Lately while browsing through pages of XDA, I came across a nice idea they have brought up very recently. They are calling it as XDA Assist. Let us learn from horse's mouth.
The mission of XDA Assist is to provide basic help to those who have tried searching but can't find what they are looking for and need assistance. This is not a "helpdesk" providing technical assistance but more to point you in the correct direction with your problem. Perhaps you can't find posts on how to root your phone, install custom recovery or maybe you have questions about how to navigate and use features on the site.
Our XDA Assist team will give you links to threads/forums that are relevant to your problem. You may be pointed towards guides and instructions that can be quite complex, so you will still need to read carefully and be cautious before attempting to make software changes to your device. It is essential you are in the correct forum for your device model; what works for one can ruin another.
Just to add to the Welcome of the XDA Assist forum, please notice we have a group of Recognized Contributors, that have been establish and trained to help/assist Members with their questions.
The "Gate Keepers" if you will, these RC's that have been trained and positioned here on duty for the XDA Assist Forum, to provide those needing assistance. Now these RC's will open the Gate for you and provide you the links needed for your issues. They will not make the travel with you, as "Gate Keepers" they will stand their duties here, you must make the travel into the Forums to learn on your own, it is your Device you seek Development on....But rest assure there will be more RC's and very helpful Members in the Forums we provided to you, they will provide more assistance if you require.
Now these established RC's with the blue tag only, under the Profile names are the only Members that should be providing links/assistance in these XDA Assist Forums.
I ask any and all other RC's to refrain from posting within these thread of the XDA Assist. We thank you for seeking in providing to this Forum, but as mentioned, there is required training that goes along with the blue tag these RC's have and additionally any other Members we also thank you, but again please allow the XDA Assist Staff to address the issues here.
How about opening a similar section in out board an employ the Italian Finder on duty?
Some time ago I had found a 'USB.zip' from http://windowsforum.kr/review/5665807 . But this link is currently not working. Within 'USB.zip' I have found following files which are looking modified version of BOOTMGR and BCD.
BDF7MBR -> \Boot\BDF
BIS7MGR -> \Boot\BIS
BTP7MGR -> \Boot\BTP
INSTMGR -> \Boot\BCD
I want to modify 'BOOTMGR' and 'BCD' as follows. But I don't know how to do this ?
If anybody know about how to modify 'BOOTMGR' and 'BCD' in above fashion then please help me........
Note- I know I can create (bootmgr1 ,bootmgr2 , bootmgr3....) and (bc1, bc2 ,bc3....) by using 'zbootmgr.exe' . but I want a method/tool other than 'zbootmgr.exe'.
TechTalk is a forum where people can talk about computers, operating systems, hardware and other things related to technology. You can visit this forum at: http://tech-talk.ml/. Thank you.
FiraDisk File/RAM Disk driver for Windows. From discussion in Shao's topic GRUB4DOS RAM Disk Recognized by RAMDISK.SYS, I try making a Windows driver to read GRUB4DOS' drive map table and use GRUB4DOS RAM drives in Windows. This driver is the result. It emulates SCSI adapter and disk. It can use RAM disk loaded by GRUB4DOS in Windows. Shao's driver WinVBlock can also use GRUB4DOS's RAM drives. You can visit his thread for more detail.
This driver is not suitable for people who are not familiar with making and manipulating disk image or don't know how to use GRUB4DOS. It may take a long time to study about them depending on each person.
What is this driver for ? When your Windows has problem running or is infected with viruses, it is difficult or sometimes impossible to fix it from within windows itself. Options to fix it or recover data from it would be - Boot DOS. You can get data from FAT partition. With some add-on you may be able to access data in NTFS partition. - Use Linux or other OS to access your data with some limitation in its NTFS features. - Windows PE run from CD or USB drive - Remove harddisk from the computer and put it in another computer with Windows installed. You can access NTFS partition, scan virus, modify registry, create partition, delete partition, format, install new Windows in existing NTFS partition without formatting.
Windows PEs created from Winbuilder are useful for data recovery and manipulation of harddisk partition. They are normally run from CD-ROM. If you don't want to burn CD, or the computer you want to run it on don't have CD-ROM drive, another option is run from USB drive.
GRUB4DOS has ability to load disk image to RAM and create RAM drive for use in DOS, Windows 98. You can boot DOS, Windows 98 in RAM. Newer Windows based on Windows NT cannot use GRUB4DOS RAM drive unless you have driver for it. With FiraDisk driver you can use GRUB4DOS RAM drive in Windows XP-7. It can be used to boot Windows.
If you have FiraDisk integrated in PE ISO. It is possible to use GRUB4DOS to load PE from ISO file into RAM and run PE from RAM. When you run Windows from RAM. You can use your recovery tools, antivirus, partition managers to modify your harddisk. You can also delete/rename some folders (Document and Settings, Program Files, Windows) and reinstall Windows in old NTFS partition without deleting your data files and don't get old and new files mixed. You can store multiple ISO files on the same drive and choose it in GRUB4DOS at boot time.
Platform: Can run in - Windows XP 32-bit - Windows Server 2003 32-bit - Windows 7 32-bit - Windows 7 64-bit (Test Mode)
Test-signed 64-bit driver is included. If you want to test it in Windows Vista or Windows 7 64-bit, you must enable TESTSIGNING Boot Configuration Option before you install this driver. If you don't want to be warned about unknown publisher, you may install my self-signed test-signing root certificate before you install this driver. TestSignRootCA.reg ( 4.78K )
Status / change log - Sector-mapped virtual drive is not supported. v0.0.1.30 - Added: boot option indicates that the virtual drive is required for booting. v0.0.1.28 - Added: Read options from GRUB4DOS RAM drive. v0.0.1.26 - Fixed: CD-ROM emulation in Windows 7. - Fixed: BSOD when unloaded. - Added: Allow disabling detection of GRUB4DOS and Memdisk by settings in registry. - File-backed virtual drive "cdrom,file=..." does not work in Windows XP-2003 text-mode setup. But "cdrom,vmem=..." works. v0.0.1.24 - Find disk image file without knowing drive letter of backing drive. ( use find:\ instead of <drive letter>:\ ) v0.0.1.22 - It is possible to boot Windows XP in disk image file. v0.0.1.20 - Detect MEMDISK (v3.86) RAM drive. - Test SSE2 memory copy code. v0.0.1.16 - Fix: Slow transfer speed of RAM drive. - Bug: Cannot boot Windows XP setup from RAM CD-ROM. v0.0.1.12 - Fix: Windows Server 2003 compatibility. - Fix: Can read hexadecimal number (0x12345678) in boot option parameters. v0.0.1.10 - Virtual floppy disk drive. - New "physicalmemory" boot option keyword. - Bug: Cannot read hexadecimal number in boot option parameters. v0.0.1.8 - File-based drives can be created using /firadisk boot.ini option. - Fix: Detection of GRUB4DOS' RAM CD-ROM. v0.0.1.6 - Bug: Incorrect detection of size and address of GRUB4DOS' RAM CD-ROM. v0.0.1.4 - Support multiple virtual drive. - Support CD-ROM ISO loaded with GRUB4DOS. - No floppy drive emulation. Floppy disk image mapped to (fdx) will appear to be removable disk. v0.0.1.0 - Support 1 virtual hard drive that has been loaded with GRUB4DOS's map --mem command. - Windows XP can run from virtual hard drive in RAM.
Planned features in future versions: - Add/remove drives from CLI or GUI.
value StartOptions type REG_SZ
data = list of drive description to create separated by semicolon.
Example: disk,vmem=find:\file1.img;cdrom,vmem=find:\file2.iso;floppy,vmem=c:\file3.img;disk,vmem=c:\file4.img,size=1052835840
There are 3 types of virtual drive : disk, cdrom, floppy
There are 3 main types of media/image :
file=path : File read/write. vmem=path : Memory mapped file. vmem without path : Allocate from virtual memory (RAM+pagefile).
Optional parameters
offset=number size=number heads=number sectors-per-track=number ro : read-only boot : indicate that the virtual drive is required for booting Windows.
If file does not exist and size is specified, new file will be created.
If file exists but is smaller than offset+size, it will be extended.
value DisableDetectGrub4dos type REG_DWORD
value DisableDetectMemdisk type REG_DWORD
value DisableDetectedRAMDrives type REG_DWORD
0=enable 1=disable
value StartOptions same format as above.
You can write to this value at first stage of Windows XP setup by using TXTSETUP.OEM section [Config.FiraDisk].
value PnP type REG_DWORD
0=Create new FiraDisk Enumerator device at startup. 1=Don't create new FiraDisk Enumerator device.
GRUB4DOS RAM drive
Create a small RAM drive with drive number between 0-127 and write FiraDisk options to it.
Begin with [FiraDisk] (case insensitive)
followed by \n
then StartOptions=data\n
and end with \0.
Backslash is escape character in write command.
You can use / instead of \ in data field. When FiraDisk read this data, it will convert / to \ automatically.
Example:
Firadisk driver installation instruction for Windows XP
Spoiler
method 1. Use "Add Hardware Wizard" 1 Double-click "Add Hardware" icon in Control Panel. 2 Next 3 Yes, already connected ... Next 4 Scroll down and select lowest item "Add a new hardware device". Next 5 Install ... manually select ... (Advance) Next 6 SCSI and RAID controllers Next 7 Have Disk... 8 Type the path or Browse to directory that contains FiraDisk driver OK 9 select FiraDisk Virtual Disk Enumerator Next 10 Next, (Continue), Finished
method 2. Use devcon utility if you have devcon.exe. devcon install firadisk.inf root\firadisk
method 3. (v0.0.1.6) Right click firadisk.inf, select Install. FiraDisk will start at next boot time. When Windows prompt you to install driver for the new firadisk device, just follow the instruction on screen.
After installation you can see ONE "Firadisk Virtual Disk Enumerator" device node in Device Manager. If you install multiple times and have more than one "Firadisk Virtual Disk Enumerator" device, right-click and select Uninstall.
Test FiraDisk with GRUB4DOS mem drive (non-boot drive)
Spoiler
Install FiraDisk driver in Windows.
Install GRUB4DOS in a hard disk or whatever.
Make a hard disk image and place it in root directory
boot into GRUB4DOS
create map --mem drive and load bootsector or NTLDR
Example menu.lst
Test FiraDisk with GRUB4DOS mem drive as boot drive
Spoiler
Brief instruction
Install FiraDisk in Windows before making image or cloning Windows
Use another Windows installation (or other OS) to clone Windows to image file
If you use NTFS compression, make sure ntldr in image file is not compressed
If image file have different MBR signature or offset to partition, adjust registry in image file.
load hive \Windows\system32\config\system,
goto key MountedDevices, value \DosDevices\C:
change the data to match MBR signature and byte-offset to partition of disk image
unload hive
Boot from GRUB4DOS
Example menu.lst
timeout 3
default 0
title hdd.img
map --mem (hd0,0)/hdd.img (hd0)
map --hook
root (hd0,0)
chainloader /ntldr
title commandline
commandline
How to create/mount raw disk image with FiraDisk 0.0.1.12 (updated 2009-09-30) Not very convenient though.
Spoiler
Create/Mount image with firadisk 0.0.1.12
1.1 Set FiraDisk StartOptions
In registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FiraDisk,
create value StartOptions type REG_SZ
data "disk,vmem=image-file-path,size=size-in-bytes" for creating new image file, or openning existing image file
or "disk,vmem=image-file-path" for openning existing image file
1.3 Delete value StartOptions from key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FiraDisk
to prevent FiraDisk from auto-mount image file after restart.
Has someone ever installed XP to a VHD image located on a FAT partition? It seems that the driver cant find the VHD file on FAT or FAT32 file system. The installer doesnt list the virtual disk, and if I install xp to an image laying on ntfs, then copy it to fat partition, I get 0x7b (boot drive not accessible) error.
I installed ubuntu 12.04 on a usb flash drive using unetbootin but I don't get a desktop when it boots I get a linux terminal window - how do I launch the desktop?
searched around and wasn't able to consolidate informations, so decided to ask here.
I'm looking for solution which help me to instruct this scenario:
1- I will boot from bootable media, an external USB storage is presumed, a portable windows, preferably win7PE will bootted
2- in startup of this winPE I will put an executable file which will open a menu, this menu will offer different images of the windows which captured by acronis or ghost from differnet computers
3- I will choose the one I want and then just by click on that image from menu, acronis or ghost start to install that image on the PC.
so I need a win7PE with acronis plugin in it and some script to automate the recovery procedure.
I have win7PE, also downloaded acronis plugin script but there is no lucid tutorial about how to join them togheder and which command are availabe to automate acronis recovery process.
any help or link to useful articles is indeed appreciated,
I am new to dual boot systems, I was running win7 and installed ubuntu 12.04 from a usb key using UNetbootin. I chose the option to have a dual boot installation so I get a screen that asks which system I want when I start up. It has worked fine so far.
My question is... how does this system really work? From Ubuntu I can see and access everything in my Win7 folders. But when I run Win7, I see no indication of where the Ubuntu files are if I search using windows explorer. Where are they? Should I be able to access the Ubuntu files from Win7 like I can Win7 files from Ubuntu?
Final question.
If I have an external hard drive that I only use about 1/3 of for backup of Win7 files, could I have installed ubuntu on this drive so it is entirely contained on the external drive so I don't have top worry about any interference between the 2 OSs ? Should this be a concern at all?
Under a normal OS environment, I can only hit 32 instances of a particular application until the GDI/USER object heap is exhausted. This can be bypassed by creating and using new user accounts. Do these limits still apply under a PE? I understand that WinPE probably doesn't give you the opportunity to create separate user accounts
I have been installing Windows from USB sticks for years, even going back to XP.
I used to keep around 6-10 flash drives handy with different images on them. I've used RMPrepUSB to make a multi-ISO USB before, which is awesome.
That said, here are some things I have been searching for answers on.
What USB 2.0 flash drives are you using for the best speed? I was getting Patriot Xporter Boost drives since they were reasonably cheap and very fast. They aren't available in USB 2.0. I've narrowed hundreds of drives down and think I am going to get some Super Talent Pico drives... unless you guys can swing me a different direction.
As far as USB 3.0 drives, what's the deal? I have yet to install Windows 7/8 from one, even if it is used on a USB 2.0 controller. In once case, Windows installed, but it wouldn't make the drive bootable. Even booting to Command Prompt to use bootrec/bcdedit/diskpart didn't work. So, I stopped buying and trying to use 3.0 drives as boot disks. Why is this so different?
I am just now getting into UEFI booting since I picked up an Ultrabook and have been tinkering with a Hackintosh install. Is it possible to make a RMPrepUSB multi-ISO drive that can be UEFI AND Legacy boot? I am very curious on this... One drive to rule them all would be awesome.
File Name: SetMACE File Submitter: joakim File Submitted: 04 Dec 2011 File Updated: 04 Aug 2014 File Category: Security
This is an advanced filesystem timestamp manipulating tool. Some interesting features;
- Support for files and directories. - Complete 64-bit timestamp (including the nanoseconds). - Native 64-bit OS support (as well as 32-bit). - Complete support for both $FILE_NAME and $STANDARD_INFORMATION timestamps, without workarounds. - Clone timestamps from a second file (removed in v1007). - Dump all filesystem timestamps (4 x $STANDARD_INFORMATION and 4 x unlimited $FILE_NAME)... - Dump timestamp information from within shadow copies. - Damn hard to detect a manipulated timestamp..
From the readme.txt:
This is an advanced filesystem timestamp manipulation tool, originally inspired by good old timestomp. This version is NTFS only, and both $STANDARD_INFORMATION and $FILE_NAME attributes are supported. In later versions there is no longer any dependency on NtSetInformationFile. That means it is completely based on resolving the filesystem structures inetrnally and writing a modified MFT record back directly to physical disk. There is also support for unlimited $FILE_NAME attributes, but is restricted to what fits inside an MFT record (not spread across $ATTRIBUTE_LISTS). In earlier versions, only the $FILE_NAME attribute was modified by physical disk writing, but now also $STANDARD_INFORMATION. However, be sure to have read the warning below!
The $FILE_NAME attribute can be present twice, giving it 8 possible timestamps. Short filenames have only 1 $FILE_NAME attribute (4 timestamps) whereas files with long filenames have 2 $FILE_NAME attributes (4+4 timestamps). If links (for instance hardlinks) are present, even more $FILE_NAME It's all supported.
Parameter explanation; - Parameter 1 is input/target file. Must be full path like C:\folder\file.ext
- Parameter 2 is determining which timestamp to update. "-m" = LastWriteTime "-a" = LastAccessTime "-c" = CreationTime "-e" = ChangeTime (in $MFT) "-z" = all 4 "-d" = Dump existing timestamps (in UTC and adjusted for timezone configuration)
- Parameter 3 is the wanted new timestamp. Format must be strictly followed like; "1954:04:01:22:39:44:666:1234". That is YYYY:MM:DD:HH:MM:SS:MSMSMS:NSNSNSNS. The smallest possible value to set is; "1601:01:01:00:00:00:000:0001". Timestamps are written as UTC 0.00 and thus will show up in explorer as interpreted by your timezone location. Note that nanoseconds are supported.
- Parameter 4 determines if $STANDARD_INFORMATION or $FILE_NAME attribute or both should be modified. "-si" will only update timestamps in $STANDARD_INFORMATION (4 timestamps), or just LastWriteTime, LastAccessTime and CreationTime (3 timestamps) for non-NTFS. "-fn" will only update timestamps in $FILE_NAME (4 timestamps for short names and 8 timestamps for long names). "-x" will update timestamps in both $FILE_NAME and $STANDARD_INFORMATION (8 or 12 timestamps depending on filename length).
Note: Directories are also supported just like regular files. Since version 1.0.0.10, where a kernel mode driver has been implemented, most of the restrictions put on earlier version are now removed.The restrictions that was limiting SetMace in previous versions:
Since nt6.x Microsoft blocked direct write access to within volume space (like \\.\PhysicalDrive0 or \\.\E:): http://msdn.microsoft.com/en-us/librarry/windows/hardware/ff551353(v=vs.85).aspx In order to do so it was necessary to dismount the volume first, effectively releasing all open handles to the volume. However, this was of course not possible to do on certain volumes (for instance on the systemdrive or a volume where a pagefile existed). Theefore SetMace could not be located on the volume to be modified. The solution to make all this work the proper way is to implement a driver that can set the SL_FORCE_DIRECT_WRITE flag on the Irp before sending it further: http://msdn.microsoft.com/en-us/library/windows/hardware/ff549427(v=vs.85).aspx That way, there is no need to dismount the volume, and thus even the systemdrive can be modified. All this, did not apply nt5.x (XP and Server 2003) and earlier. With 64-bit Windows, Microsoft implemented another security measure, "PatchGuard", to protect the kernel in memory as well as preventing the loading of unsigned or test signed drivers. Of course Windows does not natively ship with a driver allowing to circumvent the security features just mentioned. That leaves 3 possible options for using SetMace on a live 64-bit nt6.x OS (all other Windows OS's are fine):
Boot with TESTSIGNING configured and use a test signed driver.
Crack patchguard (and then no need for TESTSIGNING configuration) and use an unsigned or test signed driver.
Find a way to use a properly signed driver (maybe next version).
Since the driver in this version is test signed, we need to choose either 1 or 2. Both work equally well, and in fact as of today4. August 2014, "PatchGuard" is still officially cracked and unpatched (google KPP Destroyer).
Dumping information with the -d switch From version 1.0.0.9 the -d switch will also dump timestamp information from the target volume, as well as from present any shadow copies of that volume. So if the volume that the target file resides on, also have shadow copies, the -d switch will also dump information for the same MFT reference for every relevant shadow copy. Matching shadow copies are identified by the volume name and serial number. The dumped information includes filename, parent ref, sequence number and hardlink number to help identify if the same file actually holds a particular MFT ref across shadow copies.
Warning: Bypassing the filesystem and writing to physical disk is by nature a risky operation. And it's success is totally dependent on me gotten SetMace resolving NTFS correctly. Having said that, I have tested it on both XP sp3 x86, Windows 7 x86/x64 and Windows 8.1 x64, on which it works fine. This new method of timestamp manipulation is a whole lot harder to detect. In fact, I can't think of any method, except the presence of this tool, and by comparison of some other artifact (like a shadow copy, and maybe $LogFile on not so heavily used volumes). The earlier versions that used the "moce-trick" and/or NtSetInformationFile would leave traces in the $ogFile. I wil still call this version experimental. I take no responsibility for any loss of data by the usage of this tool! Use only for educational purposes in non-productional environments!
Limitation Since Windows 8, an option was added for formatting NTFS volumes with MFT record size of 4096 bytes. Currently SetMace will throw an error and then exit if such a volume is attempted at. However, it is rather trivial to add support for, so maybe in a future release.
Examples; Setting the CreationTime in the $STANDARD_INFORMATION attribute: setmace.exe C:\file.txt -c "2000:01:01:00:00:00:789:1234" -si
Setting the LastAccessTime in the $STANDARD_INFORMATION attribute: setmace.exe C:\file.txt -a "2000:01:01:00:00:00:789:1234" -si
Setting the LastWriteTime in the $FILE_NAME attribute: setmace.exe C:\file.txt -m "2000:01:01:00:00:00:789:1234" -fn
Setting the ChangeTime(MFT) in the $FILE_NAME attribute: setmace.exe C:\file.txt -e "2000:01:01:00:00:00:789:1234" -fn
setting all 4+4 timestamps in the $FILE_NAME attribute for a file with long filename: setmace.exe "C:\a long filename.txt" -z "2000:01:01:00:00:00:789:1234" -fn
setting 1+1 timestamps ($MFT creation time * 2) in the $FILE_NAME attribute for a file with long filename: setmace.exe "C:\a long filename.txt" -e "2000:01:01:00:00:00:789:1234" -fn
Setting all 4+4 (or 4+8) timestamps in both $STANDARD_INFORMATION and $FILE_NAME attributes: setmace.exe C:\file.txt -z "2000:01:01:00:00:00:789:1234" -x
Setting the LastWriteTime in both $STANDARD_INFORMATION and $FILE_NAME attribute of root directory (defined by index number): setmace.exe C:5 -m "2000:01:01:00:00:00:789:1234" -x
Dumping all timestamps for $MFT itself: setmace.exe C:\$MFT -d or setmace.exe C:0 -d
I'm interested in loading freedos under grub2 and attaching a virtual floppy to it
The aim being to have a folder on the disk containing several tar.gz files, each of which would show up as a menu entry - such that it is quick to add a new dos utilities (i.e. several different bios update files)
Below are a few different theoretical examples to append wdidle3.exe into FDSTD.288.imz
menuentry "memdisk FDSTD.288.imz" {
loopback loop /bootisos/wdidle3_1_05.img
linux16 /boot/grub/memdisk # magic : append files from (loop)?
initrd16 /bootisos/FDSTD.288.imz
}
menuentry "concatenate initrd" {
# wdidle3_1_05.img fat16 img containing wdidle3.exe
linux16 /boot/grub/memdisk
# magic : memdisk to accept concatenated images
initrd16 /bootisos/FDSTD.288.img \
/bootisos/wdidle3_1_05.img
}
menuentry "concatenate files" {
loopback loop /bootisos/FDSTD.288.gz
loopback loop1 /bootisos/wdidle3_1_05.tar.gz
# magic : new grub2 command? to build ramdisk
# append files from (loop) and (loop1)
freedos (rd)/kernel.sys
}
menuentry "wimboot FDSTD.288" {
loopback loop /bootisos/FDSTD.288.gz
loopback loop1 /bootisos/wdidle3_1_05.tar.gz
linux16 /boot/grub/wimboot
# magic : rewrite wimboot to !bootmgr
# it'd be possible to loop over all files in loop+loop1 and append automatically
initrd16 \
newc:kernel.sys:(loop)/kernel.sys \
newc:command.com:(loop)/command.com \
newc:wdidle3.exe:(loop1)/wdidle3.exe
}
Oh my. This is very pretty and impressive. Take a look at the Windows Triage Environment if you haven’t done so yet. It is nice to see work continuing work being done to improve upon WinFE.
this forum is awesome, nowhere else have i found such detailed and insightful nitty-gritties about booting, windows in particular. so here is my idea
As you all know, windows supports only booting from a GPT disk in UEFI, but not in BIOS. But GPT is definitely a lot better, and cleaner. So can we do something about that?
The sequence of booting in Windows 7 (for now, later we can look at 8) : is
We already have syslinux MBR which can setup a GPT reading MBR code... after which the VBR code need not be touched.... and then we come to bootmgr.
Is it not possible to modify bootmgr to be able to read GPT? Windows can certainly understand GPT, just that it hasn't shipped with a compatible bootloader. I checked winload.exe, and it does check for "EFI PART" GPT header signature, but dunno if it's positive or negative match it's checking for. winload might be difficult to patch, but maybe it won't mind it....?
I'm a noob at system programming, but have a fairly good idea about the process... But I defer to the experts here.... What say?
Some time ago when trying to make a workaround for the old and buggy amibios, like Dietmar's ntdetect.com for nt5.x, I made this special bootmgr. It had a bcd store embedded in itself and was launched directly from memory without searching for it on-disk. It never really solved any issues and I cannot come up with any real life usage for it. But I thought maybe someone would find it interesting anyway, and so I prepared a patcher for those who are curious. If you do a diff and try to locate anything, you will be dissapointed. But if anybody is interested, I will try to recall what I did and post it (it was a few months ago).
The embedded bcd is a minimal one that only supports flat booting of nt6, both WinPE and non-WinPE. Booting off a wim is broken, although an antry is present in the embedded BCD. The resulting bootmgr is based off version 6.1.7600.16385 and is added the file extension of bcd.
