Monday, 25 April 2016

Add ESET antivirus ISO with persistent updates to E2B (revised!)

For a different method using a .imgPTN file, please see the  next post!
______________________________________________________________________________

E2B can boot the ESET System Rescue ISO easily, but each time you have to download the latest updates which can take a while.


The current ESET disk eset-sysrescue.1.0.9.0.enu.iso does not support UEFI booting, but here is how to MBR-boot with persistence for updates, direct from the .iso file:



ESET ISO + PERSISTENCE

You will need a working, ESET SysRescue flash drive.

1. Copy the eset-sysrescue.1.0.9.0.enu.iso file to the \_ISO\ANTIVIRUS\MNU folder (or any standard menu folder at the 3rd level down - e.g. \_ISO\MAINMENU\FRED)

2.  Run RMPrepUSB and select the ESET flash drive and run Drive-File - Filename= C:\eset - Start=P3 - Length=P3 - File position = 0. This makes an image of the entire 200MB P3 partition which contains the ext3 filesystem and any new update files.

3. Make a .mnu file as below using Notepad, and copy it to the same folder as the .iso file.

NEW VERSION! Note lines in red!

\_ISO\ANTIVIRUS\eset-sysrescue.1.0.9.0.enu.mnu

# Place this .mnu file and the ISO in either \_ISO\MainMenu\MNU or \_ISO\ANTIVIRUS\MNU
# This menu will work even on an NTFS USB boot drive
# IMPORTANT: you MUST run WinContig (Ctrl+F2) before booting E2B.

iftitle [if exist $HOME$/eset-sysrescue.1.0.9.0.enu.iso] Eset PERSISTENT\n Boot using .mnu file with persistence
set ISO=$HOME$/eset-sysrescue.1.0.9.0.enu.iso
set PER=/eset

uuid () > nul
set UUID=%?%

if exist CD echo WARNING: Cannot use partnew command! && pause && configfile (bd)/menu.lst
if "%E2BDEV%"=="" set E2BDEV=hd0 && pause E2BDEV forced to hd0!
#enable parttype output
debug 1
# make empty table entry in 3rd position in ptn table
parttype (%E2BDEV%,2) | set check=
debug off
set check=%check:~-5,4%
if "%check%"=="0x00" partnew (%E2BDEV%,2) 0 0 0
if not "%check%"=="0x00" echo $[0x0c]WARNING: PTN TABLE 3 IS ALREADY IN USE - PERSISTENCE WILL NOT WORK! && pause
debug 1
if not exist %PER% echo $[0x0c]WARNING: %PER% file not found! && pause
errorcheck off
if "%check%"=="0x00" partnew (%E2BDEV%,2) 0x0 %PER%
errorcheck on
#map ptn 4 to ISO
partnew (%E2BDEV%,3) 0x0 %ISO%
map %ISO% (0xff)
map --hook
root (0xff)
# to allow grub4dos access, set partition type
parttype (hd0,2) 0x83
clear
echo
# We need a lib folder with updates, or updates will not work!
if not exist (hd0,2)/lib/em000_32.dat echo -e $[0106]WARNING: %PER% does not contain updates! && pause
# reset ptn type as not neeed for linux and prevent E2B complaining after reboot!
parttype (hd0,2) 0x0
kernel /casper/vmlinuz boot=casper live-media=/dev/disk/by-uuid/%UUID% persistent quiet splash --
initrd /casper/initrd.lz
boot

You should now have on your E2B USB drive:
\_ISO\ANTIVIRUS\MNU\eset-sysrescue.1.0.9.0.enu.iso
\_ISO\ANTIVIRUS\MNU\eset.mnu    (any name will do!)
\eset

4. Boot to E2B - Antivirus Menu and select the  new Eset PERSISTENT menu

5. At the ESET desktop, first accept the Licence Agreement by selecting the two options and clicking 'I accept'



Now, any updates you make will be persistent.


The .mnu file will be added to the \_ISO\docs\Sample mnu Files\Linux folder in the next version of E2B.


8 comments:

  1. Hi, have tried this guide and the YouTube video but am unable to get persistence to work using ESET. I get the No updates warning from the code below. I have copied and pasted the above code as my .mnu and also tried the example .mnu for ESET in the docs foder.

    I have confirmed that Partition 3 contains the updates (/lib/em000_32.dat) on the original ESET boot drive I created (approx. 210Mb of 300Mb in use after updates) and the file created is the same size when Drive->File completes (although I;m not sure how I could mount this /ESET file to double-check, but for whatever reason it isn't seeing the updates when ESET boots through Easy2Boot.

    # We need a lib folder with updates, or updates will not work!
    if not exist (hd0,2)/lib/em000_32.dat echo -e $[0106]WARNING: %PER% does not contain updates! && pause
    # reset ptn type as not neeed for linux and prevent E2B complaining after reboot!

    Great bit of software though, first one I've found which makes booting multiple windows ISOs a snap.

    Cheers

    ReplyDelete
  2. Are you saying that the ***ONLY*** error message you see from E2B is
    WARNING: /eset does not contain updates!

    ReplyDelete
    Replies
    1. P.S. You can use 7zip to open and examine the \eset file.

      Delete
  3. P.P.S. Did you add the persistent keyword? It seems to be missing from the example in the Sample mnu Files\Linux .mnu file!

    ReplyDelete
  4. Hi Steve,

    thanks for the replies.

    If I open my Eset file in 7Zip then I can see the lib\em000_32.dat file and the other em0xx files. Nice tip :)

    The only error I get when booting is the "WARNING: /eset does not contain updates!"

    If you mean the persistent keyword as in this line below, then yes, although this appears after the check for em000_32.dat?

    kernel /casper/vmlinuz boot=casper live-media=/dev/disk/by-uuid/%UUID% persistent quiet splash --


    Here is my current .mnu that isn't seeing the updates (from G:\_ISO\ANTIVIRUS\MNU)

    # Place this .mnu file and the ISO in either \_ISO\MainMenu\MNU or \_ISO\ANTIVIRUS\MNU
    # This menu will work even on an NTFS USB boot drive
    # IMPORTANT: you MUST run WinContig (Ctrl+F2) before booting E2B.

    iftitle [if exist $HOME$/eset-sysrescue.1.0.9.0.enu.iso] Eset PERSISTENT\n Boot using .mnu file with persistence
    set ISO=$HOME$/eset-sysrescue.1.0.9.0.enu.iso
    set PER=$HOME$/ESET

    uuid () > nul
    set UUID=%?%

    if exist CD echo WARNING: Cannot use partnew command! && pause && configfile (bd)/menu.lst
    if "%E2BDEV%"=="" set E2BDEV=hd0 && pause E2BDEV forced to hd0!
    #enable parttype output
    debug 1
    # make empty table entry in 3rd position in ptn table
    parttype (%E2BDEV%,2) | set check=
    debug off
    set check=%check:~-5,4%
    if "%check%"=="0x00" partnew (%E2BDEV%,2) 0 0 0
    if not "%check%"=="0x00" echo $[0x0c]WARNING: PTN TABLE 3 IS ALREADY IN USE - PERSISTENCE WILL NOT WORK! && pause
    debug 1
    if not exist %PER% echo $[0x0c]WARNING: %PER% file not found! && pause
    errorcheck off
    if "%check%"=="0x00" partnew (%E2BDEV%,2) 0x0 %PER%
    errorcheck on
    #map ptn 4 to ISO
    partnew (%E2BDEV%,3) 0x0 %ISO%
    map %ISO% (0xff)
    map --hook
    root (0xff)
    # to allow grub4dos access, set partition type
    parttype (hd0,2) 0x83
    clear
    echo
    # We need a lib folder with updates, or updates will not work!
    ls (hd0,2)/lib/
    pause
    if not exist (hd0,2)/lib/em000_32.dat echo -e $[0106]WARNING: %PER% does not contain updates! && pause
    # reset ptn type as not neeed for linux and prevent E2B complaining after reboot!
    parttype (hd0,2) 0x0
    kernel /casper/vmlinuz boot=casper live-media=/dev/disk/by-uuid/%UUID% persistent quiet splash --
    initrd /casper/initrd.lz
    boot

    Cheers

    ReplyDelete
  5. Is the ESET file at G:\_ISO\ANTIVIRUS\MNU\ESET ?
    You have a ls (hd0,2)/lib/ command - so does it list the em000_32.dat file?
    If so then the 'if not exist' line should not show any warning. It makes no sense!
    If it did show a warning, it should show 'WARNING: /_ISO/ANTIVIRUS/MNU/ESET does not contain updates'
    not '/ESET does not contain updates'?
    Have you double-checked the name of the file em000_32.dat ?? 0 not o or some other mismatch maybe?


    ReplyDelete
  6. Ahh, that was me mucking around trying to confirm the files were in ESET, before your 7Zip tip.

    So I've done some more testing. I've created another, virgin, E2B USB disk (16Gb USB2.0) using v1.A9i (was using 1.A8 previously) and copied across my existing g:\_ISO\ANTIVIRUS\MNU files in their entirety, made the drive contiguous, and this one boots OK with no warnings about ESET updates. Unfortunately the ESET software doesn't run in the GUI. So I think I've goosed something somewhere on my original USB disk (64Gb USB 3.0)

    I've flattened my original USB disk (64Gb 3.0) and started again, but although no issue seeing the updates at boot, ESET itself doesn't load in the interface. If I rename my ESET file, it boots (without updates) and ESET runs OK and I get to the Licence Agreement.

    Looking at my ESET file in 7Zip I see "Warnings: Headers Error
    There are some data after the end of the payload data" so even though the files are there and now being detected maybe still an issue with my ESET file.

    However, at least we know it was me and not the instructions

    Thanks for all your input on this - appreciated.

    Name: lib
    Folder: +
    Size: 205 401 885
    Packed Size: 206 260 224
    Mode: drwxr-xr-x
    Modified: 2019-02-11 16:26:04
    Accessed: 2019-02-11 11:12:40
    iNode: 64513
    Links: 3
    User: 0
    Group: 0
    Folders: 5
    Files: 48
    ------------------------:
    Size: 216 964 893
    Packed Size: 217 874 432
    Folders: 9
    Files: 54
    ------------------------:
    Path: F:\USB Disk\_ISO\ANTIVIRUS\MNU\ESET2
    Type: Ext
    Warnings: Headers Error
    There are some data after the end of the payload data
    Physical Size: 312 557 568
    Tail Size: 3 072
    Cluster Size: 1 024
    Free Space: 85 848 064
    Modified: 2019-02-11 16:25:50
    Created: 2019-02-11 10:46:17
    Mount Time: 2019-02-11 16:25:50
    Last Check Time: 2019-02-11 10:46:17
    Host OS: Linux
    Revision: 1
    inode Size: 128
    Code Page: UTF-8
    Label: ESR-USB-DAT
    Last Mounted: /mnt/eset-live-rw
    ID: 57378FC35FCD4427A34844BE4C8D8FD7
    Characteristics: HAS_JOURNAL EXT_ATTR RESIZE_INODE DIR_INDEX
    Incompatible Features: FILETYPE RECOVER
    Readonly-compatible Features: SPARSE_SUPER
    Written KiB: 293784

    ReplyDelete
  7. It may be worth making another fresh ESET file using RMPrepUSB. First make sure you original ESET flash drive still works and do an update using it. Shutdown ESET linux nicely. Then make a new ESET file from the update partition as directed and copy it to your E2B drive.
    P.S. The 'errors' reported by 7zip may be normal for this type of file?

    ReplyDelete