You are here

NOD32Portable v2.70.xx (instructions only)

1 post / 0 new
wraithdu
Offline
Last seen: 9 years 5 months ago
Developer
Joined: 2007-06-27 20:22
NOD32Portable v2.70.xx (instructions only)

Being there is a shortage of portable AVs, I figured I'd finally get around to doing this one. Obviously it's not free or open source, so I can't post any files or compiled binaries. But if you own the product, here's how to run it portably. I got the basic idea from a plugin someone did for UBCD4Win.

The following instructions and script assume the normal PApps directory structure. This works with NOD32 v2.70.xx, not the newer v3.0.

These files go in the App\NOD32 directory.
Files needed from local NOD32 directory -

nod32.000
nod32.002
nod32.003
nod32.004
nod32.005
nod32.006
nod32.exe
ps_nod32.dll
pu_nod32.dll

Files needed from %WINDIR%\System32 directory -

mfc42.dll
msvcrt.dll

The nod32.00x files are the definition files. You have to manually update them from your local install at the moment.

Registry file to go into Data\Registry\nod32reg.reg -

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset]

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod]

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion]

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules]

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules\NOD32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules\NOD32\Settings]
"PROFILE_CURRENTPROFILE"="Portable Profile"

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules\NOD32\Settings\Config000]
"PROFILE_NAME"="Portable Profile"

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules\NOD32\Settings\Config000\Scanner]
"signatures_enable"=dword:00000001
"heuristics_enable"=dword:00000001
"heur_sensitivity"=dword:00000001
"adv_heur_enable"=dword:00000001
"scan_app_adware"=dword:00000001
"scan_app_unsafe"=dword:00000001
"scan_app_unwanted"=dword:00000001
"log_all"=dword:00000000
"target_file_enable"=dword:00000001
"target_file_action"=dword:00000004
"target_file_uncl_action"=dword:00000004
"target_boot_enable"=dword:00000001
"target_boot_action"=dword:00000004
"target_boot_uncl_action"=dword:00000004
"target_arch_enable"=dword:00000001
"target_arch_action"=dword:00000004
"target_arch_uncl_action"=dword:00000004
"target_sfx_enable"=dword:00000001
"target_sfx_action"=dword:00000004
"target_sfx_uncl_action"=dword:00000004
"target_rtp_enable"=dword:00000001
"target_rtp_action"=dword:00000004
"target_rtp_uncl_action"=dword:00000004
"target_mime_enable"=dword:00000001
"target_mime_action"=dword:00000004
"target_mime_uncl_action"=dword:00000004
"target_mbx_enable"=dword:00000001
"target_mbx_action"=dword:00000004
"target_mbx_uncl_action"=dword:00000004
"target_mem_enable"=dword:00000001
"target_mem_action"=dword:00000004
"target_mem_uncl_action"=dword:00000004
"scan_extensions_add"="|*|"
"scan_extensions_remove"=""
"scan_extensions_exclude"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules\NOD32\Settings\Config000\Settings]
"TargetCount"=dword:00000000
"Scroll"=dword:00000001
"beep"=dword:00000001
"mapi_enable"=dword:00000001
"ntfs_ads_enable"=dword:00000001
"clean_mode"=dword:00000000
"logfile"=dword:00000000
"logfile_w"=dword:00000000
"logfile_s"=dword:00000000
"logfile_m"=dword:00000064
"logfile_n"="nod32.log"
"antistealth_enable"=dword:00000001
"pass_prot"=dword:00000000
"sendmail"=dword:00000000
"sendmailerr"=dword:00000000

The basic NSIS script. You'll need the Registry and FindProcDLL plugins. You can modify it to suit your needs or any other checks you'd like to make -

!include "Registry.nsh"

CRCCheck On
WindowIcon On
SilentInstall Silent
AutoCloseWindow True

OutFile "NOD32Portable.exe"

Section
	; *** Check whether EXE is launched a second time
	FindProcDLL::FindProc "nod32.exe"
	StrCmp $R0 "0" EndEXE
		MessageBox MB_OK|MB_ICONSTOP|MB_TOPMOST "NOD32 is already running. Aborting..."
			Abort
	EndEXE:
	
	; *** Backup registry
	${registry::KeyExists} "HKLM\SOFTWARE\Eset" $R0
	StrCmp $R0 "0" 0 ImportReg
		${registry::MoveKey} "HKLM\SOFTWARE\Eset" "HKLM\SOFTWARE\Eset_bkup" $R0
		StrCmp $R0 "-1" 0 +3
			MessageBox MB_OK|MB_ICONSTOP|MB_TOPMOST "An error occurred while preparing the registry.  Aborting."
			Abort
	ImportReg:
		ExecWait 'regedit /s "$EXEDIR\Data\Registry\nod32reg.reg"'
	
	; *** Run app
	SetOutPath "$EXEDIR\App\NOD32"
	ExecWait '"$EXEDIR\App\NOD32\nod32.exe"'
	
	; *** Restore registry
	IfFileExists "$EXEDIR\Data\Registry\nod32reg.reg" 0 +2
		Delete "$EXEDIR\Data\Registry\nod32reg.reg"
	${registry::SaveKey} "HKLM\SOFTWARE\Eset" "$EXEDIR\Data\Registry\nod32reg.reg" "/G=1 /A=1" $R0
	${registry::DeleteKey} "HKLM\SOFTWARE\Eset" $R0
	${registry::KeyExists} "HKLM\SOFTWARE\Eset_bkup" $R0
	StrCmp $R0 "0" 0 +2
		${registry::MoveKey} "HKLM\SOFTWARE\Eset_bkup" "HKLM\SOFTWARE\Eset" $R0
	${registry::Unload}
SectionEnd

I'm not sure if this will work on a non-admin account since I haven't tested it. The HKLM keys won't/can't be written, so I'm not sure what will happen when the program launches.

Hopefully this will be useful for someone. NOD32 beats the pants off ClamWin (no offense to the ClamWin guys).