Based on Ewieldra Antivir 7 plugin:
- inf file rebuilded from scratch
- cmd scripts modded

Be aware that avira's servers are very very busy because of this new version, so you will have a lot of errors when downloading the appz .... it's not a plugin error.


Current version: 0.8
status : Final version (full working version: update, scan, realtime protection, control panel applet ...)
grab it here : http://red.boot-land.net/plugins.html

PS:
If you are unhappy with this plugin, take it easy (i'm not paraglider nor ewieldra nor any other very skilled gurus) and i'll try to fix it. Or wait for a better job.

When I run getantivir.cmd, I get this, maybe because I use Vista??:



File Downloader - Version 1.08 (build 54.2)
Downloads a file from a HTTP or a FTP server.
Copyright © 2004-2006, Noël Danjou <webmaster@noeld.com>.

Protocol: HTTP
Method: GET
Server: dl1.avgate.net
Port: 80


antivir_workstation_winu_en_h.exe: 21,2 MB downloaded.

21,2 MB in 1 file(s) downloaded. 0 error(s).
Done.


File Downloader - Version 1.08 (build 54.2)
Downloads a file from a HTTP or a FTP server.
Copyright © 2004-2006, Noël Danjou <webmaster@noeld.com>.

Protocol: HTTP
Method: GET
Server: dl.antivir.de
Port: 80


ivdf_fusebundle_nt_en.zip: 19,6 MB downloaded.

19,6 MB in 1 file(s) downloaded. 0 error(s).
Done.



7-Zip 4.55 beta Copyright © 1999-2007 Igor Pavlov 2007-09-05

Processing archive: C:\Users\Troels\Desktop\AVP8\AVPdownload\antivir_workstation
_winu_en_h.exe

Error: Can not open file as archive


Total:
Folders: 0
Files: 0
Size: 0
Compressed: 0


The system cannot find the file specified.
The system cannot find the file specified.
C:\Users\Troels\Desktop\AVP8\AVPextract\.
The system cannot find the path specified.
0 dir(s) moved.
The system cannot find the path specified.



7-Zip 4.55 beta Copyright © 1999-2007 Igor Pavlov 2007-09-05

Processing archive: C:\Users\Troels\Desktop\AVP8\AVPdownload\ivdf_fusebundle_nt_
en.zip

Error: Can not open file as archive


Total:
Folders: 0
Files: 0
Size: 0
Compressed: 0


The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.



7-Zip 4.55 beta Copyright © 1999-2007 Igor Pavlov 2007-09-05


Error:
Unsupported archive type


Regards

Hoest

it seems that you have a download issue.
i do run again getantivir.cmd script and it works here.
i'm using XP not vista.

try this:
download back the plugin now 0.2 RC (i updated the download.exe, 7z.exe and corrected 1 tiny bug in the inf)
create folders:
- C:\Users\Troels\Desktop\AVP8\AVPdownload
- C:\Users\Troels\Desktop\AVP8\AVPextract

download manually antivir_workstation_winu_en_h.exe and put it into AVPdownload.
download http://dl.antivir.de/down/vdf/ivdf_fusebundle_nt_en.zip put it into AVPdownload
check if you can extract those files manually in an other temp folder
rem all STEP 1 and STEP 2 lines of the getantivir.cmd
run getantivir.cmd and tell me if it's ok.

Regards.

0.3a (Final, i guess) online
- raised min free disk space required on ramdrv
- 2 small mod about url.
- new ico

i tested it quite a lot and everything seems to work fine.

How it goes for you (bad and good reports are welcome)?

I downloaded the files manually and they extract just fine... I then did the rem of Step 1 and Step 2 in getantivir.cmd and created the two folders you mention above and added the two files to AVPdownload. When I run the modded getantivir.cmd, I get the same errors as earlier!..

Regards

Hoest

Can you do this test:

create a test.cmd file into the plugin directory (where 7z.exe is) and put this line in it


And check if the %~dp0 is correctly "converted" by the system (should be your path)
Did the files extract?

Did some other users successfully used this plugin, or am i the only one that can use my plug?

Hi ReD

I'm sorry to say... it fails.. This is the output:

C:\Users\Troels\Desktop\AVP8>C:\Users\Troels\Desktop\AVP8\7z.exe x C:\Users\Troe
ls\Desktop\AVP8\AVPdownload\ivdf_fusebundle_nt_en.zip *.* -oC:\Users\Troels\Desk
top\AVP8\AVPextract\basic -aoa

7-Zip 4.57 Copyright © 1999-2007 Igor Pavlov 2007-12-06

Processing archive: C:\Users\Troels\Desktop\AVP8\AVPdownload\ivdf_fusebundle_nt_
en.zip

Error: Can not open file as archive


C:\Users\Troels\Desktop\AVP8>pause
Press any key to continue . . .

so at this point we can state that 7z produces the error saying that the zip file is not a correct zip file.
we also can say that it's not the cmd script that is faulty.

do you agree?

to go deeper, what tools do you use to extract the zip and and antivir_workstation_winu_en_h.exe files to check that they were healthy? since i've no error with 7z on my side.

here are the md5 of those files:
719C8B24E2AA68BB1BC181204F2BADF4 *antivir_workstation_winu_en_h.exe
7F99135685E8C8C5B68088040DA1ABB1 *ivdf_fusebundle_nt_en.zip

check if you got the same.

by the way a 0.3b is online
- a tiny bug (tittle instead of title)
- added a better ouput in case of log needed (ex: getantivir.cmd > logme.txt)

@Red
Uasge of %~dp0 within scripting lines does fail at many platforms, and for odd reasons or personal changes involving the users environment settings.

Instead, try setting the ROOT variable at the begining of your script and use that within each given command.
You could also just use the %CD% variable if your not changing paths anywhere within the script.

@ECHO OFF
SETLOCAL ENABLEEXTENSIONS
CD /D "%~dp0"
SET ROOT=%CD%
7z.exe x -y %ROOT%\AVPdownload\antivir_workstation_winu_en_h.exe *.* -o%ROOT%\AVPextract -r
IF NOT errorlevel 0 GOTO :ERROR
7z.exe x %ROOT%\AVPdownload\ivdf_fusebundle_nt_en.zip *.* -o%ROOT%\AVPextract\basic -aoa
IF NOT errorlevel 0 GOTO :ERROR
pause&exit

:ERROR
Echo. your message here...
pause&exit

BTW: This is only from you example posted above and is not tested, just an observation about support any build platform.

@hilander999
thanks for the proposal ! i've updated the plugin!

0.3c:
- getantivir.cmd : using SET ROOT=%CD%
- avp.inf : added thanks to hilander999 for his idea

@hoest
so you are good for another download
use the checksum on the avira's file in any case, so we'll be sure of them

I use Winrar to unpack files with .... I just tested your new plugin, the problem is still the same in Vista: Error: Can not open file as archive

The checksums match when I download the files...

719C8B24E2AA68BB1BC181204F2BADF4 *antivir_workstation_winu_en_h.exe
7F99135685E8C8C5B68088040DA1ABB1 *ivdf_fusebundle_nt_en.zip

... so we can conclude that there is a "Vista bug" in the latest 7-zip, correct??

Regards

Hoest

@hoest
When you run the script, do you use "Run as Administrator"? If not, please try.

My scripts that use 7zip work just fine in vista, both 32 & 64 bit versions.

EDIT: are the required DLL files included with 7zip in the plugin?

I have tried that too... no change

@Hilander999

errh... what dll's are you refering to?

add the following dll file to the same directroy as 7z.exe...

*Link Removed
and try again.

@RED
Grab that file also because I'm not going to leave it up for long.
From what I saw, your just missing the one file to make it work and since you have 7zip installed on your system you would not see the problem yourself.

BINGO!! Elvis has left the building...

That did the trick!!

@ReD

Will you add nu2menu as well?

AVP8_nu2menu.xml


add these lines to the inf..

[Append]
nu2menu.xml, AVP8_nu2menu.xml

Regards

Hoest

here we are!

7z should output a more explicit message when a dll is missing !!!

Thanks both of you for your help (hilander999) and the test (hoest)

0.4
- fixed 7z missing dll
- added nu2menu file

Hoest : tell me if everything is ok.

It works great now ReD!, Thanks for a cool plugin...

Regards

Hoest

@RED
I just tested your script for the first time on vista64 and it does not work for me.
When I run it from explorer, I get no error but it just hangs at the downloading part and errors out with a PORT problem.
Using RUN AS ADMINISTRATOR allows the port to work, but this makes the cmd file start in your windows system folder which means download.exe does not exist and it creates empy folders in my windows directory. The CD /D at the top of the script changes to where the file was run so you dont have this problem and the ENABLEEXTENSIONS will help because of a lot of companies disable command extensions within there network.

Adding this info to the top of the file as I point out before corrects the problem.

@ECHO OFF
SETLOCAL ENABLEEXTENSIONS
CD /D "%~dp0"
SET ROOT=%CD%


Did you write the cmd scripts from scratch or did you follow someone else's example?
I am wondering because you can cut the routine down to a fraction of what it uses now if you use a "FOR /F" loop instead of reprinting the same line a whole bunch of times.

MORE:
You may also want to change the auto delete of the main download file to an option instead. This way you don't have to download the main exe again for a deffinition update. It took quite some time to download the file and would be more server friendly if the plugin saved the main file for the next update.... but these are just my observations.

To avoid confusion, allow me to point out, that the file hilander999 is refering to, is getantivir.cmd ... for vista64bit only...




The plugin works great, but you can add this fix, if you use Vista64...

- Hoest

There is runas at 2000/XP too. A similar example
Don't expect %CD% to match AVP Plugin folder by default.
Previous mentioned fix would solve a weak point.

And there is a 7-Zip Command Line Version http://www.7-zip.org/download.html
There is a 7za.exe, no *.dll.

O.5 online
- fully use of "fix path" provided by hilander999
- auto delete of the main download file becomes an option

@cdbob
i stay with the 7z.exe and its dll since 7za (command line version) seems not to handle extraction of the antivir_workstation_winu_en_h.exe file (sfx)

0.5a online:
- fixed inf for the 7zip (get back to non command line version)

@RED




That's why i used unrar.exe

Further nice job

But i have some improvements

download resource hacker and replace the icons in 7z.sfx
remove the avira.ico
This will add the icon as default icon of antivir.exe

Best regards,

Emiel

Thanks Emiel for the idea, it's done in the new 0.5b online now!

Always a pleasure to see you on the forum

@ReD

Just one question

Why use do you use system32\drivers path in the inf for avipbb.sys and ssmdrv.sys and not the ramdrive path ?

I use landesk packet manager to have a snapshot of the registry and the path of the files.
So i've built the inf from those informations which led to system32\drivers.

it sounds logical that those files are into this path since they are drivers but you are right too to say that they could be put on the ramdrive (got to modify the inf). what do you think about it?

(Don't read the following wrong, because you gave me credits in your plugin)

strange why.. did you change the other values to b:\programs\avp
because you said you've build the inf from scratch .. why did you decide to place those two in the system32 folder

I think the avi... file can be placed on the ramdrive like in the previous plugin of version 7 but the other file ssm.. i don't know

Will check it tomorrow

because when files must be placed on the cd .. the update function will only work 100% if the FBWF plugin is used

Futher the icon you used in the 7z.sfx is of poor quality

Best regards,

Emiel

As i was saying previously, sys files are put into system32 by the install programm.
I don't wanted to play with those and chosed the "secure way" so i put them here too on a pe system.

But the core programm files can be moved everywhere, since you can install it to a path of your choice.

I used the default ico of the antivir_workstation_winu_en_h.exe file ... i did not pay that much attention to this detail.

All the best

@ReD

must say one thing.. your plugin works great.. you saved me some time

Changes for avp.inf
remove these two lines
avipbb.sys=4,,1
ssmdrv.sys=4,,1

and change
From
0x2, "ControlSet001\Services\avipbb","ImagePath","system32\DRIVERS\avipbb.sys"
0x2, "ControlSet001\Services\ssmdrv","ImagePath","system32\DRIVERS\ssmdrv.sys"
to
0x2, "ControlSet001\Services\avipbb","ImagePath","\??\B:\Programs\AVP\aavipbb.sys"
0x2, "ControlSet001\Services\ssmdrv","ImagePath","\??\B:\Programs\AVP\ssmdrv.sys"

change the avp.cmd
from
Start /wait X:\i386\SYSTEM32\DrvLoad /d:x:\I386\system32\DRIVERS\ssmdrv.sys /n:ssmdrv /run /quiet
Start /wait X:\i386\SYSTEM32\DrvLoad /d:x:\I386\system32\DRIVERS\avipbb.sys /n:avipbb /run /quiet
to
Start /wait X:\i386\SYSTEM32\DrvLoad /d:b:\programs\avp\ssmdrv.sys /n:ssmdrv /run /quiet
Start /wait X:\i386\SYSTEM32\DrvLoad /d:b:\programs\avp\avipbb.sys /n:avipbb /run /quiet

remove these two lines from your getantivir.cmd
MOVE /y %ROOT%\AVPextract\basic\ssmdrv.sys %ROOT%\
MOVE /y %ROOT%\AVPextract\basic\avipbb.sys %ROOT%\

typo in getantivir.cmd, search for dowload and change into download
typo in avp.cmd, search for x:\programs\avp\antivir.exe x -ob:\Programs\avp\ -y 2>nul and remove the 2 before the >

it's also possible to make the antivir.exe extract silent if you like and this will also fix the poor quality icon
use 7zS.sfx from my version 7 plugin

Create a file called sfxconfig.txt which contains the following



change the avp.cmd
From
x:\programs\avp\antivir.exe x -ob:\Programs\avp\ -y >nul
To
x:\programs\avp\antivir.exe

and now i remember why i added the settings to my plugin, your plugin scans the BartPe enviroment realtime which makes a cd very slow..

For complete modifications download my latest plugin from http://www.emro.nl/bartpe

(Website and plugin says -> Plugin made by Ewieldra and ReD)

Best regards,

Emiel

haha!

i saw this coming all day long ur nick in this post...
countless edits....

already made the changes but somehow screwed up...

downloading and testing now the new plugin

@ ewieldra

I tried your new plugin, but my comp freezes totally, when I choose to start the services .. does anybody else have this problem??

Im not using XPE.


- Hoest

@Hoest,

i haven't tested in nu2menu only.. i assumed it would work because AntiVir 7 also works in nu2menu only because i'm using XPE

- Is your ramdrive drive B: ?
- Do you use Sherpya MkDirProfiles
- Which Service fails ?
- Could you place a pause remark after :_Yes3 en before net start AntivirScheduler and after the last net start in avp8.cmd
- Does the program work when you don't start the services ?
- Did you start from scratch, don't rename antivir.exe but completely start over

@Quippy

ReD plugin is also ok, the only thing his plugin really misses is the avwin.ini which holds the settings of AntiVir.. when using BartPe as a rescue disk .. it's very important not to scan the cd realtime because it will slow it down

Emiel

Yes my ramdrive is B.

Yes I use Sherpyas MkDirProfiles 1.2.

I don't know which service fails, because the computer freezes or goes into BSOD, when I try to start the services...

Yes the program runs fine when I start it without services.

Did I start from scratch?? errhh.. I downloaded your newest plugin yesterday (ReD and Ewieldra v2.8), and ran getantivir.cmd... It doesen't get much scratchier than that!!

- I will try the pause commands in the script, and then let you know how it goes... UPDATE: The crash is when either of the two net start runs ... but there seems to be a connection to the 4 sys drivers, when they are started, the crash happens just by launching avcenter.exe

Look, I don't need the services, can you tell me what to delete in the script, so I don't get asked to launch them ???


Regards

Hoest

I got it working ... by removing this part of :_Ask3




.. so the new :_Ask3 looks like this

@hoest

if my older plugin worked .. the problem should be in

Start /wait X:\i386\SYSTEM32\DrvLoad /d:b:\programs\avp8\ssmdrv.sys /n:ssmdrv /run /quiet

Because that's the only new driver in Antivir 8 it's a snapshot driver ..

Test 1
Could you try to remove this line only ?

If ReD his plugin worked 100% maybe you could try the following

Test 2

Change
0x2, "ControlSet001\Services\ssmdrv","ImagePath","\??\B:\Programs\AVP8\ssmdrv.sys"
to
0x2, "ControlSet001\Services\ssmdrv","ImagePath","B:\Programs\AVP8\ssmdrv.sys"


Thnx

Emiel

testing in vmware and nu2menu

everything is working but not starting even when i change the avp.cmd like hoest suggested its just not starting.
all the files are on B: no avp service started.
when i simply start the avcenter by browsing to the B: (ram drive) everything is working

i will try now Test 1


EDIT1:
ivdf_fusebundle_nt_en.zip: 20.16MB downloaded.

20.16MB in 1 files(s) downloaded. 0 error(s).
Done.
if was unexpected at this time.


ok something is wrong with the bat its maybe a typo *checking*

EDIT2:

if i dont update the virus definitions
everything is working and starting , no problems with the services at all
something is wrong with the cmd? cant figure out what atm....

EDIT3:
a command is missing in the avp.cmd Emiel
please change this line:



TO



its the "do" after the count command

@quippy

thnx

corrected

Best regards,

Emiel

thanks goes back to you!

yes the settings are really important

everything is working now even with the german version

ps: something big is coming from Emiel ... or the forum window was not closed

@ewieldra
here are some things you might find interesting:
the way exclusion is handled, no need to copy ini
i noticed too that those directories can be empty without any issue, so you can get ride of the "files" directory of the plugin, creating the entries with the avp.cmd script



html file needs those updates:
typo versio > version
add the getantivir.cmd clean option and description

Best.

@ReD

well done great improvement .. smart thinking

You can remove 7za-readme.txt from the license folder because you do not use the commandline version anymore

Here's a reduced version of your code but when i compare your code with the folders in my plugin, i think the folders do not need to be created .. they will be created automaticly..




Best regards,

Emiel

Are you 2 guys (ReD and ewieldra) working on the same plugin, or 2 seperate plugins now!!! ...

... hoest

@hoest

2 seperate plugins ..

The main difference between the two plugins is that i use another sfx technique

but working together

@ewieldra
i modded the avp.cmd quite much, may be you could look at it.
aimed to make it more simple to read/mod/understand

@hoest
another little difference is the way i handle the sys files, since i do keep them appart and move them into the system32\drivers

By the way, 0.8 is online

@ReD

i like the improvements in your avp.cmd (very very very good)

(typo Programm -> Program)

maybe we could improve the batchfile by adding some parameters this will eliminate the questions

something like

avp.cmd all -> download & update & start service
avp.cmd noservice -> download & update & don't start service
avp.cmd download -> only download
avp.cmd update -> only update
avp.cmd service -> don't download & don't update & start service

nice idea as usual! will try to do that in the next days if i got some spare time.

PS i send you a PM about your script.

Solution multiple parameters



saves you time

What about

yeah it also works

but it's an example code

there should be more code

something like this




maybe i should create this batchfile in autoit code.. with a little GUI

Hello to all people,I´m from Spain and I think that I have encountered the solution for all people having problems whit Avira services.Sorry for my English,perhaps my explanation was very dificult to explain for me and understand for you.
I have encountered a few mistakes(I think) in the avp.inf installer for AVIRA ANTIVIR PE Free v8,both,Red and Ewieldra plugin(it´s the same for the two plugin).
First of all.I don´t use this plugins in a Bart PE envirotment.The test and correction was made in a portable mode of Avira antivirus 8.

There are only one services that start and function correctly "Avira Snapshot Driver" (ssmdrv.sys)Why?The solution at the end.

At first time,the format of the avp.inf installer for PE isn´t compatible whit the standard from Microsoft Windows Driver Development kit(can´t be installed whit the righ-click "Install" option or whit "rundll32.exe setupapi.dll,InstallHinfSection" command),and I had to create one for this test.I use Total Uninstall to capture the registry changes and file creates in the process.The result is a reg file whit the same entrys that yours avp.inf file(I convert the reg file to a inf file whit Reg2Inf utility).
To explain more I´m going to post a small section of the reg file that correspond to AntiVirScheduler Service(sched.exe)



As you can view,the code is the same only whit one important diference(the other is the path to my install Dir "C:\PROGRAMAS\Avira\AntiVir PersonalEdition Classic\" in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler "ImagePath")
and yes,the hexadecimal values,but this isn´t important now

-Why you use the key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001 and not the correct
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet where all drivers and services are installed by default in all Microsoft Operative System(2000,XP...)?

-The 2º important question.The registry keys under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root can´t be
edited manually through Regedit or whit an reg or inf file.This key are created automatically when the related services are launched the first time.This key can´t be edited,deleted,modified manually.I have encountered that reading the Documentation Microsoft Windows Driver Development kit in MSDN site.

-3º and most important.Why the service don´t start?,in this case AntiVirScheduler Service(sched.exe).I ´ll made many changes,(format of the path,changing the Type service..nothing)but using the program DRVLOAD.EXE and installing and uninstall the service the AntiVirScheduler funtion.I compare the registry key changes made whit DRVLOAD.EXE and my captured reg file and !!!!TACHAN!!!!.The problem is the key "Enum" under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler.This key MUST HAVE TO BE CREATED WHEN THE SERVICES START FOR THE FIRST TIME.This key can´t be be aded whit a reg or inf file.
This is the problem whit programs to capture changes in the system.Only present the final result,and whit drivers and services this is a problem.The Microsoft documentation said that when a driver or services is installed,only create the key services name,not subkeys "Enum"(the subkey "Security" can be in the inf or reg if neded).This is the proces:
Start services------Create "Enum" key under services name---Create key "LEGACY_servicename" under CurrentControlSet\Enum\Root.That ´s.

This is the final reg file for this example



and this is the inf file


PD:The format of this inf file isn´t correct to use whit Bart PE(I think).You have to delete all entrys in key [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root]in your avp.inf file related to this 6 files:
LEGACY_ANTIVIRSCHEDULER,LEGACY_ANTIVIRSERVICE,LEGACY_AVGIO,LEGACY_AVGNTFLT,LEGAC
Y_AVIPBB,and delete
all "Enum" keys for every services in key [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ServicesName],you know
AntiVirScheduler,AntiVirService,avgio,avgntflt,avipbb.

And ssmdrv?No,this is OK,Why?.Read the last line of your avp.inf file.Can you view it?THERE IS NOT "Enum" key under \Services\ssmdrv!!!!.The solution was here all time!.
I corrected my inf file and all Avira components function O.K.I have encountered other few corrections that I´ll post later.This is very long.And sorry for my English.

NEW VERY IMPORTANT!!!!!
My test and this post was made in your 0.5 version,but I downloaded the new 0.8 and I encountered a few important errors!.
The "ImagePath" value in ALL ControlSet?\Services\ServicesName MUST BE IN THIS FORMAT if the service is a SYS file(driver):
"\??\ABSOLUTE PATH TO THE DRIVER",otherwise your path don´t function.
You can test it whit DRVLOAD.EXE,use a SYS driver,what you want(but not in System32\drivers dir) and install as a services.Go to registry and search
for the services that you created,and read the value of "ImagePath".
If the services is an EXE file you can use this format in the value:
"""ABSOLUTE PATH TO THE EXE"""