Tuesday, 26 April 2016

Add ESET antivirus with persistent updates to E2B (Take 2!)

The method used in the previous blog uses an ISO with an ext3 file for the updates volume.

Here is a different method using a partition image. The two methods are similar and they both only work with MBR-booting (UEFI-booting is not supported by ESET SysRescue).


1. First make a ESET SysRescue USB flash drive using the utility provided by ESET in the normal manner. Boot it to check it works. This process is for the linux version only.

2. Run RMPrepUSB and select the ESET flash drive and then press CTRL-O - 2

This will swap over the partitions on the ESET Flash drive so that partition 2 becomes partition 1 and is accessible to Windows. In Explorer, you should now see lots and lots of files on the ESET flash drive.

Note: On the latest versions of Windows 10, this step is not required as both partitions should be accessible in Windows Explorer already. Earlier versions of Windows only showed the first partition.

3. Drag-and-drop the ESET Flash drive letter\icon in Explorer (e.g. G:) onto the  MPI_FAT32 Desktop shortcut and follow the prompts to make an eset.imgPTN file on your PC hard drive somewhere.

4. Select the ESET flash drive and run RMPrepUSB - Drive-File - Filename= C:\eset - Start=P3 - Length=P3 - File position = 0

This makes an image of the entire 200MB P3 partition which contains the ext3 filesystem and any update files.

Note: Your ESET flash drive will still work, but you may like to restore the original partition order by repeating the instructions in this step (i.e. CTRL-O - enter 2 as before).

5. Copy the eset.imgPTN file and the eset file to your E2B USB drive \_ISO\ANTIVIRUS folder.


You can use a different name, but you must use the same name for the other file too, e.g.


6. Switch to the eset.imgPTN partition (e.g. using \_ISO\SWITCH_E2B.exe)

Make sure that both images are detected and switched in.

7. Add the following lines to the very bottom of the large CSM \menu.lst file that is now on the E2B USB drive:

title ESET SysRescue \n Start ESET System Rescue
kernel  /vmlinuz boot=casper live-media=/dev/disk/by-uuid/%UUID% quiet splash --
initrd  /initrd.lz

If you wish you can tidy up the CSM menu and remove the unwanted entries that won't work, now or at a later time. You can delete all the entries below the two comment lines:
and delete all the CLOVER entries too, because there is no EFI support.

Make sure you do not delete the first menu entry which restores the E2B partitions!

timeout 3 and default 8 used here (gaps count as menu entries!)

Now you should find that you can MBR-boot and the updates are persistent.

Let me know if you try this and what the results are!

  • You can use the file extension  .imgPTNAUTO to remove the warning messages when you select the eset.imgPTN file and you can add a  timeout 3  line to the top of the \menu.lst file so that it auto-boots within 3 seconds and change the 'default 2' line further down as required.

    timeout 3
    (more lines here)
    default 2         (<<<change the number to select the ESET menu entry)
  • If you change the name of the eset.imgPTN file, you must also change the name of the eset file to match or you can use a .txt file to change the E2B menu entry for it.