73 replies to this topic

[steve6375]

Did you see my post here - explains why it was so much trouble!

[Wonko the Sane]

Did you see my post here - explains why it was so much trouble!

You talkin' to me?

http://www.imdb.com/...&item=qt0252592

 
If yes, please consider how the given method posted by cdob seemingly is IDENTICAL to the results of your tests:
http://reboot.pro/to...b4dos/?p=150776
 
or at least I cannot see any meaningful difference , and that is the reason I am asking.

What cdob says:

• #tag file /liveusb required
• root=live:CDLABEL=KRD10 rootfstype=auto vga=791 init=/init kav_lang=en udev liveimg splash quiet doscsi nomodeset

What cdob DOES NOT say:

• DO NOT change the label of the USB stick to KRD10 

What you say:

• liveusb (empty file) must be present!
• root=live:CDLABEL=KRD10 rootfstype=auto vga=771 init=/init kav_lang=en udev liveimg nomodeset
• change the label of the USB stick to anything BUT "KRD10"

 

 

Wonko

[Motasem]

ok ok ok dont fight steve and wanko take it easy

 

well after all this i must post my successful experiments

---------------------------------------------------------------------

first of all the first problem was in my usb !!! where i dont know because after we reach dead end me and steve and others try to help i have JUST reformat the usb with "remprepusb" and the krd iso works without any more modfications or new menu commands becaise first it was formated with EPM.....

so i got now 2 working menus first one with oading iso file Auther @cdob

-----------------------------

title Kaspersky Antivirus

#http://support.kaspe...cuedisk?level=2

#tag file /liveusb required

set KRD10ISO=/rescue/rescue.iso

set kernel=(222)/boot/rescue root=live:CDLABEL=Verbatim rootfstype=auto vga=791 init=/init kav_lang=en udev liveimg splash quiet doscsi nomodeset

set initrd=(222)/boot/rescue.igz

cat --length=0 %KRD10ISO% > nul || find --set-root --devices=hf %KRD10ISO%

#continuous ISO file

map %KRD10ISO% (222) && map --hook > nul && kernel %kernel% && initrd %initrd% && boot

#fragmented ISO file

#RAM load CD including kernel and initrd - simplified LBA /boot/system.map

set CDsec=7000

set /a HDsec=4 * %CDsec% > nul

echo CD sectors %CDsec% HD sectors %HDsec%

map --mem (md)0x6400+%HDsec% (222)

map --hook > nul

dd if=()%KRD10ISO% of=(222) bs=2048 count=%CDsec%

kernel %kernel%

initrd %initrd%

boot

--------------------------------------------------------

and the next menu with based on flat file's ( iso extracted ) is from the great steve6375

title Kaspersky Antivirus backup copy
uuid () > nul
set UUID=%?%
echo %UUID%
kernel /rescue/boot/rescue  root=live:UUID=%UUID% rootfstype=auto vga=791 init=/init kav_lang=en udev liveimg splash quiet doscsi nomodeset
initrd /rescue/boot/rescue.igz

---------

but i see that steve made the usb lable dynamic based on the command

 uuid () > nul
set UUID=%?%
echo %UUID%

 

so my point is loading iso with cdob works untill now but on my usb so i guess if i get another usb with def LABLE i may face the old problem...i didnt test yet but i will and report

 

thank you all

[moklo]

hopefully these steps answers your question if KRD is updatable.....

 

all i can say is YES!  very much.

 

READ HERE

 

     

 

 

thanks to Kaspersky for the tutorials

Edited by moklo, 23 March 2013 - 10:48 PM.

[Motasem]

yes updatable with steve scripe for updating iso and cdob menu entry

 

or you can use steve way for booting flat file without iso but when need of updating it will take time to copy all these small update files ( anyway no need to boot flat file coz krd dont update his own files hes so stupid to copy them over C drive !!!

so if they fix this and i have already email them for that i will use flat file booting

Edited by Motasem, 23 March 2013 - 10:57 PM.

[cdob]

root=live:CDLABEL=KRD10

The manufacturer uses this for the ISO file at USB.
http://support.kaspersky.com/8092

"KRD10" is the label inside the ISO image rescue.iso.
Rescue disk mounts the file /rescue/rescue.iso and use the label "KRD10" next.


Another issue is the flat file booting: use USB disk label for CDLABEL and flag file /livecd.
Rescue disk dosn't support flat files at USB disk.
Singnature files are copied to hard disk nontheless.
Update the files inside Rescue disk.
Copy updated files to USB disk yourself.

[steve6375]

If I mount the rescue.iso in Windows using Virtual Clone Drive, it has a volume label of 'Kasperksy Rescue'.

Also, I can use any CDLABEL and it works (as long as the CDLABEL does not match the volume label of the USB drive).

Also, if my USB drive has a volume label of 'KRD10' then your menu (below) does not work.

 

title Kaspersky Antivirus
set KRD10ISO=/rescue/rescue.iso
set kernel=(222)/boot/rescue root=live:CDLABEL=KRD10 rootfstype=auto vga=791 init=/init kav_lang=en udev liveimg splash quiet doscsi nomodeset
set initrd=(222)/boot/rescue.igz
cat --length=0 %KRD10ISO% > nul || find --set-root --devices=hf %KRD10ISO%
map %KRD10ISO% (222) && map --hook > nul && kernel %kernel% && initrd %initrd% && boot

[cdob]

If I mount the rescue.iso in Windows using Virtual Clone Drive, it has a volume label of 'Kasperksy Rescue'.

Then Virtual Clone Drive is broken.
Read the ISO image itself:
sector 16 holds the Primary Volume Descriptor, there is Volume Identifier (BP 41 to 72)
Kaperky uses 'KRD10' as Volume Identifier. Windows list this field as label.

Also, I can use any CDLABEL and it works (as long as the CDLABEL does not match the volume label of the USB drive).
Also, if my USB drive has a volume label of 'KRD10' then your menu (below) does not work.

Thanks for the testing. There is strange behaviour.

Back to main question:
How to configure Kaspersky Rescue Disk to get updates written to USB disk?
Any chance to set CDLABEL and flag files /liveusb and /livecd?

[steve6375]

My rescue.iso has label of 'Kaspersky Rescue' - the text KRD10 does not appear in the whole ISO file (except for linux cfg menu entries.) I think it came from Kasperksy Windows 'make CD' tool which downloaded the ISO from the web directly.

 

I don't think it is possible to get the updates to work from a USB drive. The best I can do is to copy the folder from the hard disk to USB drive after updates have been done, and the copy it to the new hard drive of a new system.??

[Motasem]

yes cdob thats what i did ... i add tow menu entries for iso file and for flat file and for update i update the iso file then mount it and delete old update files in usb and then copy new update files
\rescue\backup

\rescue\bases

\rescue\LiveOS

\rescue\BASES.ID

\rescue\KRD.VERSION

-------------------------------

cdob "Copy updated files to USB disk yourself"

 

this's something i have made i hope it help maybe need some fix's but i give it a try

 

after updating the iso at local folder/drive

using FileDisk by Bo Branten

 

install FILEDISK fome here ( http://www.jeffothy....unter 1.2.1.zip ) install and move to next step

 

make a file "copy-updates.bat" and copy all below the line in it and Save

------------------

@echo off

REM mount cd

filedisk /mount 1 "%LOCALDRIVE%:\%FOLDER%\rescue.iso" /cd x:

xcopy /E x:\rescue\*.* %USBDRIVE%:\%USBFOLDER% /Y

pause

filedisk /umount x:

---------------------------

notes ( read carefully ) MUST CHANGE
%LOCALDRIVE:\% = the drive in your computer where you hold the folder of krd

%FOLDER% = where you save the rescue.iso after updating with steve6375 script (http://www.rmprepusb.../kasperkyrescue) 1B

%USBDRIVE% = the drive "letter" for your bootable krd USB

%USBFOLDER% = the folder inside the usb called rescue where the update files will be copied /or you can delete this if you use the root usb

 

for example i use this

---------------

@echo off

REM mount cd

filedisk /mount 1 "e:\krd\rescue.iso" /cd x:

xcopy /E x:\rescue\*.* i:\rescue /Y

pause

filedisk /umount x:

---------------

i hope this help some lazy ppl don't like to copy manual

Edited by Motasem, 24 March 2013 - 01:11 PM.

[cdob]

My rescue.iso has label of 'Kaspersky Rescue'

That's another ISO image, created locally, not downloaded.
Do you use this http://agnipulse.com...e-disk-updater/

How do set a always working menu.lst entry?
Read the label name from rescue.iso
Read the label name from USB stick, but use a changed CDLABEL
Use a fake random CDLABEL
 
 

"Copy updated files to USB disk yourself"

Create a flat file Rescue Disk at USB disk.
Boot Rescue Disk, update signature files. Scan the machine.
Reboot to windows, copy C:\Kaspersky Rescue Disk 10.0\bases_rd\" to <USB:>\rescue\bases\
Delete C:\Kaspersky Rescue Disk 10.0\

[Motasem]

yes i know that but im talking about updating the usb while ur on windows without the need to reboot and boot from krd and at this way you get tow copies of updated krd  the iso file and flat file so your updating tow of your menu entries

 

PS: u must copy all not only bases_rd in case kaspersky updated anything els look after update in BASES.ID file u'll see that date has changed so if u only update the bases u will run krd and it will ask for update because he dont have the new index of updated files !

Edited by Motasem, 24 March 2013 - 02:13 PM.

[cdob]

you get tow copies of updated krd  the iso file and flat file so your updating tow of your menu entries

Delete the iso file, use flat file only.

yes i know that but im talking about updating the usb while ur on windows

Read diskupdt.bat
http://agnipulse.com...e-disk-updater/

Adjust to sync from ftp server
http://sourceforge.n...ojects/ftpsync/ http://filezilla-project.org/
http://goodosoft.appspot.com/?p=150713
ftp://ftp.downloads1.kaspersky-labs.com/bases/av/kdb/i386/
ftp://ftp.downloads1.kaspersky-labs.com/bases/av/emu/

[Wonko the Sane]

The manufacturer uses this for the ISO file at USB.
http://support.kaspersky.com/8092

"KRD10" is the label inside the ISO image rescue.iso.
Rescue disk mounts the file /rescue/rescue.iso and use the label "KRD10" next.

Sure , and the attempt by Steve6375 to label the USB stick volume as "KRD10" most probably "breaks" the mounting because the USB stick volume is checked first and conflicts with detecting the .iso.

This is what I was trying to highlight/clarify. 

The news that steve6375  provided are that *any* random (CD/.iso) label or UUID works ok (still as long as they do NOT correspond to the USB stick volume label) which should mean that either the Label or the UUID are needed to "initiate" the search for the .iso, which is then found no matter what label or UUID is specified, as long as the search is NOT interrupted by finding the label or UUID of the stick before "reaching" the .iso.

 

Wonko

[steve6375]

that would make sense, except that the text "KRD10" does not appear as a byte string inside the whole rescue.iso that I was testing with (except in cfg files), yet it still did not work when I specified a CDLABEL of KRD10. I can understand that it may be hard coded and compressed somewhere in the ISO, but I don't understand why I cannot see KRD10 as a volume label in the ISO (unless it is stored in a different byte format - e.g. unicode???).  

 

Furthermore, I can change the CDLABEL to any name (except that of the USB drive) and it still works...

[Wonko the Sane]

that would make sense, except that the text "KRD10" does not appear as a byte string inside the whole rescue.iso that I was testing with (except in cfg files), yet it still did not work when I specified a CDLABEL of KRD. I can understand that it may be hard coded and compressed somewhere in the ISO, but I don't understand why I cannot see KRD10 as a volume label in the ISO (unless it is stored in a different byte format - e.g. unicode???).  

Maybe (actually "for sure") there is inside the initrd (which is normally a CPIO compressed archive) a directive.
 
In pseudo code there could be in the initrd something loosely similar to :
 
 

find --set-root Label=KRD10  || find --set-root /whatever_tag_file
ls ()/whatever_else_tag_file || abort

 
i.e. the idea is to find first thing a volume labeled KRD10 OR (ALTERNATIVELY) find a volume containing a given "tag file", and, later, re-check for the existence on that volume of the same or other "tag file".
 
Such an approach would explain nicely the behaviour you observed.
 
A (wild) guess could be that there was an original check made of:
 

find --set-root Label=KRD10 
ls ()/whatever_else_tag_file || abort

that was later "expanded" to take care of people re-mastering (or whatever) the original .iso and changing it's label.
 

Wonko

[moklo]

finally, i found the solution to make Kaspersky Rescue Disk up to date and updatable.

 

CLICK HERE TO READ 

 

just go to last post.

 

[Motasem]

well it looks like it is downloading to the HDD C: volume...

Have you tried copying the C:\Kaspersky Rescue 10 folder to the USB drive and see if it picks it up on the next boot?

well for this steve im trying to figure out the programing of krd to know why he copy the files at C: ( it just make no sense because we r booting from flat file with updates included and OS image )  drive and i have an idea to boot krd on pc without HDD so lets see where he will write the files !!! if so he did it on usb then i will try to make it mandatory. ( static path )

its just idea i will test and see and report.

[cdob]

to figure out the programing of krd to know why he copy the files at C: ( it just make no sense because we r booting from flat file

@steve and moklo
Thanks for this approach.

This fails at flat file, but works at ISO image file.

Some variations:
Create Kapersky Rescue Disk ISO image at USB disk.
And create a empty folder "\Kaspersky Rescue Disk 10.0" to the USB disk.
Updates are NOT stored to C: at booted rescue disk.
Rescue Disk uses this folder at USB disk to expand signatures and to store updates.

The file \rescue\rescue.iso can be edited: remove scan signature files

rem a Rescue Disk 10 ISO image mounted to I:
mkisofs -J -U -D -V KRD10 -x bases -x BASES.ID -x KRD.VERSION -x backup -x grub -x boot.cat -o \rescue\rescue.iso I:\

And create a empty folder "\Kaspersky Rescue Disk 10.0" to the USB disk.
Boot to Rescue Disk and update scan signature next. Updates are stored at USB disk and can be used at next machine.

[steve6375]

What do you mean by fails with flat file? Do you mean it still creates the update folder on the hard disk if you use a flat file?

[Motasem]

can you explain more the step of

 

"The file \rescue\rescue.iso can be edited: remove scan signature files

rem a Rescue Disk 10 ISO image mounted to I:
 mkisofs -J -U -D -V KRD10 -x bases -x BASES.ID -x KRD.VERSION -x backup -x grub -x boot.cat -o \rescue\rescue.iso I:\"

[cdob]

What do you mean by fails with flat file?

Rescue Disk flat files at a USD disk with label USB_KRD

root=live:CDLABEL=USB_KRD

A folder \Kapersky Rescue Disk 10.0\ is created at internal hard disk.
Updates are stored at internal hard disk.


root=live:UUID=%UUID% : a folder \Kapersky Rescue Disk 10.0\ is created, updates are stored at internal hard disk
\liveusb tag file added : a folder \Kapersky Rescue Disk 10.0\ is created, updates are stored at internal hard disk


Rescue Disk 10 ISO file and \Kapersky Rescue Disk 10.0\ at USB disk:
Rescue Disk 10 prefers a folder \Kapersky Rescue Disk 10.0\ at internal hard disk.
Seems to search all available disks and selects a existing c:\Kapersky Rescue Disk 10.0\

Delete a folder \Kapersky Rescue Disk 10.0\ at internal hard disk first.
Boot Rescue Disk 10 from ISO file: \Kapersky Rescue Disk 10.0\ at USB disk is used.

I wonder:
boot Kapersky Rescue Disk 10 form a real CD and add USB disk with "\Kapersky Rescue Disk 10.0\"
 

can you explain more the step of

Idea: signature files inside IOS images are obolete, save space, hence load all siganture files whitin booted rescue disk.

Download Kapersky Rescue Disk 10 ISO image to hard disk.
Mount the Rescue Disk 10 IOS image to a virtual CD drive, e.g. ImDisk
Download mkisofs, open a command promt, change directory to USB disk, lauch the command.

Not tested:
mount the iso at httpdisk http://www.acc.umu.se/~bosse/
http://reboot.pro/to...ole-waik-first/

Be aware: boot loader grub is removed too.
Map the ISO image at grub4dos or grub2, load kernel and initrd as previously stated at post #3.

Or use a GUI ISO editor. No, I can't recommend one.

[mr-roboto]

Read the entire thread and tried the Rescue2USB mechanism for persistent updates and it worked.  Didn't like the final package, as it was not consistent w/ my existing project, SuperDisc.  Have come up w/ a more satisfactory solution and I'm in the process of testing it but will share to see if I'm completely nutz or not.
 
My latest SuperDisc UFD is set up via GParted, as I had easy access to it from an existing Linux on the disc and Windows 7 supports only the most simplistic partitioning of UFDs.

 

1. I split the UFD P1: NTFS 4GB (size is non-essential), labelled KRDATA;  P2:  ext2 3GB (actually the remainder of the UFD), labelled SUPERDISC_2.
2. Made the SUPERDISC_2 partition active, also via GParted.
3. I copy my current SuperDisc to UFD, which includes the KRD files extracted as is from a recent, but not the latest ISO
4. Make the SUPERDISC_2 partition bootable using extlinux
5. Reboot from the new SuperDisc UFD and launch KRD
6. Perform the obligatory update (which is stored on the C: drive of test PC)
7. Reboot but launch another (PCLinuxOS) distro
8. Move C:\Kaspersky Rescue Disk 10.0 to the KRDATA partition on the UFD
9. Reboot and relaunch KRD
10. KRD should report up-to-date definitions.

 

Anyway, that's my story and I'm stickin' to it, until someone can prove I'm wrong. What I've observed since formulating this hypothesis, is that KRD will accept manually downloaded updates (via KLUpdater), converting them into a new C:\Kaspersky Rescue Disk 10.0. Each time I've moved this folder to KRDATA, KRD will boot reporting fresh updates. In fact, during the most recent test, KRD correctly indicated that the most recent scan had been terminated early.

 

Don't know if this works for anyone else.  Personally, it isn't my  ideal approach, which would directly inject the update diffs into /rescue, but I can live with this until Kaspersky changes the KRD again.  Later....

[mr-roboto]

Was wondering if someone else would confirm that replacing the bases sub-dir under /rescue with bases_rd from the /Kaspersky Rescue Disc 10 folder will provide a working KRD CD/DVD. I'm actually typing from my manually updated KRD DVD, which seemed to scan normally. The two folders seem to be about the same size, so it would appear to be possible to easily keep all of one's rescue media thoroughly up-to-date,,,,