11 useful Antivirus ISOs all in one downloads

 In a fairly recent article, Jayro (the developer of Medicat) has provided a separate 7GB .zip file download of useful antivirus ISOs.

You can extract the contents to a Ventoy USB drive or to the root of an E2B USB drive (except for the two autorun files).

If you don't want to use Ventoy (because it will overwrite the \ventoy\ventoy.json file) then just copy the ISO files to the \_ISO\ANTIVIRUS folder.

Note that some of the ISOs do not support UEFI (Avast, Sophos,AVG and Comodo do not even contain EFI boot files). Jayro has disabled UEFI boot in the Ventoy configuration file because many of the others are problematic when attempting to UEFI-boot from them. Only DrWeb, Eset and MalwareBytes seem to UEFI64 boot using agFM.

Updated:

~ I actually downgraded the 2018 Malwarebytes Bootable WinPE to a 2016 version for added stability, it boots up WAY faster, uses much less RAM, and has a smaller file size. Has a startup sound with audio instructions to get you started. This older version is only temporary, until I have the time to build a proper one that's more up to date.

~ Minimum memory requirements have been reduced at the bottom of this changelog, to better reflect the memory needs of the included WinPE WIM files. Minimum RAM requirements below has dropped from 3GB down to 2GB, but you'll still want 4GB or more for comfortable usage. Luckily most modern PCs and laptops come with no less than 4GB these days.

~ Malwarebytes virus definitions to v2020.12.08.03

Add Medicat v21.01 to your E2B USB drive

 Medicat 21.01 is in the form of zip files for use with 7Zip and Ventoy. You are supposed to extract the contents to the first partition of a previously-made Ventoy USB disk. Instead, you can just copy all the files (except \autorun.inf and \autorun.ico) to the root of your E2B first NTFS partition and only use Ventoy to boot to Medicat. This will add lots of folders to the root however and you may overwrite the contents of your \ventoy folder which will affect your existing Ventoy theme and menu settings (if you have any).

See also: https://rmprepusb.blogspot.com/2022/01/quickly-add-medicat-2112-to-easy2boot.html

Remember to disable your AntiVirus first (and check that it does not 'quarantine' any files on the USB drive once you have completed the copy and re-enabled your AV).

Medicat v21.01 zip file contents

Then simply boot to Ventoy from the E2B USB drive.

Note that copying the Medicat files will also add the \ventoy folder to the first E2B NTFS partition which includes a ventoy.json file. This will change the Ventoy theme and also change the menu entry names. You may find it educational to look at the ventoy.json to see what it does because a few ISO mey require special settings.

I found that quite a few of the menu entries had problems UEFI-booting on my Lenovo IdeaPad - maybe you will have better luck...

The alternative would be to selectively pick only the ISO or WIM files that you want, and add them into the existing E2B menu folders. This means you don't need to boot to Ventoy.

In most cases you do not need to add any of the other files (some may require the ventoy.json if anything 'special' needs to be done to run the ISO using Ventoy - so you may need that too).

Medicat Mini Windows

To add the Medicat WinPE, we need the file:

\Boot_an_Operating_System\[UEFI]_Mini_Windows_10.iso

Copy the ISO file to the \_ISO\WINPE folder (for instance). 

You will also need to copy the following files and folders to the root of the E2B NTFS partition #1 as they are required by Medicat Mini Windows 10 too (the Mini_Windows_10.iso only contains boot files and the boot.wim file):

\Start.exe

\CdUsb.Y

\autorun.cmd (optional)

\PortableApps

\Programs

\System (optional)

To save a key press or two in the E2B and agFM menus, you can rename the extension to _.isodef.iso.

Issues?

• AntiVirus - MalwareBytes: UEFI64 does not seem to boot using Ventoy. Boots OK using agFM menu system and choosing .isowin or .isomap options however.
• Some other Windows ISOs also seem to have problems. Try .isomap option in agFM.
• Ventoy has problems with some payloads if testing using VirtualBox+VMUB but on a real system it usually works OK.
• If you have intermittent problems when booting large ISOs, etc. then try a USB 2 port or connect a USB 2 extension cable to the E2B USB drive so that only USB 2 speeds are used instead of USB 3 speeds.
• If you are using a USB 3 SSD device and experience problems, try using a USB Flash drive or USB spinning Hard Drive instead - I have seen some issues when booting some Linux distros (e.g. Slax) from a USB SSD (the USB drive is not detected by the kernel and  fdisk -l does not list the USB drive)!
• To boot using agFM, you may require > 4GB of RAM in the system.

Recommended for E2B: SanDisk Extreme Pro 3.1 (#ad)

Latest Windows update KB4535680 blocks agFM Secure Boot!

You can Secure UEFI64-boot to agFM on the E2B USB drive because it uses the Kaspersky bootx64.efi signed grub2 shim file. This boot file originated from Kaspersky and was signed by Microsoft as being 'Secure'. However, it contained a loophole which allowed us (via some clever programming) to load unsigned modules and hence an unsigned version of grub2 (e.g. grubfm or agFM or Ventoy, etc.).

A year or so ago, Microsoft released a KB Update which added a 'blacklist' entry into the UEFI BIOS non-volatile RAM of the Windows system UEFI firmware. This is called the DBx (or dbx) list and it can usually be found in your UEFI BIOS settings.

The DBx list was specifically intended for this purpose - to blacklist boot files which Microsoft had signed as 'Secure' but later turn out to be not as 'secure' as they thought!

The update provided by Microsoft immediately caused a lot of issues on certain Secure Boot OEM systems which also used this same EFI boot file (Lenovo?, HP?) and thus the update prevented them from booting after it was installed! Microsoft quickly withdrew the Windows Update and left their victims to try to rescue their secure but unbootable systems.

Now it seems Microsoft have tried again (KB4535680 2021-01-12) but the new Windows update is only applied to certain systems (and probably only those that boot via UEFI and have GPT partitions on the boot disk):

Add rEFInd to agFM

Clover identifies EFI files on all partitions.
You can also add your own menu entries if you wish.

If you want to add rEFInd to your Easy2Boot USB drive, then you can download the current rEFInd files to the \EFI\refind folder, rename the bootx64 and bootia32 .efi files and then simply add all the files to the 2nd FAT32 partition (agFM partition) of your E2B USB drive.

You can configure the rEFInd menu by editing the \EFI\refind\refind.conf text file.

Instructions

agFM 1.70b Beta and E2B v2.08a Beta available (BUGFIX for Blank screen on UEFI booting)

It has been reported that some notebooks such as the Lenovo IdeaPad S145 and ZYREX SKY 232 do not like the UEFI64 Kaspersky .EFI boot shim which agFM uses by default.

The Kasperksy .EFI boot file is signed by Microsoft and allows us to boot to agFM which then temporarily disables Secure Boot, thus allowing us to run agFM grub2 and boot from both signed and unsigned (insecure) ISOs and other boot files.

However, some systems will not UEFI64 boot to the Kaspersky+agFM boot files (even if Secure Boot is disabled in the BIOS). The reason for this is unknown.

Another problem with the Kaspersky shim is that it may be blacklisted by a Linux or Windows update which can add an entry into the BIOS's DBx blacklist EEPROM firmware list. This means that if Secure Boot is enabled in your BIOS on your system, it will not allow the Kaspersky EFI boot file to load and you may see some sort of 'Security Violation' error from the BIOS on boot. You can check your BIOS DBx list to see if has any entries (and clear the list).

The solution to both these issues is to remove the Kaspersky shim and this process is documented on this page in the Troubleshooting sections and in the FAQ page.

In these latest Beta versions, I have modified the E2B and agFM menu system so that you can enable or disable the Kaspersky shim by using a menu entry. If you remove the Kaspersky Secure Boot EFI file, you will not have the ability to secure boot to the agFM menu.

Update Instructions

agFM v1.70aBeta available

The latest agFM v1.70aBeta version now understands files with the new .binacpi file extension.

If you have a binary acpi file which you want to patch your BIOS with (for instance to try to get ACPI support working under XP using a DSDT.bin file), you can change the extension of your file from .bin to .binacpi.

It will then by listed in the agFM menu system and agFM will present you with this menu when the .binacpi file is selected:

E2B v2.07 is now released

 The latest version 2.07 is now live.

1. \E2B Launcher.exe application added

2. Add .ventoyignore dummy files to \_ISO\docs and \_ISO\e2b folders for faster Ventoy startup

Why not treat yourself?

Having problems booting UEFI payloads with E2B, Rufus, Ventoy, etc.?

Maybe you didn't get the present you really wanted at Xmas or you are just feeling depressed at having to stay indoors during Covid Lockdown? Then why not treat yourself to an IODD Mini SSD  CD\DVD emulator (#ad).

This small device fits easily into any pocket and being SSD-based it is robust, light and fast.

In case you didn't get the memo - the Mini can not only load any ISO as a virtual DVD drive, but it can load up to FOUR different VHDs at the same time! That means you can have any four USB disks you like. Each disk can contain multiple partitions, so you can have four different complete OS's on those disks and boot to any of them (not counting the SSD disk itself). You can also set each Virtual disk to be a Removable USB device and thus emulate a USB Flash drive instead of a USB HDD (or up to four USB flash drives).

If you copy on an empty file with a .VHD extension (or any file) and select it - you now have a blank 'disk' which you can install anything you like onto (after partitioning it and formatting it like any other blank disk).

Do you have many small bootable USB drives, each with a different payload? Then why not just convert each one to a .VHD file (e.g. using RMPrepUSB - Disk to File) and store them on the IODD?

Note: VHD files are  just disk images. The file needs to be contiguous.

Of course, it can't do fancy stuff like auto-install Windows, apps, drivers and updates using user XML files like E2B can with SDI_CHOCO, it can't attach a persistence file to an ISO and boot the live ISO with persistence, it can't Secure-boot boot non-secure ISOs, it can't run ISOs that were actually designed to be extracted onto a flash drive rather than boot as a liveCD, it doesn't contain PassPass or UtilMan XML files to bypass Windows account logins and all the other good stuff that E2B+agFM+Ventoy can do - BUT the good news is you can simply add E2B+agFM+Ventoy onto it!

Prices are around $130 for the 256GB version. You know you deserve it :-)

agFM v1.69 and 'Ventoy for Easy2Boot' v1.0.32 released

 agFM v1.69 and 'Ventoy for Easy2Boot' v1.0.32 are now released and will be automatically downloaded when you make a new E2B USB drive or run the appropriate \e2b\Update agFM cmd files to update agFM and Ventoy.

eBook #4 for agFM has been revised and updated for the new F1 and F5 menu structure in agFM. Updates are free - just use the link in the original email receipt from Payhip.

E2B v2.07 will be released soon - the only changes to E2B are the new E2B Launcher utility and the addition of some .ignoreVentoy dummy files to speed up booting to the Ventoy menu.

Please donate!

If you use E2B+agFM+Ventoy, please donate something to a1ive and LongPanda who are the developers of grubfm and Ventoy. They deserve at least a cup of coffee for all their excellent hard work which they provide for free! Think where we would be if we didn't have these utilities to use on modern UEFI systems!

'Ventoy for Easy2Boot' v1.0.32 with UEFI32 support now available

 Ventoy now supports UEFI32 (experimental) as well as UEFI64.

I have compiled a version for Easy2Boot from the v1.0.32 Ventoy sources.

To update your E2B USB drive...