Slashdot Mirror

The problem with a retail copy is that your software that rips it is invariably going to place its own timestamps and other variations in the file, so your checksum likely won't be valid. An MSDN subscription is also likely too expensive for most people.

This is decidedly not true, even back in the Windows 98 days. From what I recall, all you had to do was to ensure that the disc had the same name.

If you buy a computer that has Windows installed, and it comes with a COA, then you already own a paid copy of Windows. If you look at the license terms, the COA itself is proof that you own a copy of Windows, and so long as you install the same edition (home, pro, etc) and license channel type (retail, upgrade, OEM) to match that COA, then it's not a pirated copy. Want a simple way to ensure that? Easy: Download the best version possible (i.e. for 7, get ultimate, for 8+, get pro) and then when it asks, just type in the key listed on the COA. It will automatically select the version you've paid for and install it, and likewise it will even activate just fine with Microsoft's servers (or call in, if necessary.)

Also not true. There's a way outside Microsoft to pre-activate software (at least Windows 7). All that are needed are some certificate files in the OEM/$$/OOBE section of your install DVD or USB.

Let me direct you to MDL, specifically the Projects & Applications area. To be clear, this is not a piracy site, this is just a bunch of hackers working on things like BIOS mods (allowing your laptop to run all WiFi cards / unlocking hidden menus), Pre-install activation, retail copies from digital river, and K-M-S servers for Enterprise and VL versons of Windows. Not for piracy, but just so they can figure out how those things work.

Anyway, back on topic, it's easy to roll your own disc to do a fresh install, as long as you can get it from a trusted location. Sadly, as of Windows 7, you can no longer slipstream service packs into your source discs, so you have to download each new version manually. I'd been slipstreaming Service Packs back into my discs since the Windows 2000 days. Nu2.nu was a great reference for getting ISOs to boot off of CD ROMs that had the El Torito extensions required.

I'm not sure. I guess I have been poking around in mostly older ISOs. There are various tools to see if an ISO is marked as no-emulation or floppy-emulation, if you have some Windows installer ISOs lying around (I don't have any with me at work right now, sorry... I might check when I get home). Bart's BBIE can also extract the floppy boot image if you want to look into a specific boot floppy. (and then WinImage can be used to look inside the files in the floppy .img)

The problem with AV removal tools is that once the infection is in place it's near impossible to run them. (at least in normal mode) The infection will often create restrictive GPO's, a chain of self replicating drivers/ services/ scheduled tasks/ startup entries so that even if one piece is removed it will be recreated.

The best way to remove a virus is from a bootable environment which can remotely bind to the registry. Then it's just a matter of disabling the startup entires, deleting the install directories, removing the GPO's and deleting the malicious services and drivers. You can even run a command line version of the mentioned removal tools in bart pe to get the rootkits and hidden system file infections.

The majority of infections I see are the rogue security software where they infect you then tell you to pay to remove it. What's interesting is the company "witabett" provides technical support for their fake AV products after victims have purchased them! Check out their complaint board it even provides a support phone number... Excellent drunk dialing material for my geeky friends.

Yes, you can. But let's just assume you're correct. There are other options also.

http://www.nu2.nu/pebuilder/

This is, by definition, designed to run win32 applications from a CD.

And frankly, I also love this:

http://www.nu2.nu/bootdisk/modboot/

I would love to see someone take up development of this and to update the network drivers collection and the like. There are still times when a tech needs DOS if for no other reason than to flash a BIOS or to run Ghost over the network or with a local USB storage device.

http://www.nu2.nu/pebuilder/

BartPE?

Quick thoughts:

Yep, silly six times of errors and you get PIO. I've had to manually reset quite a few Windows IDE channels. Watch for this one especially if you are cloning HDDs without defragementing regularly.

CA's AV Suite beats up on Vista (at least one the one Vista PC I have), making what is a responsive system with AVG or SAV painfully slow, especially for UAC events. There may be other AVs with this problem.

I'm surprised that none of the posts have mentioned Bart's PE, http://www.nu2.nu/pebuilder/ Easy enough to add AV to it an do a full scan with the OS offline, and no way to infect anything as you are running from a CD. That is about the easiest way to determine if it is software, as there will be items noted by the AV program, something odd that will stand out when compared to a happy system.

I believe there's also a portable version of TrueCrypt that can be used that leaves no traces on the OS install once you're finished.

Your OS, however, will happily record that it ran a program called truecrypt and cached any DLLs it needed, log any changes in available drives and make a note that it accessed documents on the recently mounted 'F:' drive. Those are very definitely traces, and the documentation for TrueCrypt traveler mode is very clear about their existence.

They do suggest using BartPE to lock down Windows in very specific ways which will prevent it from doing that kind of thing, but that is itself a trace.

Good luck.

Actually the Internet File sharing Pirates have an answer to that, it is called Tiny XP. It is the bare minimum you need from XP to play games on it.

Microsoft has Windows PE, of which BartPE and Reatogo are based on provided you have a legal Windows XP SP2 or higher CD-ROM to use to create the smaller version of XP on for just the basics. They are what the Ultimate Boot CD is based on and there exists an option to install that to the hard drive instead of the standard XP. I've used it and it does not even ask you for a valid CD-Key to install BartPE or boot from it. You just have to own a copy of Windows XP SP2 or higher to use it, while it works with XP SP1 and under, I wouldn't recommend it. I even heard it can use Windows Vista for a PE version of Windows, but I never tried that.

It is either BartPE or some variation, or wait for ReactOS to at least get a beta build. ReactOS 0.3.5 came out in June 30th 2008, but Slashdot seems to be ignoring it and BartPE and variants. ReactOS is an open source OS based on WINE that is being written to run at least Windows XP/2003 code under it and use XP/2003 drivers. It is not ready for prime time yet.

but Bart PE - http://www.nu2.nu/pebuilder/ - quite happily boots off a CD

For a while I used BartPE with a copy of Avira anti-virus along with SpyBot Search and Destroy and Adaware. Haven't tried out the latest version of Adaware on Bart yet, been a while since I needed the disk.

BartPE - http://www.nu2.nu/pebuilder/
Avira - http://www.avira.com/en/pages/index.php
SpyBot Search and Destroy - http://www.spybot.org/en/index.html
Adaware - http://www.lavasoft.com/

The result is there [in cmd.exe] are funny (not always so) side effects where you have nested scopes (try nested loops for example).

Look up setlocal. You have to make a separate script for each scope, but you pretty much have to make a separate script for the body of loops anyway.

Just because you don't like it doesn't mean it's not really a scripting language. Check out, for example, the scripts in BCD.

That's something I was going to look into...

I've just started tampering with WinXP USB Installs via BartPE.

I was wondering how these would work in conjuncture with a USB install? Can I just use these to batch-slipstream? Or run off the USB after a fresh install (Either via ISO+VirtualCD or just an EXE on the usb)?

I personally am kinda killing time until SP3 is officially released (Then I'll reset my computer and laptop fresh). I'd love to have patches, drivers, program files, etc on standby so my system is ready before I set foot onto the internet.

BartPE fits on a 256MB USB Flash drive. Surely something similar would be workable in 1GB.

does it run XP?

You mean this thing?

The computer won't boot, so I can't extract the key with a key finder.

Combine a pinch of:

http://www.nu2.nu/pebuilder/

With a dash of:

http://www.drowaelder.de/winpe/keyfinder-pe/keyfinder-pe.htm
http://www.drowaelder.de/winpe/keyfinder-pe/keyfinder-pe.cab

Serves an infinite number.

#1. The registry.

gconf is, basically, a registry. Yes, a better one, but it's still doing the same job in much the same way.

#2. Which is why Microsoft shops advocate the "Wipe & Reload" method of "support". It broke, don't spend time trying to fix it.

This is because it's easy. Fixing something requires diagnosing what went wrong in the first place. Frequently for simple machines, it's simply not worth doing --- the amount of effort involved is vastly greater than there would be in flattening the system and starting again. This applies to Linux, as well; cruft builds up in the corners, configurations get slightly broken, and after a while it's frequently easier to reinstall than to clean it out.

#3. Viruses, trojans & worms. At least with Linux I can boot from a "Live CD" and chroot the local hard drive and check it / edit it to remove problems.

Windows Live CD.

#4. No packaging system (see Debian & Ubuntu).

I'll give you that one. Of course, there's nothing stopping you running a Debian userland inside a colinux box...

Holding your data ransom? Use BartPE to free it: http://www.nu2.nu/pebuilder/

If you boot off the CDROM then you can copy any Winders data over the network or to another partition or disk drive or whatever.

Whoops!! Sorry! Grabbed the wrong link to the PE builder. This is the correct one.

Try making a PE disc with Bart PE. It will allow you to make a bootable Windows disc that has an offline registry editor.

M$ has played the same sorts of games with BIOS

Really? Has the BIOS spec changed at all since the mid-90s? Because you can still download the APM BIOS spec from them, among other things.

Or are you referring to EFI? AFAIK Phoenix was offering a DRM BIOS as early as 2004-2005 but apparently no one bought into it, or at least I've yet to see a standard white box PC with a BIOS like that.

So what "games" are you referring to? And what does "M$ damaged hardware" mean?

you are hard pressed to make the average PC boot off anything but a CD or hard drive.

I wouldn't go as far as comparing them to the power of a Linux Live CD, but there are certainly ways to create stripped-down but usable bootable Windows XP images with lots of tools and whatnot. For example, BartPE. Even Microsoft will give you one, though I think you need to be an OEM for that one, which obviously makes it far less useful.

but it's still easier to sftp to your home box.

I'll be sure to ask my employer to open up the firewall to I can "sftp" into my home box. That sounds a lot easier than an automated ~/ mount from a four-inch thumbdrive I can carry around in my pocket.

I'm pretty sure this is already possible. http://www.nu2.nu/pebuilder/

BartPE is pretty useful: it's a Windows LiveCD environment.

http://www.nu2.nu/pebuilder/

One thing is, the people in India handling the activation really don't care too much, and, as long as you don't volunteer certain information, will happily hand out the magic 42 digit number that makes everything work. I've even used this to transfer an XP OEM license to an entirely different computer (shhh!).

However, it sounds like the problem is coming from the install media; perhaps a partition on the drive that copies over a disk image, or maybe an OEM install that checks for the correct hardware? I think the best thing to do would be to go download/find/borrow a real Windows XP disk of the correct "flavor"; probably Home, possibly Media Center, etc. If he does have the actual disk, he could try creating a pre-install environment using BartPE and then adding in the extra drivers for his mobo, but it's probably better to just find a disk.

Once he actually gets it installed, he'll probably have trouble activating it, which will involve calling Microsoft and going through the following song and dance:
1. Give the computer your product key.
2. It will fail, and transfer you to a representative.
3. They ask for the last 6 digits you gave to the automated system; give it to them and state you are reinstalling Windows XP.
4. They will ask you several questsions, answer as follows:
a) Is it installed only on this computer? Yes.
b) Did you pirate the software or (sometimes) are you using the same OEM disk? Yes.
c) Are you reinstalling Windows XP? Yes.

Usually at this point they will give you the magic 42 digit number to make your computer yours again. Occasionally, they will ask about hardware upgrades, in which case you have two options: 1) tell them the truth and don't get your copy to activate, or 2) outright lie. If your scruples won't let you do the latter, you can tell the representative you have something else to go do (probably true), and call back later, hoping for a less diligent employee. As I stated above, I've used this process to switch Windows XP Home OEM licenses to computers with entirely different hardware, so I can't imagine a motherboard giving you too much trouble.

You just may not have enough memory for the last one

I used to carry BartPE and I still recommend it to budget-constrained folks. However, spending some money for Winternals was one of the best things my employer ever did. It boots faster, comes with more and better tools by default, and gives me the easy network awareness that makes it possible for me to do my job better.

On the free side, when trying to revive the virus-infested home computers of friends, I find Chronomium to be wonderful. You plug in a USB key with a current Clam AV signature file and boot from the disk. It then runs through the drive and deletes all virus-infected files. For a very quick "either fix it or pronounce it fully broken so we can start over" situation, it's without peer.

Here's what I have in my CD case, in approximate order of how regularly use them...

Memtest86--because the RAM in the cheap PCs I come across sucks. Some of the other tool CDs have this one as well, I like to get the latest one regularly here. Good for stress testing, and even handy for figuring out things like whether the RAM is running correctly in dual-channel mode.

SystemRescueCD--I particularly like the partition editor and imaging utilities. Been weaning myself off Partition Magic/Drive Image even for Windows work with these two.

Ubuntu live CD and DVD. The CD works in more systems, the DVD version is a completely usable system with a lot of stuff in it. What most impresses me about the Ubuntu live disc is that I can download packages over the network and install them, even thing that run as services, from the live environment. I actually got PostgreSQL installed and some database tests completed, all without a single Postgres file on the media.

Knoppix--Some days, your first choice in Linux live CDs just doesn't work on a random machine; that's why I still carry around this one as a backup.

Bart PE--A bit of a pain to build the first time, but very handy for fixing Windows machines.

Offline NT Password & Registry Editor--this one has been less useful lately, as I've been running into NTFS partitions it really doesn't want to write to. My fallback position is to use this to generate a new SAM file, then copy it over with a BartPE disc.

RedHat Enterprise 3 and 4 CDs. While not technically live CDs, you can do a lot with booting into this environment, and I deal with enough people running RedHat versions that they're worth carrying around. I still keep one of the older versions around so I have something running the 2.4 kernel to tests against; occasionally I'll run into some old hardware that 2.6 pukes on, while 2.4 still works great.

For Windows emergency repairs: A CD made with Bart's Prebuild Environment

For Mac OS X emergency repairs, a Mac OS X bootable disk

For everything else, a bootable Linux disk with the tools I think I need that day.

For general use, TheOpenCD. This also has a Windows partition so I can show my XP-loving friends the joys of Free-as-in-beer-and-liberty software.

BartPE
http://www.nu2.nu/pebuilder/

Setup the McAfee commandline scanner and Ad-Aware plugins, create cd, boot to cd, scan system.

Not sure how successful that would be with the rootkits, but thats what I use when I have to clean up after user.

XP currently boots from USB keys just fine. So why did you say it cannot boot from flash without significant bootcode changes? USB keys are flash memory, you know.
See Tom's Hardware, or BartPE.
http://www.tomshardware.com/2005/09/09/windows_in_ your_pocket/index.html
http://www.nu2.nu/pebuilder/
Old news. Sorry, but I just had to give the responder a clue.

On the other hand, I load up regedit, I have instant access to change, and corrupt both user and system wide configuration. Sure, it can be convenient to have everything in one spot, but am I in HKCU\Software\Microsoft\Windows\CurrentVersion or HKLM\Software\Microsoft\Windows\CurrentVersion?

With plain text configuration files, any other OS capable of reading the filesystem is capable of accessing and editing the configuration files to fix them.

Which is why even some Microsoft products still don't use the Windows Installer! (MS Flight Simulator 2004 jumps to mind right away.)

Ah yes, GPO. GPO is enabled domain-wide here, but does not successfully apply to my profile.

Because the GPO policy is copied to the logon user's registry hive before being applied, it is easy to break, despite the fact that that particular key has an ACL that is write only by administrators and system.

In the case of roving profiles, the user owns ntuser.dat. The answer is obvious.
In the case of non-roving profiles, ntuser.dat is a local file. The answer is almost as obvious.

Network admin here. I take care of about 150 computers in a small school district. I've been using Ghost 8 for the last two years, and it's worked great. For a boot disk, I've been using Bart's Boot Disk also for the last two years. I download the image, grab all the additional driver plug-ins that I need for the different network cards that are around (though I got a crapload of Intel Pro/100 PCI NICs lying around for whenever I run into an oddball NIC now and again). After I created the disk, got the right drivers on it, and set up the menus during the booting of the disk exactly the way I wanted it to be, I burned a copy of the disk to CD-ROM, made it bootable, and from bootup, I now have a bootable CD that takes 10 seconds (not including time to type in password, though I could automate that also if I wanted to...I don't myself) to log into the Windows domain, map a drive on the server that has all the Ghost images, and automatically loads Ghost for me. It uses the Win98 DOS kernel, but whoop-dee-doo. Nothing else comes close (not even Symantec's own bootdisk builder) to creating an efficient method of auto-detecting and loading drivers for your NIC, loading the TCP/IP protocol and using DHCP to grab you an IP, authenticating inside a Windows domain, mapping drives, and above all, doing it in DOS in under 10 seconds (on a CD...took about 45 seconds from the floppy).

As for updating all the stupid BIOS programs that still need DOS to run the flash programs...well, I still got some spare floppies lying around for just such an occasion.

del E:\Images\Older_C.dat
del E:\Images\Older_C.xml

rename E:\Images\Old_C.dat Older_C.dat
rename E:\Images\Old_C.xml Older_C.xml

rename E:\Images\Drive_C.dat Old_C.dat
rename E:\Images\Drive_C.xml Old_C.xml

"C:\Program Files\Runtime Software\DriveImage XML\dixml.exe" /bc /tE:\Images\Drive_C /r- /s- /c /v

BartPE is essentially a unique Windows envirnment, requiring it's own 'scripted-install' procedure. You can use it to setup and burn a bootup CD. It includes a utility to upload the .iso it can generate to make a USB stick bootable. But I struggled with it, until I found PEtoUSB 3.0.0.7.

On Bart's site is a plug-in page with a wealth of plug-ins for the 'environment'. This page [http://dirk-loss.de/win-tools.htm] has an even more extensive list, of tools the slashdotter might require, plus links w/ instructions for making any application into a single compressed .exe, along with how to set it up in Bart's Nu2menu 'start' menu.

For what it's worth my stick of choice is a Creative Muvo TX SE I picked up for about $75, so I always have my toolbox at-hand, since it plays MP3s. It doesn't matter if it is formatted as FAT or FAT16, tunes still play fine. Using Bart's PE, it is simple to make a minimal environment. With applications like Torpark installed, I have no reason to carry a laptop for my purposes, the MP3 play is fine. Note full networking is support in Bart's PE in case you're wondering what boot-up feels like.

Whip up your own using the BartPE live XP cd. I have two copies at work, one with RecoverMyFiles, Scandisk, and RAID repair utilities and another with Spyware and virus scanner apps.

Please consider that spyware exists and consider that the nastier types restart themselves via the registry and lock the entries they use to make them uneditable in safe mode.

Large numbers of them are reported all of the time which all people who work in any feild related to IT should be aware of - spyware is the most obvious current manifestation of several of the problems.

Having to remove a compromised disk and load it into another machine that could become compomised to fix this is the time consuming method to fix this - I consider the registry a nasty hack and an obstruction to many basic things including system backups.

The main problems were of course backing up those registries and file locking on mailboxes. I don't even know if ntbackup can handle files bigger than 2GB - it appears to be old abandonware these days.

The Windows live CD you are thinking about is BartPE, but it's not as easy to use or setup as a Linux LiveCD.

I did set up one myself. It works pretty well once setup.

I've no problem booting the OS, doing the task, then back to my OSS environment. Running an AD supported version would not have impacted me one bit.

Personally, I would like to see an OS that is put onto a ROM and cannot be updated without pulling it and bringing it to a special machine

You can already make Windows XP live CD/DVDs. I use BartPE. I will note that it boots a lot slower than Knoppix. I am not sure exactly how customizable it is.

Windows PE. http://www.microsoft.com/licensing/programs/sa/ben efits/winpe.mspx

Or Windows PE with modifications. http://www.nu2.nu/pebuilder/

Already done, with at least one spinoff. These are based off of XP or 2003, but I'm sure someone is at work on a Vista version. Also, hardware detection sucks compared to Linux live CDs.

I remember running across BartPE. Its a windows live-cd option. I don't particularly care for it, but it has its place.

Tangent, yes. But...

At my previous position BartPE was a godsend. If you do physical Windows support, and you aren't aware of this, I strongly urge you to take a peek: http://www.nu2.nu/pebuilder/

Think Win98 boot floppy on crack. Boots off CD/DVD, does PnP, has network support, the ability to add virus scanners & other nifty tools.

There are Linux boot CDs that do more/less/theSame, but if you're like me and (/gasp) not familiar with Linux then this can be a powerful tool.

/linux noob
//working on that
///Farker

Floppies are dead. Put BartPE on a USBkey or on a creditcard cdrom and you have way more functionality and you can add any driver with ease (if there's not already a plugin built, which there are a LOT of)

If your system suffered a successful intrusion, you wipe.

The trick, of course, if knowning when you've suffered a successful intrusion. The whole point of this exploit is not to be detected in the first place.
I still don't see how this or any other rootkit can get past a clean bootdisk + scan, like Bart's PE for Windows, or something like rescue disk + chroot + rpm -qV for linux.

BartPE http://www.nu2.nu/pebuilder/