• Toute la Communauté
    • Toute la Communauté
    • Forums
    • Idées
    • Blogs
Avancé

Pas ce que vous cherchiez ? Demandez aux experts !

Ce sujet a besoin d'une solution.
Remerciements0

When do we get NBRT with NPE back?

Having a bootable NPE was great! Now we don't have it at all.

Never saw anyone get it to work on a bootable windows 10 PE (not that I would touch windows 10 if I could help it). Since NPE wasn't running on at least windows 10 PE (bootable) it refused to scan windows 10 (installed) because it won't offline scan a newer OS from and older one (for some reason, all it really needs is registry and filesystem access)

Now we have NBRT on Linux with no NPE. When do we get NPE that can scan windows 10 offline? (either from PE mode or from Linux)

When do we get NPE on NBRT that can scan anything prior to and including Windows 8.1 back? (we used to have that before NBRT went to Linux)

Réponses

Remerciements0

Re: When do we get NBRT with NPE back?

I am not an engineer, so I am only guessing at this. 

The new NBRT may have the NPE technology in the new Linux build, but you just do not see any interface for it. NBRT is not OS dependent as it does not run in the host OS anyway. It boots to Linux, and just scans the files it finds on the hard drive.

The problems you can run into with the newer computers is often related to the hardware and EUFI bios function. You may have to change the bios to the Legacy setting to run NBRT.

Things happen. Export/Backup your Norton Password Manager data.
Remerciements0

Re: When do we get NBRT with NPE back?

I had no trouble booting from this new ISO. I used MBR when I tested it, old disc/ISO was MBR(32-bit only) & 32-bit UEFI (32-bit UEFI is pretty rare). I didn't check the new iso for 32/64 MBR/UEFI support. (You do mean UEFI not EUFI right?)

The scanner (working feature) just needs to mount the filesystem and scan the files. NPE would need to also load the registry which may have limited Linux support.

NPE (not working / not included) is separate a program (1 exe in Window's case), I think there is no Linux version (yet) and therefore it was not included on the disc.

What I am asking (to Symantec / Norton, or any one who can prompt them to answer) is when are they going to make a Linux NPE to service offline windows installs? And if not when, then what are the plans for such a tool (soon, not very soon, never)?

Remerciements0

Re: When do we get NBRT with NPE back?

Yes I did mean UEFI.  Butter fingers.

While waiting for someone with more knowledge on this, I would suggest there is no need for the NPE as the NBRT does what the NPE used to do. The new NBRT now services the offline Windows install. Why duplicate the feature with a second product?

You can still run the NPE from your Norton Security product if you feel the need.

Things happen. Export/Backup your Norton Password Manager data.
Remerciements0

Re: When do we get NBRT with NPE back?

NBRT(Linux) does an offline NPE scan vs just a plain virus scan?

"The new NBRT now services the offline Windows install" -- Isn't that what the old one did?

The old NBRT was windows 8.1 PE based and the contained NPE wouldn't scan any OS newer than that (all of 4 version of windows 10: 1507, 1511, 1607, 1703), because the base OS NPE was running in needed to be greater than or equal to the target OS. The plain virus scanner in old NBRT didn't seem to have this complaint.

Now we have new NBRT(Linux) and it will plain virus scan any version of windows but (unless I missed something) cannot do an NPE scan of ANY OS (because NPE isn't included anymore).

"You can still run the NPE from your Norton Security product if you feel the need." -- yes, but an offline scan is totally immune to any influence of active infections

Say we have a malware that loads early in the boot process which impairs the function of the computer (diagnostic tools, antimalware, etc..) by disabling or effectively hiding from the but is otherwise not special.

#1:
You run the NBRT(Linux) offline plain virus scan (default non-changeable heuristic settings, less sensitive to reputation than NPE), it takes hours (scanning everything, unpacking archives), it may or may not detect it.

#2:
You run the NBRT(the old version with NPE), you don't do the plain virus scan and just run NPE, it scans (most)everything that loads at startup based on reputation (flagging even some border cases when it's not sure), its done in minutes, it flags newly mutated(per-infection basis) malware because:
It loads at start up, it has an undefined reputation because this is the first it's been seen.

#1, hours later you might have found the malware, #2 minutes later you find the malware.

Remerciements0

Re: When do we get NBRT with NPE back?

It seems you are hung up on the name of a specific scan that used to be included in the older NBRT because it was based on a Windows OS. How can you be sure the scan being done with the new Linux based NBRT is not as thorough as the older NPE scan? You say yourself that the new scan takes a long time. 

Anyway, this is starting to get over my head. So I'll leave you to other users here that may have more experience with NBRT.

Things happen. Export/Backup your Norton Password Manager data.
Remerciements0

Re: When do we get NBRT with NPE back?

The idea is that the scan is fast. Slow means I probably won't ever run it. Also it doesn't present results the same way as an NPE scan.

It was included because I could see and use it. Now it is not included because I neither see it to use, nor do I see the results. Also the benefit of being very quick is gone too.

Event if some part of it remains (which I don't think is the case) the advantages of the tool are gone.

(FYI: I use NPE primarily to detect, generally never to remove.)

Remerciements0

Re: When do we get NBRT with NPE back?

Hi,

I can answer a couple of these questions.

When do we get NPE that can scan windows 10 offline? 

We will look into making something available, but I have no timelines. We are busy doing some updates to several tools and NPE is in that list.

When do we get NPE on NBRT that can scan anything prior to and including Windows 8.1 back?

Odds are going to be against adding NPE back into NBRT. There are several large components of NPE that are windows only. That could change, but we will look into trying to support some form of offline scanning options for NPE. We know this is important.

I'm sure these are not the answers you were looking for, but we are aware of the issue.

Thank you,

Jeff

Remerciements0

Re: When do we get NBRT with NPE back?

That's exactly what I wanted to know. At least I know it is in the works.

But we used to have Windows 8.1 and under scanning before in NBRT (I plan to avoid windows 10 whenever possible), now we don't even have that. Why is the Windows 8.1 PE version (the only drawback being that it didn't NPE scan windows 10) not available for download anymore?

Remerciements0

Re: When do we get NBRT with NPE back?

Some licensing issues.

All I know is we had to build out a Linux version due to these changes.

Remerciements0

Re: When do we get NBRT with NPE back?

Licensing really? And I bet it's microsoft at issue. After all their current secret (illegal) campaign is to drive out all other antiviruses and replace them with the junky windows defender. If marketing (aka the people in charge at microsoft at the moment) says to do something to it's workers then they do it (weather it makes sense from a customer relations standpoint, is legal, or physically possible in this universe -- doesn't matter). Once the compilation is gone wait two years and start charging the customer for the service.

Any chance of making greater use of Early Launch Anti-Malware (ELAM) in windows 8.x/10?

Remerciements0

Re: When do we get NBRT with NPE back?

I will ask about ELAM.

My main focus is NPE and other internal tooling.

Remerciements0

Re: When do we get NBRT with NPE back?

symc_Holt:

I will ask about ELAM.

My main focus is NPE and other internal tooling.

So what ever came of asking? It's been quite a while...

Remerciements0

Re: When do we get NBRT with NPE back?

password_password:
symc_Holt:

I will ask about ELAM.

My main focus is NPE and other internal tooling.

So what ever came of asking? It's been quite a while...

Does this do anything in the forum?

@symc_Holt
@password_password

@symc_Holt
@password_password

You have to do whatever I just did manually?

Remerciements0

Re: When do we get NBRT with NPE back?

The @ feature does not work for regular users. Only employees, admins, and gurus can use it to notify the user you are trying to get their attention.

It looks like an admin may have added the working @ for you.

Things happen. Export/Backup your Norton Password Manager data.
Remerciements0

Re: When do we get NBRT with NPE back?

peterweb:

The @ feature does not work for regular users. Only employees, admins, and gurus can use it to notify the user you are trying to get their attention.

It looks like an admin may have added the working @ for you.

Sorry, didn't meant to stir up such excitement. Like many things on many forums, this forum being no exception, certain features are either poorly documented or seldom discussed.

I'd seen in done before, didn't know who was permitted to use it, how one actually does use it (if permitted), and what the notification looks like. So I tested it.

First I just typed "@Username", that didn't end up with the expected result (no hyperlink, no notification). Then I examined a post where someone else had done it and replicated the relative hyperlink to the user's profile (editing my post). Still didn't get whatever the expected notification was, edited more puzzlement (the last line) into my post.

It didn't (seem to) work, I didn't magically get "@mention" powers, I just posted some hyperlinks.

@peterweb
@bjm_

Remerciements0

Re: When do we get NBRT with NPE back?

Thanks for the clarification.

You are correct that it did not work for you. There is nothing to stop you putting @ someone in a post. As long as they have been posting in that thread they will probably still get an email notification of a reply to their thread. But not related to the @ that you place in a post. And it can clarify who your post is directed to.

Things happen. Export/Backup your Norton Password Manager data.
Remerciements0

Re: When do we get NBRT with NPE back?

peterweb:

Thanks for the clarification.

You are correct that it did not work for you. There is nothing to stop you putting @ someone in a post. As long as they have been posting in that thread they will probably still get an email notification of a reply to their thread. But not related to the @ that you place in a post. And it can clarify who your post is directed to.

I'll usually just quote for that. I figured at first it would make a "hey you're not subscribed to this post, but someone there is trying to talk to you" notice appear somewhere in the forum interface.

I still would like to hear back from symc_Holt about what he found out about ELAM though...

Remerciements0

Re: When do we get NBRT with NPE back?

@symc_Holt

@password_password is wondering if you have been able to get any update on the ELAM question above?

Things happen. Export/Backup your Norton Password Manager data.
Remerciements0

Re: When do we get NBRT with NPE back?

Any word on any of the topics of discussion in this thread? (ELAM, NPE in a bootable form)

This thread is closed from further comment. Please visit the forum to start a new thread.