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Same here, but I am also aware of this link - though I must admit I've not followed through on it. I'd be interested to hear if anybody has...?
    http://www.nod32.com.au/nod32/support/avdisk.htm
    Although it does certainly sound quite promising... :)
    http://www.avdisk.org/pages/en/about.html
     
  23. rjprice

    rjprice Registered Member

    Joined:
    Jul 4, 2004
    Posts:
    35
    Location:
    UK
    Well, in the sense that floppy disks are bootable media for those of us still using such antiquated equipment - there's a workable solution using AVDisk to package NOD32 for DOS:

    http://www.avdisk.org/pages/en/about.html

    This states that it includes NTFS support, but I haven't had occasion to try it.

    Richard
     
  24. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    :)
    The working set of bootable floppies is the main thing - once you get that for, you can normally transfer them all into bootable CD format without too much hassle :)

    If I run out of other things to do I'll try it out sometime in the next few days and post back - unless anybody else already has?
    :)
     
  25. rjprice

    rjprice Registered Member

    Joined:
    Jul 4, 2004
    Posts:
    35
    Location:
    UK
    Apologies for not reading your previous message carefully enough - I now see you posted the same link to AVDisk as I did later.

    I've been using it for a while (it's just the NTFS support which I haven't tried), and I'm pretty happy with it. It gets NOD32 for DOS onto 3 floppies - far less than the rescue disks for my previous AV program - and it all works fine. Of course the process of creating the disks isn't quite as slick as with some of the integrated rescue disk facilities, but it's perfectly usable.

    I had just one minor problem with the current release (9.2c): the Quick Memory Scanner component Qms.exe complained about an incorrect keyfile (Qms.ini). I managed to fix this by going to http://roseswe.ez-web.de/, downloading MemScan_7-0-6.zip and extracting a new copy of Qms.ini dated 17/05/05 (the same as the Qms.exe I already had). I have emailed one of their contacts about this, but there hasn't been a new download version issued since. Bearing in mind that this is freeware and not formally supported in any way, I'm not too concerned about that. Anyway, you might not meet the same problem.

    Richard
     
Thread Status:
Not open for further replies.