Quantcast
Channel: Reboot.pro
Viewing all 6812 articles
Browse latest View live

master boot record virus and grub4dos USB drive

0
0

hi reboot community

my USB flash drive boot to the first hard disk with this command

title Boot from Hard Disk
map (hd1) (hd0)
map (hd0) (hd1)
map --hook
rootnoverify (hd0)
chainloader +1

the problem is

if my hard disk contain mbr virus 

this destroy the mbr of the usb drive 

and its hang on Try (hd0,0) 

so i mast install grub4dos mbr again to usb flash drive 

and didn,t boot to hard disk until boot to any antivirus

rescue CD and remove master boot record virus

this is USBInfo with start sector 0 that destroyed with the hard disk infection with master boot record virus 

http://www.mediafire.com/view/po9cux437fz27g4/USBInfo.Txt

 

how i can solve this proplem

 

 

 


Script for Karyonix's FiraDisk

0
0
Hi All,

I would like to thank Karyonix for his wonderful driver, as being discussed in the thread here: http://www.boot-land.net/forums/index.php?...pic=8804&hl=

I am attaching a FiraDisk script for livexp. Thanks to Lancelot for the encouragement. Hope this helps.

Update on Sep.6 :

Tested the following:

BootSDI NOT used. ImDisk B: drive is part of the build.

With XP sources (versions 0.0.1.10 and 0.0.1.12) :
1. Booting Livexp from a Firadisk Livexp Iso (menu.lst):
title LiveXP-Firadisk-ISO

map --mem (hd1,0)/test_img.img (hd3)

map --mem (hd1,0)/pmagic-4.3.iso (hd32)

map --mem (hd1,0)/minlex/ISO/LiveXP.iso (0xFF)

map --hook

chainloader (0xFF)
2. Booting Livexp from cd with non-boot Firadisk defined using grub4dos.
3. Booting firadisk LiveXP.iso over network using tftpboot/grub4dos.
4. Booting from a RAM hard disk image.
5. Amalux complete package (with and without bootsdi).

With Win2k3 sources (version 0.0.1.12):
1. Booting Livexp from a Firadisk Livexp Iso
2. Booting from a RAM hard disk image.

Here's what works:

1. Booting Livexp from RAM Disk
2. Exlporer works, all partitions are recognised with drive letters
3. Non-boot RAM CD Rom works
4. Non-boot RAM Disk Works
5. Device Manager shows FiraDisk Virtual Disk Enumerator and the RAM CDRom and Disk.
6. Disk Management recognises the drives
7. Formatting the RAM hard disk works
8. Check http://www.boot-land.net/forums/index.php?...hl=livexp++tips for Disk Management Partitioning workarounds.
8. "sc query firadisk" shows firadisk is running
9. PXE booting with tftpboot works with LiveXP.iso.


What needs to be noted:

1. The firadisk driver date and version info is suppressed from the Device Manager (to prevent frequent changes to the script). User needs to click on Driver Details to get that information.
2. When you click on the Firadisk Virtual Disk Enumerator in Device Manager, you get an error message before you can continue.
3. When booted from a Firadisk iso, there will be a dummy cdrom RAM drive in addition to X:.

When a newer version of firadisk is released, please download and use the custom file or use the available 0.0.1.12 version included in script.


Latest script attached:

Attached Files

How to transfer control from bootmgr (host-store) to 'grldr/grldr.mbr' and/or bootmgr (vhd-store) inside VHD ?

0
0

Hello Everyone......

 

Suppose I have a single partition on the host with a bcd store and bootmgr (host-store), and a VHD file also has 'grldr/grldr.mbr' and/or

{bcdstore and bootmgr (vhd-store)}, and I want to boot my system as follows:

 

1. PC boot from host-store
2. Transfer control from bootmgr (host-store) to 'grldr/grldr.mgr' and/or bootmgr (vhd-store) inside VHD

3. 'grldr/grldr.mbr' and/or 'vhd-store' will take control over and execute 'Easy2Boot' files within from VHD

 

Is it possible to implement any one of following boot sequence ?

 
1-  C:\bootmgr -> C:\boot\bcd -> C:\Easy2Boot.vhdx -> \grldr -> \menu.lst -> Easy2Boot
2-  C:\bootmgr -> C:\boot\bcd -> C:\Easy2Boot.vhdx -> \bootmgr -> \boot\bcd -> \grldr -> \menu.lst -> Easy2Boot
 
Please suggest any other possible alternative if above boot sequence will not be possible to implement.............
 

Thanks & Regards.......

Boot "any" ISO image or boot "all" ISO images ...

0
0
TANSTAAFL:
http://en.wikipedia.org/wiki/TANSTAAFL

There Ain't No Such Thing As A Free Lunch

Myth: Any .iso is the same as another one, thus you can boot "any" .iso

Fact: Each and every .iso has it's own peculiarities. For each sigle, specific .iso a single, specific solution may be found ;). (or may be NOT ;))

Generally speaking:

The problem is the "ANY" .iso.

Very little has changed since this thread:
http://www.boot-land.net/forums/index.php?showtopic=808

In a nutshell:
ALL DOS based .iso usually work or can be made to work easily
SOME Linux based .iso work, ALL of them can be made to work (not so easily)
ONLY RAMDISK (from Server 2003 SP1 or R2, NOT "gold", NOT SPS2 - limited to 512 Mbyte images) NT based images are known to work

This is not "limited" by grub4dos or other bootmanager, but by the actual way the .iso images are built and, in the case of NT based images, by the lack of a suitable driver.

With plenty of RAM there is a Commercial Ramdisk driver capable to go over the 512 Mb limit.

In other words, there is not (yet) a one-size-fits-all solution, each .iso has it's own "story" and needs "particular" attention:

  • some work "as-they-are"
  • some need a few, easy changes
  • some need complex, difficult/undocumented changes (and a solution may even not exist yet)

Of course there are "families" of similar .iso's, thus it is very possible that an existing solution, working for one of the "members of the family" can be used succesfully for another "members of the family", but there is actually no guarantee that it will work, the exception being DOS based .iso images, that usually ALL work when mapped via grub4dos (hd32) or (0xFF) mapping or equivalent Syslinux/memdisk method.

There is a specific thread RESERVED FOR REPORTS OF SUCCESSFUL SETUPS using the (hd32) or (0xFF) mapping approach:

grub4dos, .iso images and (hd32) or (0xFF) mapping
Post here ONLY reports of working setups!

http://www.boot-land.net/forums/index.php?showtopic=5041

If the "whatever" .iso you want to boot is not in that list, do SEARCH on the Forum for your specific .iso/product/OS BEFORE starting a new thread.

Please DO NOT start yet another generic "How do I boot a .iso image?" kind of thread, we already have several of them, in time we became fond of them, and don't want them to be put in the background by "new arrivals" ;)

Again, generally speaking:

For Windows 2K/XP/2003 based builds you need a RAMDISK based .iso build (search for keywords BootSDI, RAMDISK.SYS, Firadisk, WinVblock) AND read, before anything else, and attentively this seemingly unrelated thread:
http://www.boot-land.net/forums/index.php?showtopic=4952
AND links given within it to get a general idea of the RAMDISK booting approach.
In any case they are all part of the same "family", thus one of the solutions in the "grub4dos, .iso images and (hd32) or (0xFF) mapping" thread should apply, possibly with some small tweak.

ALL Vista/2008/Windows 7 build are of the same "family" and the solutions in the "grub4dos, .iso images and (hd32) or (0xFF) mapping" thread should apply.

For Linux based builds there is often a partial workaround which consists into extracting from the .iso only the vmlinuz (kernel) and initrd (initial ramdisk file), and as well some of the solutions in the "grub4dos, .iso images and (hd32) or (0xFF) mapping" thread may apply, though it is more probable that some tweaking/changes of the contents of the .iso (on Linux side) will be needed.


In other words:
  • your mileage may vary
  • stop asking how many miles per gallon (EU, please read Liters/100Km) "a" car will do, there is simply NOT a valid answer for that.

:D

jaclaz

Unable to register at REBOOT.PRO please help!

0
0

Hi, i am trying to register / create an account

But  everytime, after entering all info, and clicking on "CREATE ACCOUNT" i get the following message:

 

Oops! Something went wrong!

You are not permitted to register a user account with this community.

 

Can somebody tell me what i am doing wrong

 

Thanks for any reply/help!

Boot windows ISO without bootfix.bin 'press any key' prompt

0
0

I wanted to suppress the 'Press any key to boot from CD or DVD' prompt when booting directly from an unmodified Windows Installer ISO.

 

If I boot from a Windows Installer ISO and the use chainloader /bootmgr  I don't see the 'Press any key to boot from CD or DVD' prompt.

 

However, if the ISO is of the Joliet specification, grub4dos 0.4.5c does not understand it (only \README.TXT is listed) and so it has to be booted using chainloader (0xff) - then I do get the 'Press any key to boot from CD or DVD' prompt.

 

It occurred to me that I could patch the initial boot code so that it did not load the bootfix.bin file.

 

 

chainloader (0xff)

causes the text

Load RBA: 0x5B4  Boot Type: 0 = No Emulation

 

to appear.  and 0x5b4 x 4 is 0x16d0  x 512 = 0x2DA000

 

cat --hex --skip=0x2da700 --length=0x100 (0xff)+0x2000

 

shows a string 

SETUPLDR.BINBOOTMGRBOOTFIX.BINBOOTI386AMD64

 

 

Therefore, if we can change the BOOTFIX.BIN string, we can cause it not to be loaded and thus suppress the prompt.

 

The solution turned out to be simple

map /win8.iso (0xff)
map --hook
chainloader (0xff)
cat --locate=BOOTFIX.BIN --number=1 --replace=XXX (0xff)+0x3000
boot

This suppresses the 'Press any key to boot from CD or DVD' prompt. The ISO file is not permanently changed.

I am not to sure why this works - presumably (0xff) points to memory for at least some of the ISO and not to the actual ISO file???

 

Minlogon and Explorer.exe . . .

0
0

Greetings.  Long time, no post ;o)

 

I have a quick question for the community today.  This issue surrounds the use of Minlogon in the context of XP SP2.

 

I have a scenario which requires the launch of a program before Explorer.exe in the bootup process.  However, with the reduced featureset which Minlogon provides, the time-honored Userinit modification is no longer functional.  While one may still white-space "piggyback" more than one process onto "Shell" at the relevant Winlogon key, Explorer.exe must be fired first in the series; or the shell is not launched at all.  A simple knot...

 

So, this brings up two brief questions:

  1. Is there another place in the hives which could be utilized to launch a process before Explorer.exe in the normal bootup chain?
  2. Barring that (preferable) possibility, is there a commandline switch which may be passed to Explorer.exe to allow a launch in shell-mode IF Winlogon\Shell is set for something other than "Explorer.exe"?

 

Thanks again, folks; and have a great day.

Map MBR-style-disk on GPT partition

0
0
The official GPT specification lists a partition type with a peculiar description :

Partition containing a legacy MBR | 024DEE41-33E7-11D3-9D69-0008C781F39F


A better description from the gpart manual :

mbr | A partition that is sub-partitioned by a Master Boot Record (MBR). This type is known as "!024dee41-33e7-11d3-9d69-0008c781f39f" by GPT.


More details were only obtained from FreeBSD mailing list archive :

Yes. This is a partitions-inside-a-slice configuration, ...


Basically it means that the GPT partition contains a full MBR disk in it... Intended to be mounted as a separate virtual device. It was envisaged that non-GPT-supporting OSes can be booted from such a mapped virtual HDD.

I think it'll be quite easy to make such a mapping module for boot managers like Grub/Grub4dos, as well as a driver for Windows and perhaps Linux... Can be useful both for booting and maybe other things...

So does any of the existing drivers like FileDisk, FiraDisk, WinVBlock, etc. have support for this?

What say @Sha0?

[script]PENetwork

0
0

Hi everybody,

here you can find the current information about my "PENetwork"-manager project - primary for LiveXP and Win7PE systems.

The current version you can always download from 'my' personal WinBuilder-website (http://holger.winbuilder.net).

At the moment the most time I'm writing on PENM itself.
However, some older WinBuilder scripts for LiveXP and VistaPE you can still find there.

If you have any questions, suggestions or problems just let me know.

Tested by others and me with Win7 / Vista / XP / W2K3-source and VMWare / VirtualBox / QEmu / RealWorld - thank you all very much :)

Greets...
Holger

 

Current state:
31.01.2014 (PENM 0.58.2):

- Changed: Recompiled with AutoIt3.3.0.0 to better work with virus scanners
No functional change!

 

08.10.2013 (PENM v0.58.1):
- Fixed: GUIDisable mask option missing

 

07.10.2013 (PENM v0.58):
- Fixed: Missing translation applying after language change for connect menuitem in network browser
- Fixed: After saving new color scheme in profile editor it was not applied to the list of the existing schemes
- Fixed: Window focus on profile deleting in profile editor
- Fixed: Profile deleting in profile editor
- Fixed: Wrong label length calculation in network startup dialog
- Fixed: IP address was not deleted if last item in network browser window was removed
- Fixed: Missing color scheme apply on checkboxes if Windows styles are enabled
- Changed: Profile editor reworked
- Changed: Detailed PE version in debug log
- Changed: Position of tray info window now near the tray icon
- Added: Cmdline parameters /ini= for loading a specified ini file
- Added: Cmdline parameters /profile= for loading a specified profile directly from file
- Added: 'GUIDisable' mask parameter (ini, reg, cmdline) to show only some specific tabs ("Config"/"IP" & "About" are always shown)
- Added: Version infos for WIN_8.1/WIN_2012R2 (WinPE5.0)
- Added: Icon for AC wireless networks in available wireless networks
- Added: More ini options are changable via profile editor
- Added: Simple preview window in profile editor
- Added: Simple check for entered addresses (IP, SM, DG, DNS, WINS) in profile editor
- Added: Simple check for entered MAC address
- Added: Some more visible options to color schemes tab in profile editor
- Added: Key accelerators for profile editor
- Added: Tooltip for profiles file cause file path can be larger to display
- Added: Frame color for diabled buttons now changable via schemes/profile editor

 

Note!: network browsing doesn't work in QEMU by default cause of the buildin firewall

History:

Spoiler


Script-screenshot:
PENMScript-Mini.jpg

Screenshots of PENM at work:

Latest version:

PENMCurrent.gif

Dark color scheme:
PENM09-Mini.jpg
 

Forensic Training with WinFE. Cool.

Boot a Acronis True Image 2014 ISO image with grub2 at UEFI

0
0

The Acronis CD boot uses a El Torito floppy image
IsoBuster free displays the layout http://www.isobuster.com/license-models.php

Example: Boot image start at LBA 76543 (4*76543 = 306172)
The ElTorito image size is not defined:
The next file LBA 145678.
Image size = 4 * (145678-76543) = 276540


Example grub.cfg, adjust LBA numbers yourself





menuentry "Acronis True Image Home 2014 ISO ElTorito" {
set quiet=1
set gfxpayload=1024x768x32,1024x768
set mbrcrcs=on
set isofile="/images/ATIH2014.iso"
search --set -f $isofile
loopback loop $isofile
echo mount the El Torito floppy image
loopback ElTorito (loop)306172+276540
#ls (ElTorito)/efi/boot/
linux (ElTorito)/efi/boot/dat9.dat quiet
initrd (ElTorito)/efi/boot/dat8.dat
boot
}

Some doubts about SDI, WIM, and RAMdisk

0
0
I have a bunch of questions about SDIs, WIMs, and RAMdisks :
  • A RAMdisk is basically a disk image loaded into RAM. Right?
  • There exist some options about ramdisks in BCD for Bootmgr, mainly for PE.
    WHY do they boot PE with ramdisk?
  • Apparently boot.wim is a "bootable" WIM. In what way is it bootable?
  • Why can't install.wim also be booted from? Why cannot it be made a "bootable" WIM? Discount the W8.1u1 WIMBoot possibility... it still cannot be done from a DVD or network this way.
  • Why is Windows PE booting from a bootable WIM? TechNet says it can be booted without a RAM disk as well. Why is this not done normally?
  • What's the point of an SDI? If the WIM itself is bootable, then why need anything else?
Sorry for the challenging tone, but I felt that's the best way to get pointed answers, for my benefit as well as future readers'. I have also referred http://technet.microsoft.com/en-us/library/cc771845(v=WS.10).aspx , but it only makes me beg the question... WHY all this??

Creating an single ISO for Windows PE 5.1 32/64 bit

0
0
Hi

With MDT 2013 and Windows ADK, how do I create a single ISO that, at startup, allows to choose whether to run Windows PE 5.1 32 bit or 64 bit?

Thanks

Bye

WinPE Help

0
0

Hello to one and all of you who are so helpful and kind with there time and expertise sharing with those lesser knowledgeable people on this forum such as myself.

 

I have a Winpe8.1x64.ISO with quite a few preinstalled as well as portable apps which are very useful and most of the programs I use on regular windows work when installed in while using the said PE OS, what I want to know is how can I make changes in the PE namely registry settings e.g(Wifi password, Screen resolution) save/export .reg hive and add them to PE during/after boot making them persistent so I wouldn't need to keep adding those changes each time I boot the PE OS.
 

I know of DISM and Wintoolkit to mount and add registry settings which I have tried and failed.  I have read of files which would do what I am asking about namely startnet.cmd, WinPE8.1.cfg and unattend.xml which from my understanding can import the registry hives which were modified and exported from the PE as .reg files during or after booting the PE but I am not familiar with how to add/edit/create these files or exactly which of those 3 files I need to edit.

 

Please Help!

LiveXp - Anything changed?

0
0

I went to recreate an image today (it has been a while)  and livexp does not see local C-drives. I tried both  projects. livexp #153 and  amd LiveXp 2012, #155.  Just in case i also updated the Mass Storage drivers to  DP_MassStorage_wnt5_x86-32_1209 and hard drives are set to ATA mode in BIOS.

 

Host is windows 8.

 

Please let me know.


QuickPE

0
0

Posted Image

File Name: QuickPE
File Submitter: erwan.l
File Submitted: 24 Jul 2013
File Updated: 30 Aug 2014
File Category: Tools

Yet another tool to generate a minimalist winpe iso using the Windows Assessment and Deployment Toolkit (ADK) / Winpe4 or Windows Automated Installation Kit / Winpe3.
The batch also uses wimlib to add extra files within the boot.wim file.

Alternatively, one can also use the Windows Repair Disk or Windows DVD to build a Winpe (no need for WAIK or ADK then).
One can also add Winpe packages or add Windows drivers.

The batch will :
-create a winpe using the copype winpe command from MS ADK or MS WAIK,
-modify boot.wim to add a tinyshell (see screenshot) so that one can launch explorer++, cmd, taskmgr, penetwork, or shutdown/reboot,
-create winpe iso (less than 200 MB).

Uncompress to x:\quickpe, stuff your tools (optional) in pe_extra folder, and launch make.cmd.
Get winpe.iso in x:\quickpe\%processor_architecture%.

Future possible evolutions : turn into a GUI, ...

Regards,
Erwan

Click here to download this file

Convert ESD to WIM ??

0
0

Bare-Metal Recovery
 

If the user needs to replace the hard drive, or completely wipe it, they can use bootable recovery media. Bare-metal recovery performs these processes:

1. The PC boots into Windows RE.

2. Push-button reset identifies the system drive.

3. Push-button reset re-creates and formats each of the partitions specified in the diskpart script.

4. Push-button reset applies the factory image file to the Windows partition.

5. Push-button reset configures Windows RE and the recovery image on the disk.

6. Windows restarts into the OOBE.

http://technet.microsoft.com/en-us/library/jj126997.aspx


There is Shrink the Push-Button for .WIM




Convert the image from .WIM to .ESD

*

Export the image into a separate file:
Copy
 

dism /Export-Image /SourceImageFile:"MyImageFile.wim" /SourceIndex:1 /DestinationImageFile:"install.esd" /Compress:recovery
The push-button reset feature recognizes the filenames: install.wim, install.esd, and install.swm.

 

http://technet.microsoft.com/en-us/library/dn293447.aspx
 
Also i know that here are several forms of ESD files, some are encrypted, others are not.

How to do the opposite process ? :dubbio:

 
 
p.s.
I doubt that the *.ESD (i have here for exam) is in fact some variant of *.WIM.TAR.GPG and encrypted with 2 stage algorithm, or even CipherSaber :D

 

 

:cheers:

wimlib-imagex 1.7.1 clc

0
0

Posted Image

File Name: wimlib-imagex 1.7.1 clc
File Submitter: ReTokener
File Submitted: 20 Mar 2014
File Updated: 31 Aug 2014
File Category: Tools

wimlib-imagex CLC

Windows command line compiler for Synchronicity´s wimlib-imagex 1.7.1.

Basic functions: capture/append, apply, extract, export, delete, join, split, verify.
.
Read Synchronicity´s wimlib-imagex doc´s for more information about specific options.

The Script is still beta so:
"ANY suggestions or bug reports are appreciated."

T.

Click here to download this file

PE Shell Backup

0
0

Posted Image

File Name: PE Shell Backup
File Submitter: ReTokener
File Submitted: 31 Aug 2014
File Updated: 02 Sep 2014
File Category: Miscellaneous

PE Shell Backup

Use to customize the Shell of your PE-build.

Backup links and registry of your modified PE-Shell and load them at boot time.
Supported: StartMenu and TaskBar.

Enjoy T.

Click here to download this file

How to install display drivers without restart the computer ? ( XP in RAM )

0
0

Hey guys,

 

I used the diddy boot land tutorial to boot XP From a RAM Disk.

(the windows image is on my usb key and load in RAM)

 

Here the tutorial : http://diddy.boot-land.net/firadisk/files/xp_full_ram.htm

 

So now, my windows XP is universal, it can boot on all pc, from my usb key. There are no drivers in so it can boot everywhere. I install the drivers after the boot only.

 

My problem is I need to install display drivers ( ATI wtih catalyst or NVIDIA ).

 

So I install the drivers with no problems but the drivers say : "you need to reboot your computer"

 

Since my windows XP image is in RAM, if I reboot all the modifications are erased, so I can't have my display drivers.

 

I tested on two differents computers, one with ati card, the other with nvdia card, but they always want : "reboot your computer".

 

Do you have a solution ? Thank you

Viewing all 6812 articles
Browse latest View live




Latest Images