Plugin for BartPE / UBCD4Win

Discussion in 'ESET NOD32 Antivirus' started by tsherr, Jul 27, 2009.

Thread Status:
Not open for further replies.
  1. tsherr

    tsherr Registered Member

    Joined:
    Jan 30, 2007
    Posts:
    62
    I'd like to get a plugin for either BartePE or UBCD4Win for NOD32 v4. We have the 2.7 plugin, so we know Eset knows how to write a plugin for these systems, but 2.7 is really out of date and it would be nice to have a current plugin.

    According to this thread: https://www.wilderssecurity.com/showthread.php?t=230955 it was being investigated, but there doesn't appear to be any activity since.

    T
     
  2. ASpace

    ASpace Guest

    2.7 is not out of date for the purpose of BartPE , for example .
    It will only have to perform on-demand scan of the files and clean/delete the dangerous/infected ones .

    v3/v4 's improvements are for Windows environment (not a non-Windows environment like BardPE's one) . Improvements such as improved cleaning or rootkit detection are based not on the on-demand scan but on additional drivers (ESET Helper - for deleting active trojan-type threats ; anti-stealth driver for active rootkits) . So , using v2.7 NOD32.exe , v3's ecls.exe or v4's ecls.exe is absolutely the same in BartPE environment . Just make sure they are up-to-date :thumb:
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I'd like to put this right - nod32.exe from v2 has worse detection ratio than ecls.exe from v3/v4 because of the improved engine in the newer version.
     
  4. ASpace

    ASpace Guest

    Well , then my whole post above is completely wrong . o_O

    My apologies :thumb:
     
  5. tsherr

    tsherr Registered Member

    Joined:
    Jan 30, 2007
    Posts:
    62
    Exactly. That's why I'd like to be able to use V4 on UBCD4Win for cleaning. I'm already using a set of other anti-malware software in UBCD4Win so booting a system recovery disk after the initial cleaning is just too slow and isn't an option.

    T
     
  6. tsherr

    tsherr Registered Member

    Joined:
    Jan 30, 2007
    Posts:
    62
    Any further word on this from Eset? As Marcos pointed out, 3 and 4 are better at detecting infections than 2.7. Can we get an official plugin for UBCD4Win?

    T
     
  7. Cosmo 203

    Cosmo 203 Registered Member

    Joined:
    Mar 3, 2008
    Posts:
    165
    Beside the question, wether v2 is worse in detection than v3 & v4:

    The point is: The named plugin is de facto unusable, as it is not possible to update the definitions. I had reported this already on Feb 4th of this year in detail in the same thread, where agoretsky said 7 posts later, that ESET is going to investigate that.

    And now they investigate, investigate, investigate ... until death. But nothing came out until today. (Or they did not investigate, but only told so.)

    (With this experience I stopped reporting here anything, as it is worthless.)
     
  8. nodyforever

    nodyforever Registered Member

    Joined:
    Oct 30, 2007
    Posts:
    549
    Location:
    PT / Lisbon


    Hello Cosmo,


    Probablity next version.......v5....news functions, new design and new SO support.


    patience very very patience coming soon v5 :)
     
  9. ASpace

    ASpace Guest

    Oh , dear , my dear nodyforever , we are and have been so patient that we can die until wee see any big step UP . Unfortunately , ESET are so slow when it comes to innovations and new feautures , non-critical bugs fixes that it can be so long until anything changes.

    With my whole respect to ALL ESET moderators and ESET staff , why are they so quiet about this - no response .

    And you , don't rely on this - "v5" . It might take quite a long period till you see it (in the public) . And IMO v5 needs extremely new way - innovative technologies , new design of the GUI , removal of the unnecessary "cluster" that is still here since v1/v2 , new/more feautures...

    In order to scan from non-Windows environment , very simple and dummy way is : (1) create a bootable Bart-PE CD and include files in it
    (2) the necessary files are all files from your C:\Program files\ESET\ folder


    Then , boot from the CD , start the command prompt and load ecls.exe from the ESET NOD32 folder you have on the cd . Perform full scan with /aind / auto parameters.
     
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I'm sorry but I have no clue as to what kind of response you'd expect. Everything has been already said. The official solution is using RescueCD. The BartPE plugin has never been officially supported.
     
  11. ASpace

    ASpace Guest

    No , I don't expect anything from ESET - not anymore.

    Let's be honest . ESET SysRescue is extremely limited solution that practically nobody uses and would use . Reasons : I am sure you know them but I can show them here:


    - 1.3 GB download :)o )
    - If running XP , download more
    --------- takes a lot of time and effort . Neither average Jo , nor the best professional will download so big file when it is possible to download less --------

    sys_rescue.png

    While , Bart PE download is just 3 MB , simple to install and run , one needs just the OS disk and will have the ability to create a CD . With SysRescue , one needs to have either USB or DVD .

    BartPE.png



    Even USBC4WIN is simple . One can use ComboFix to install Windows Recovery Console and load from it.
     
  12. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The only 100% legal solution officially supported by Microsoft is WinPE, that's why we employ it and that explains it all.
     
  13. ASpace

    ASpace Guest

    I am aware of that but who cares that it is the only legal solution ? It must be the usability that is important , not the the fact "The only 100% legal solution officially supported by Microsoft is WinPE". Trying to be Microsoft brother , you have made it worse . You now use MS Installer to install the program , which makes the whole installational process slow . You use their product for SysRescue .

    If you use your own installer (like with NOD32 v2) the install process would have been much faster and cleaner . Like Norton 2009 - they have their own installer and it is what makes the install process fast .

    Back on topic - I am not aware of anyone who will use SysRescue because it is practically unusable . :cautious:
     
  14. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    :thumb:
     
  15. nodyforever

    nodyforever Registered Member

    Joined:
    Oct 30, 2007
    Posts:
    549
    Location:
    PT / Lisbon

    I agree with your explanation.
     
  16. nodyforever

    nodyforever Registered Member

    Joined:
    Oct 30, 2007
    Posts:
    549
    Location:
    PT / Lisbon

    + 1 vote
     
  17. nodyforever

    nodyforever Registered Member

    Joined:
    Oct 30, 2007
    Posts:
    549
    Location:
    PT / Lisbon
    In its pure ignorance ... the Eset is to kill herself ...


    Version 2.7 has never had so many problems, but these new versions, the only negative point was simply to its interface, but not the AV took the honor that was.


    Where the solutions are simple, fast, small and effective?
     
  18. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    whats wrong with going the linux rescue cd route like most vendors do?
     
  19. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    As has been stated previously, the issue is under investigation.

    If you choose to copy the ECLS.EXE and EMo_O_??.DAT files from your installation of ESET NOD32 Antivirus or ESET Smart Security v4 to a BartPE or UBCD4Win disc please keep in mind that this is an unsupported configuration and that ESET support may not be able to provide you with very much assistance beyond pointing you to ESET Knowledgebase article #565, "ESET Command Line Scanner Parameters ".

    Regards,

    Aryeh Goretsky
     
  20. trencan

    trencan Eset Staff

    Joined:
    Nov 21, 2008
    Posts:
    120
    It seems you don't like MS AIK, MS installer too. Then question is if you like Windows OS at all. I think it's quite obvious, that applications dedicated for MS Windows use MS tools, isn't?

    Regarding BartPE, now it supports only WinXP, neither Vista nor Win7. If someone buys new PC with preinstalled Vista, then what? Where does he get XP installation CD? XP is old OS and with XP mode in Win7, MS tries to force users to move from XP to Win7. So if nobody ports BartPE for Vista or Win7, in few years it will be unusable. And who assures, that BartPE will be ported to Vista or Win7 once? And as you wrote: "It must be the usability that is important".
     
  21. trencan

    trencan Eset Staff

    Joined:
    Nov 21, 2008
    Posts:
    120
    Regarding IMAPI 2.0 for WinXP, it is required only if you want to burn CD/DVD with SysRescue Wizard. But if you want to make bootable USB or only iso image, you don't need IMAPI at all.


    With SysRescue it is not necessary to have DVD, CD is enough. To install MS AIK, you can use any virtual DVD program, which allows you to mount iso image as DVD drive.

    Image of SysRescue is below 300MB in size, so again no need for DVD to burn it.
     
  22. Cosmo 203

    Cosmo 203 Registered Member

    Joined:
    Mar 3, 2008
    Posts:
    165
    @Marcos:
    Why don't you ask in the first place, how the user (= your customer) is connected to the Internet? Did you ever think about the amount of time that is needed for downloading far more than 1 GB via smallband connection? And the amount of cost? (Smallband connections are often to be payed by the connection time.)

    Obviously you have not.

    @agoretsky:
    You have said, that it get's getting investigated. That was half a year ago. No output in 6 month does mean for many people, that the investigator is either not qualified to give results or that this is a nice reading sentence.

    If I buy anything, no seller will be satisfied, if i tell him to investigate about the best of way of paying.

    about legal:
    Reread the old thread, all has been said there. If ESET should consider Bart PE as illegal, I wonder really, how they could ever provide the today useless plugin. And why MS did not have success to remove the PE builder site.

    about Vista:
    Until today XP is still the far mostly installed Windows version. And even MS has got the realization, that Vista is something, that should get forgotten as soon as possible. Out of this they named their Vista 2 so called "Windows 7", whereas it is technically Windows 6.1. So arguing with Vista is arguing with a minority solution, that is even during life-time dead, disliked even by it's creators, who want people to forget the name of a product, that has been said by MS-CEO Steve Ballmer as "the most important innovation since Windows 95" before release. Until October (when Vista 2 is out) XP will stay the Windows OS with the far most installations; what follows can not be seen until the next year.
    Normal behavior is to support the mainly installed OS, not the accident-OS.
     
  23. ASpace

    ASpace Guest

    And it is enough . It works (effectlively) and has been working since v2 of NOD32 . But if ESET company decides to continue to be ignorant and say it is "unsupported configuration" , then it is ESET company's choice .
     
  24. ASpace

    ASpace Guest

    No , I like Windows OSes and Microsoft as a company . They have very little to improve , IMO . One of them is this giant AIK .

    I am not talking about BartPE as the best or the onliest solutions out there . There are numerous other ways of creating a bootable media and to boot from non-Windows environment.

    Windows XP is the best OS Microsoft has ever created . The one that is still the most wide-spread and the most usable . I have computers running Vista , have tested Windows 7 for a while but XP remains my preffered choice (and not only my own but other people's , too) . Furthermore , XP is going to be supported until 2014.

    I am sure they won't succeed.

    Sure . But it can easily be ported to the new OS and one more thing I already mentioned - "not talking about BartPE as the best or the onliest solutions out there . There are numerous other ways of creating a bootable media"
     
  25. ASpace

    ASpace Guest

    A potential bug in ESS reported in October 2008 is still being investigated by ESET developers ... When/if a fix will be made remains unknown ....-> Some companies just need more time than others ...
     
Thread Status:
Not open for further replies.