Saturday, November 28, 2009

Diminished Linkfest

imageHere are a collection of links that probably deserve a lot more attention than I am giving them at the moment.

I’ve got a date at a Chinese buffet waiting for the annual “my-side'-of-the-family” post-thanksgiving meal. And UH plays Rice at 7PM for the Bayou Bucket game.

So be it:

  • Delete TCP-IP printer port - Bink.nu – despite my skill in adding/removing printer devices from Windows, I was always plagued at work with the number of network printers I have to add/delete from my system as I travel between office sites.  I would delete the IP printer, but it would still should up as a “ghost” in my printer port list.  Finally got large enough to force me to figure out how to remove the.  Who knew I had to click on the whitespace to get the option to deal with the printer port items?   “Go under control panel to "Printers", right click in the middle of the white space on the right side of the window and choose "Server Properties".  Go to the "Ports" tab, select the port you want to delete, and choose "Delete port".” - johlos

  • Create universal flash boot disk with fbinst. – BootLand Forums.  New tool to help with making flash devices bootable.  My method of bootsect and diskpart has worked great but this might be an option on certain types of other storage devices.

  • VMLite XP Mode – free – neat application alternative to replicate Windows Virtual PC XP-Mode for systems that cannot support it (due to Windows 7 OS level).  I haven’t tried it yet but it looks promising.  Spotted over at Even More Linky Goodness... by Harlan Carvey.

  • Haiku Project | Home of the Haiku Operating System – cute retro BeOS style Linux build (correction caught by TinyApps: “Haiku has been coded from the ground up as a BeOS clone, and does not contain
    any Linux code: http://www.haiku-os.org/about/faq#2.”)  My Linux LiveCD work pretty much centers around forensic LiveCD builds now, but I still love seeing these projects.  Related: Using build images with Virtual PC | Haiku Project.

Windows x64 Driver Signing Links

Back when I was trying to get the ImDisk Virtual Disk Driver (now updated to version 1.1.5 on 11.23.09) up and working on my Windows 7 x64 bit system, I ran into one of the headaches of x64 bit life.  Drivers need to be signed to install/load/work.  You can work around this several ways but often it involves either turning off UAC mode and/or dropping the system into “test” mode.

It can be a headache.

Here are related links I collected while getting ImDisk to work on my system (despite the wonderful help in the link); it still is a bit cranky.

Cheers!

--Claus V.

Free! (Beta) MS Office 2010 (+ Open Source / free alternatives)

image

About a year ago I upgraded our MS Office 2003 (Student/Teacher edition) pack to MS Office 2007 (Student/Teacher edition).

We still are using MS Office 2003 at work, but the church projection desk uses 2007 so for PowerPoint design compatibility while working on slideshows at home and hauling to the church, I decided it was time to bump up.

Alvis and Lavie needed MS Project capability which these packs don’t come with so I then got an employee purchase program pack of MS Office Enterprise 2007 for one PC as this does come with Project and at about $10 it was a steal.

About a week ago, Microsoft released Office 2010 in beta form to first their technical subscribers.  An even earlier “technical release” version had been out long before that.  What made the Office 2010 beta release so special was that a few days later it was released for public consumption along with some other 2010 Office application betas as well.

I’ve been running most of them in a Windows 7 virtual machine at work and am very pleased. While the jump from Office 2K to 2003 was fairly easy, the jump from 2003 to 2007—particularly with the “ribbon” interface—has been more challenging.  That said, it now feels like home and is preferred over 2003 interfaces.  2010 continues with the ribbon interface and adds a few more additional features, making much more user friendly, particularly for power-users.

So I wanted to round up the linkage on the Office 2010 beta for myself and my readers.

I also know that some folks are quite anti-Office so I will also provide linkage on suitable alternatives (Open Source/freeware) to most of the Microsoft Office applications.  If you subscribe to the “team-Open Source” rather than “team Microsoft” you probably won’t feel slighted in the least.

First things first: x32 or x64 version?

Believe it or not, one of the first considerations you will need to make is whether to go x32 or x64 with Microsoft Office 2010 beta.  Yep.  It comes in both flavors!

Now, if you are only running a x32 bit version of Windows, then there is no problem.  You must go with the x32 version.

However, if you (like Lavie and I) are running x64 bit OS of Windows (ours are x64 Windows 7 Home Premium) then it gets a bit more complicated.

Here’s my thoughts after some research and consideration; if you have a x64 bit OS of Windows, don’t use any plug-ins (particularly third-party) for Office, and want to realize some possible performance gains (though not much unless you are doing heavy calculations or graphics work) then go ahead with the x64 version.

If you do depend on third-party plug-ins for Office and/or don’t really push the limits of what MS Office can do under the hood, the x32 version should give you greater compatibility and support.  So (for now) any slight gains in performance with x64 will be more than offset by the extended support of the x32 flavor of MS Office.

Second: Do I need to play with MS Office 2010 beta?

To this I say only this; absolutely, positively, not-to-be-overlooked, stop—drop—and—roll, you must really put down the remote and turkey sandwich and go try this out…maybe.

OK, I know I need to clarify that a bit.

If you already have MS Office 2007 and are an average Office user, then you probably won’t see a whole lot here to justify the work and considerations in installing and using MS Office 2010.  Seriously.

If you aren’t experienced with “beta” products and causing the possible destruction of Alderaan and/or your Office documents and system, then take a pass.

If you don’t feel like uninstalling your current MS Office 2003/2007 installation to make way for the Office 2010 beta, call for a cab-ride home.

However,

If you do like driving in the fast lane on the freeway even if it is supposed to just be for passing, sign up.

If you are running a version of MS office that is earlier than MS office 2003, sign up.

If you can/will be willing to risk nuking your system, sign up.

If you want to keep both your current Office 2003/2007 and are willing to try to install/run both, or know how to create a virtual machine to run it in, sign up.

If you must live on the cutting edge of MS Office deployments, sign up.

If you have a new x64 install of Windows and want to see what (if anything) a x64 bit version of Office can do, sign up.

If you haven’t ever installed or been able to take out a 2nd mortgage to afford MS Office around the house, sign up.

If you are a system admin, provide MS Office support to your workplace, and need to check application/document compatibility before deployment, sign up.

Me?  I’ve swallowed the Microsoft Office 2010 beta punch and am trying to hand it out to all the faithful I can.

Features?

Rather than try to do a full review of all the MS Office 2010 beta features, here are some links that do a good job covering that already.

Microsoft Office 2010 beta expiration date?

One question any Microsoft beta tester comes to look for very quickly is “…when does it expire?”

Sorry, Virginia, you can’t ride this free bus trip forever.

In the case of MS Office 2010 beta, Microsoft provides a generous timeframe until it either quits outright or drops into RFM (reduced functionality mode).  Per the Microsoft Office 2010 Beta FAQ  (emphasis mine)

Office 2010 Beta will become non-functional on October 31st, 2010. The non-functional product may be removed from your computer by using the Programs and Features option from within the Control Panel. If you selected to perform an upgrade to a previous version of Office when you installed you will need to manually reinstall your previous version, or you may choose to download a new trial or purchase the full version of Office 2010.

So you get almost a full year to use a very feature-stable, super-full version of MS Office 2010, along with any other related MS Office 2010 components.  Hard deal to pass up, particularly if you never had been able to afford an MS Office release.  Of course, by then you may be addicted and have to pony up for it when the expiration hits.

Enough Already!  Link it to me!

OK.  Here you go.

Be aware of these first.

  1. At some point you will have to get a (free) Multiple Activation Key (MAK) and activate it.  It should install and run fine up to 30 days or so without one.  You can also do a “rearm” to stretch it out a bit longer.  But since the key is free, I don’t see why you wouldn’t get and use one immediately.  The MAK allows you download the setup file(s) once and then use the same key on different systems.
  2. You will need a different MAK for each Office application you wish to use/install.
  3. You will need to provide a registered Windows LiveID to get one.  No big deal (free) if you don’t have one already, just be prepared to register during the process and get one.
  4. By nature, Microsoft will be pulling data from your uses, crashes, etc. of the product(s).  So though it is free to you, Microsoft will collect impersonal data on how it operates on your system, how you use it, etc.  If that freaks you out then jump below to fully-free alternatives.  Way I see it, it’s a small price for a year’s worth of MS Office 2010 and the possibility to provide good data that may enhance the final release version.
  5. A silly smiley-face feedback tool will get installed and added to your auto-runs list.  This allows you to text message feedback to Microsoft on the product.  It’s kinda cute but really unnecessary for most testers/users.  You can turn it off and/or remove it from the auto-starts without harm.
  6. Some folks complained about download issues of the setup files when using Firefox.  Yeah.  Big surprise. I didn’t have any issues, but if you can, just use Internet Explorer to snag them and return to Firefox when you are done; fewer hiccups this way.
  7. By default, MS seems to offer you the x32 bit installers by default from the download pages. However, if you scroll down to the bottom, you should find the link to the x64 bit version.  I grabbed both, and the same MAK should work for either one.
  8. You can actually go into the “Options” feature on each application and set it to save your MS Office 2010 beta documents/files in an earlier version of MS Office by default. Great for ensuring your co-workers can still use your stuff without issue or need for compatibility packs.  Yes, you may not get as much benefit (whatever it may be) with saving them in the newest MS Office file-formats, but it makes it much easier to use this version in a production environment.

Microsoft Office Beta - Office.com – The starting place for most users;

This will net you the following MS Office 2010 beta apps:

  • Word
  • Access
  • PowerPoint
  • Publisher
  • Outlook
  • InfoPath
  • Excel
  • SharePoint Workspace
  • OneNote
  • Communicator

This should more than satisfy most of the curious.

Too many specialized apps for the home/SOHO user?  Probably so.  Try this instead:

Microsoft Office Online (Office Home and Business 2010 beta):

  • Word
  • PowerPoint
  • Outlook
  • Excel
  • OneNote

Probably won’t seem as intimidating.

However, wait!  There’s more!

Microsoft Project “Professional” 2010  (Fancy product landing page) --also available and free in both x64 and x32 flavors.  Not radically different from the Project 2003 version I use, but the ribbon actually makes it much easier for me to use.  I think it’s an improvement over earlier versions.

Microsoft Visio Premium 2010 (Fancy product landing page) but use the Microsoft Visio Premium 2010 Beta – for a more helpful link to download and get info.  See also: Microsoft Visio Training Links – Microsoft.  Besides the ribbon again, I don’t see a radical difference between the Visio Professional 2003 I use daily at work and this one.  It handled all my 2003 version Visio files with no complaints.  Saving them back from 2010 beta into 2003 format and opening them up in Visio 2003 I found no issues so far.  Again, me likey.

Microsoft SharePoint Server 2010 Beta – Now we are going hard-core for the pros.  Not for general end-users.  It requires sysadmin knowledge to get this puppy up and going.  That said, it should bring additional features and interconnectivity for sharing with Office 2010 documents.

Microsoft SharedView – OK. This isn’t really part of the Office 2010 beta pack, but it has been updated to version 1.0 and should be included by anyone (sysadmin or home user) who is a MS Office fan-boy/fan-girl.  For more information on what it does and how it can help you, see this GSD post: Microsoft SharedView: OMG this is Free?!!!

More MS Office 2010 beta resources

Here are some additional links that would be good to bookmark as you deploy and use MS Office 2010 beta

Open Source and Freeware Alternatives to Microsoft Office

Goddess knows I’m all for freeware, portable, and other Open Source applications.  Office productivity apps aren’t the exception.  In the world I live, work, and earn a paycheck in, Microsoft is the way it is. Period.  However, I do think that they did earn that position not just from marketing and cramming their product down enterprise and business IT department’s throats but because, fairly said, they do provide damn-good tools to do what they do in the business world…and that has spilled over into schools and homes.

That said, there are a number of great and free products that are beloved and can keep pace (if not sometimes outdo) Microsoft Office.

So if you don’t want to drink the MS special punch, but do need the same features, consider this fantastic options:

  • OpenOffice.org - The Free and Open Productivity Suite and OpenOffice.org Portable – provides almost a match-for-match application for the standard Microsoft Office ones. Even if you use MS office, you can’t really take it with you on your USB stick, something you can do with OO.
  • Open Workbench and/or OpenProj.  Two very mature alternatives to Microsoft Project.  Even more options here in this older GSD post Project Management Tips and Software.  I really like (and used) Open Workbench until we got licensed for MS Project at work.
  • Scribus Open Source Desktop Publishing – Wonderful alternative to MS Publisher.
  • Dia – Who needs Visio with Dia around?  Except for highly specialized networking/drafting and flowcharting folks, Dia should save the day for free.
  • openmeetings or TeamViewer (also available as TeamViewer Portable) should do a nice job as an alternate to the (also free) Microsoft SharedView tool.
  • Open Source Collaboration by Alfresco and o3spaces are worth checking out as alternatives to MS SharePoint.  Truth-be-told: I use SharePoint heavily, but haven’t (but coming in the near future) had to deploy or administer a SharePoint server so while I can tell you what I like about SharePoint, I can’t really fairly compare these alternatives from a behind-the-scenes perspective. Yet.
  • Zimbra. – Alternative for MS Outlook Exchange server software.
  • eM Client or Thunderbird + Sunbird should be a fine alternative to MS Outlook email client.
  • WikidPad or SEO Note would be alternatives to MS OneNote.  I used to be a rabid fan of Evernote which offered one of the best OneNote alternatives for free/$ there was.  However they have moved to a “cloud-based” model now.  It still effectively provides the same “features” as before for note taking…plus with multi-device/system synchronization/access, but I just don’t feel the warm-fuzzies that I did from their old product iteration.  I wish they would bring it back as a “retro” version.  It was just so damn good.
  • FreeForm – Possible alternative to MS InfoPath.

If you know of any others and can recommend some additional ones that are off the radar, please drop a tip/suggestion/link in the comments!

Hopefully somewhere in all this you will find more than enough office productivity options for free to upgrade and bring you current with the capabilities now out there.

I highly recommend you not pass the chance to play with MS Office 2010 betas in some form.  A year is a long time to learn and take advantage of these awesome free (though beta) office applications; particularly if you are still using MS Office 97/2000 (or even MS Works!).

Cheers!

--Claus V.

Saturday, November 21, 2009

Messing with Windows 7 Themes

Using, making, and sharing Windows 7 themes has gotten very simple.

Though I still grab specific images for my desktop wallpaper, I have to confess, the standard sets of Microsoft-provided themes for Windows 7 are very nice.  I particularly like the scenic ones.

However it was a drag having the images rotating on my desktop a bit limited. By default the stock themes only contain five to seven wallpapers.  If I wanted to rotate to additional ones I had to switch to a different theme set.

Wouldn’t it be nice to have, say, just one theme with all the landscape/scenic themes?  But how?

Easy.

Get your Theme Material

First I had to get the source material by downloading or identifying all the themes with wallpapers I wanted to use.

  • Extract 5 Hidden Windows 7 International Themes (AU, CA, GB, US, ZA) – ITechnobuzz .  Offers that there are some additional “hidden” themes in the “…MCT folder with Path = “C:\Windows\Globalization\MCT” consists of 5 Hidden International Themes of Australia , Canada, United Kingdom, United States and South Africa.”
  • [How To] Add More Wallpapers to Existing Themes in Windows 7 - Windows 7 hacker post informs us that “…the default theme configuration files that come with Windows 7 are all located in c:\windows\resources\themes folder. You can find 6 of them there after you first installed Windows 7.  But all wallpaper files are not saved in the same folder. Instead, you can find them in c:\windows\web\wallpaper folder, in each organized subfolder.”
  • Personalization Gallery - Windows 7 themes, wallpapers, and gadgets - Microsoft Windows site has some wonderful commercial and scenic themes you can download.  I took a lot of of my scenic ones from these beautiful locations.  Download as many as you need, but I chose to “Save As” rather than download/install them.
  • my 7 themes . net – Additional collections of pre-packaged Windows 7 themes. I found just a few more here I downloaded as well.

Fill-Her-Up!

OK.  Next I made a folder on my desktop so it would be easy to navigate to.  I simply named it “Wallpapers”.

I also made a 2nd folder on my desktop called “Extracted Themes”.

Into the “Wallpapers” folder I just copied the accessible desktop wallpaper files from the c:\windows\web\wallpaper subfolders that I wanted.

Next I copied the various filename.theme files from the various locations where I had downloaded or located them (as noted above) into the “Extracted Themes” folder.

Now, we need to get into those theme packs to extract the wallpaper files.

Method One:  If you already have 7-Zip handy, you can use it to de-compress the filename.theme files you have directly with no fuss.

Method Two: If you don’t have it or don’t want to, just rename the file extension for each of the themepacks to .cab

That turns them back into their true format as a Microsoft “Cabinet” file format.  Then you can just use Windows 7’s own ability to open/extract them.

So once you have them all extracted, copy the appropriate wallpaper files you find within into the “Wallpapers” folder you made.

When you are all done, you should have quite a few desktop image files in the Wallpaper folder.

Move it and Set it

To tuck the “Wallpapers” folder away, I simply moved it to my user “Pictures” folder for safekeeping.  You can put it anywhere that makes sense to you.

Then I right-clicked on the desktop and selected “Personalize”

I clicked on the “Desktop Background” item at the bottom of that window.

I clicked on the “Browse” button to go to my Pictures\Wallpaper folder location and selected it.

I then verified the images I wanted to include as well as tweaked the rotation time and set them to “shuffle”

I saved the settings.

My super-duper scenic rotating wallpaper image theme was now ready to go!

(Note, you could easily add any additional images to this folder as well; these could be your own personal photos, other images downloaded from the net, whatever.  You don’t have to stick with just these theme wallpapers.)

Additional Diving

For more tips and background on Windows themes and the format that drives them, you might find these posts good reference material.

Cheers!
--Claus V.

I Clausius Domesticus

I’m trying to get my feet back on the carpet at home this weekend.

Very trying week at work, coupled with a daughter out Friday night to help leading in a girl’s sleepover function, and a cold, wet, dark Friday night seemed to be a recipe for adventure.

Alas, wonderful and exhausted couple we were; this only led to a late-night turn-in and fitful slumber as the child-unit wasn’t in her bed.

Parenthood.

For reasons that probably need a therapist to decipher, I’ve been hooked lately on the fascinating world of research in higher education courtesy of  Dr. Isis’s On Becoming a Domestic and Laboratory Goddess blog.  Got to give the Dr. her due, she really has a classy taste in shoes.  I know. Right?

Anyway, I do like Dr. Isis’s views on women in science and the challenges that are faced both from within and without.  Popular culture seems to see such women as either mousey shrews or subtlety-sexualized brainiacs whose real value comes in counterpointing the heroic male stud.

So when I read Dr. Isis post Ask Dr. Isis - How Do I Convince a Young Girl That Math = Hot? : On Becoming a Domestic and Laboratory Goddess it really hit home.  Particularly since Alvis and I spend many hours on Thursday trying to sort out electron charges and configurations for her advanced placement sophomore chemistry class.  I’m not a chemistry dude so most of that has been long forgotten.  I kept encouraging her to call my little bro who has a masters in chem engineering (with honors) but she was determined to figure it out.  Fortunately, I had loaded both the incredible freeware tools Periodic Table and Periodic Table Explorer from Paul Alan Freshney and they ended up saving both our butts.

Alvis, if you are reading this…check out that post then go back and bookmark her blog and have fun looking a her shoes as well.  (You can be smart and empowered, and classy at the same time.)

It was amazing watching her struggle to get the notations down, and then I felt pride as she had a few “eureka” moments when concepts seemed to click in her brain.  She really seemed to be getting into it.  She excels in both math and science and really loves the science channels.  But she is also confronted on a daily basis at school with teachers who don’t seem to engage the girls seriously in science. Not to mention how geeky girls are considered socially in high school.

Reading Dr. Isis post on her own conversion from brawling to a pursuit of contribution to the body of science (and not just a body in science) was both refreshing and scary as a father.  How indeed can I continue to encourage dear Alvis to cherish the pursuit of scientific learning while fostering a sense of wonder and encouragement that she really could excel in those fields, if she so chose?

In other news, I found this post of 20 New High Quality Free Fonts at Smashing Magazine pretty neat.  While some of the fonts seemed a bit tired, others were more than cool and will make nice enhancement to some of the PowerPoint work I’ve been doing lately.

The Icon Archive has recently taken top honor in my icon-related bookmark set.  It contains an amazing collection of full-set icon files for Windows (Vista/Win7 high-res quality) carefully culled by the maintainer from across the net.  Yes, many can be found at other sites as well, but for one-stop shopping, this has got to be one of the best sites. Just be aware that your IP is monitored and if you try to download too many at once, you will have to wait for 6-8 hrs before being allowed to resume your downloads.  So don’t be greedy!

Tonight I’m trying to re-create a wonderful roasted-chicken dish Boss brought last year to our work holiday luncheon.  She has some kind of connection to Argentina so it had an amazing roasted flavor and seasoning that didn’t fit anything from around here.  Alas, I’ve not yet been able to get the recipe from her yet.

So I’m trying my first attempt at a pale shadow of it.

The From Argentina With Love blog held this workable foundation for me: Chicken and Potatoes-Pollo con Papas.

It seemed close but didn’t capture the seasoning rub that I seemed to recall.  So more research on the web led me to this Chimichurri Mix & Rub : Asado Argentina.

Between the two I’m hoping for some success.  It has roasted chicken skin which will delight Alvis and lots or roasted potatoes which will make Lavie happy.  Me?  Let me dig into the meat.

And on top of it, UH won their game and UT is slated to kick off in a few more hours.

Maybe the weekend is shaping up OK after-all.

And for insurance against the botched Friday date-night with Lavie? I’ve got a Dutch Apple pie ready to go into the oven, two packages of fresh strawberries, and chocolate-covered almonds.  If the Argentine roasted-chicken/potatoes doesn’t help me I’m counting on a strong finish with the Missus from the dessert offerings.

Yummers.

Claus V.

Saturday, November 14, 2009

One Windows 7 Upgrade down, two (maybe three) to go…

Whew!

Been working on getting my own laptop upgraded from Windows Vista Home Premium x32 to Windows 7 Home Premium x64 (via Family Pack) just about all day long.

Too tired to post a full post-mortem on the job.  Suffice it to say it wasn’t so much of a technical-challenge as it was a volume-challenge due to my own configurations.

I had purchased a new Western Digital 320 GB laptop drive in anticipation of this day.  That was a needed upgrade over the 120 GB stock one originally shipped with the system.

I decided that I really wanted to do a true “clean install” rather than an in place upgrade.  And so I did.  In the end I had to do an un-activated clean install (custom) of Windows 7 on my bare drive (after some quick DiskPart work), then re-run the Win7 setup and do an “upgrade” install of the clean install. 

I know. Crazy, right? 

Once that was on (the second taking much longer than the first…even from the USB-based media I was using) and all the updates loaded, the update key worked fine.  For more on the technique I used see this Paul Thurrott post Clean Install Windows 7 with Upgrade Media.

Then most of rest of the day was spent copying my files from both the mounted VHD-based Win7 RC I had been using as well as the Vista sourced user-data files from the old hdd via a USB adapter cable.  I’ve gotten about 90% of the applications re-installed and set back up at this point.

I didn’t really have any terrible challenges. 

My Logitech SetPoint software still wouldn’t work (allow the custom click-button options to operate as set) until I configured it to run with administrator rights after login event under a “scheduled task” as I had done previously with Vista (despite downloading the Windows7 x64 software from Logitech).   Startup Program Unblocker (for Vista) might work as well but I haven’t tried it on Windows 7.

The only other “serious” issue I had was with the ImDisk Virtual Disk Drive app.  It is “supported” for Windows 7 as well as x64 bit deployments…only you have to jump through some hoops due to driver signing.  In my case I did all the tricks documented on the page, but it still would fail when I tried to mount supported files via the right-click context shell.  However, if I launched the ImDisk Control Panel applet, then used it to mount the target files, it worked fine.  Strange.  So for now, I just have a shortcut to that particular CPL icon on my desktop that am using instead.  No biggie but just not quite as convenient.  I’ll slay that dragon later.

update: finally got ImDisk working Sunday.  Had to re-download the test certificate from Olof Lagerkvist again and probably did overkill but imported it into multiple certificate store locations for good measure.  Collected even more links/tips/techniques regarding this as I expect x64 bit life will be a bit of a headache when it comes to loading/running drivers and the need for certificates….cv

In better news, the VHD Attach utility at Medo’s Home Page is working perfectly saving me from batch-file voodoo or using the storage-manager MMC snap-in to manage and mount the many VHD files I’ve got.  And both the ImageX GUI (GImageX) utility for WIM file handing as well as Je Jin’s DISM Tool for toying around with DISM-based hacking on WIM files work great as well so far.

I learned that for maximum Java compatibility, it’s best to co-install both the x64 and x32 bit versions concurrently. Sun provides two helpful posts: Which version of Java should I download for my Windows 64-bit operating system? and Why do I need Java 6 Update 10 and above for Firefox 3.6 and later versions? which may or may not help clear things up for you.

Also, there still is no Flash Player support on 64-bit operating systems though it may be coming very soon.

When I installed Apple’s Safari/Quicktime combo, the install failed.  However after I uninstalled it, and first installed the standalone version of Quicktime, then the standalone version of Safari, both worked fine.

For reasons unknown, it took me three uninstall/reinstall attempts to get Paint.net 3.5 working.  It’s doing well, thank you very much.

For the curious, I’m just using the Windows 7 provided Firewall along with trying out Microsoft Security Essentials as my AV/AM solution for the moment.  Alex Eckelberry had kindly provided me some licenses for Sunbelt Software’s VIPRE Antivirus Software.  I’ve been using them on the XP Home system as well as both the Vista and Win7 RC loads (both x32 and x64) for quite some time now.  It has performed perfectly with no issues, and I have to confess it is my recommended non-freeware ($) AV/AM solution, hands down.  And don’t let me go evangelistic regarding the free response tool VIPRE Rescue they provide.

So why the switch?  I just really felt I needed to give it a fair real-use performance test now that I have migrated to a full Win7 install.  I may leave it or I may keep it.  Not sure.  Jury remains in deliberation requesting lunch from the bailiffs at the moment.

I haven’t done much system tweaking yet.  I did mod the login background using the freeware Windows 7 Logon Background Changer and used a modded FxVisor utility form x64 found under “Method Two” of this Shortcut Arrow - Vista Forums post.  I used FxVisor before on x32 Vista with no issues, but it crashed under x64 Windows 7 and the original site (Frameworkx) is now gone.  So that this version worked as expected was wonderful.  Alternatively you could try a more expansive tweaking tool like XdN Tweaker or WinBubble 1.76 or even Ultimate Windows Tweaker v2.  There also also the trial/$ tweaking tools of Stardock’s Tweak7 and Totalidea’s Tweak Windows 7 as well.  Me?  Those are great to have at hand, but for a simple tweak like changing the shortcut icon size, FxVisor does the job perfectly and has the pretty tiny blue styled shortcut arrow I have grown used to seeing.

I’ve been using a modified form of “super-folders” on my XP system at work.  By that I just make a folder on my desktop for a theme or project group.  Then I make shortcuts of all the related “actual” folders and put those shortcuts into the themed “super-folder”.  This way I just have to open up that folder and I have links to all the related folders/content they contain in one place.  A similar way exists in Windows 7 but is much more seamless and transparent.  This MakeUseOf post Windows 7 Libraries Explained – And Why You Want Them details just how useful and wonderful Libraries are.

Finally, as I get the other two laptops upgraded to Windows 7, I’ll probably be expanding our use and enablement of the Windows 7 “Home Group” feature. For all kinds of geeky technical goodness on Windows 7 Home Group features see this Engineering Windows 7  blog post At Home with HomeGroup in Windows 7.

That leaves the XP desktop system awaiting it’s fate.  I’ve already got the three available licenses of the Win7 Family pack allocated to our three laptops…but I might roll a Win7 RC x32 build onto the desktop system for now.  I’ve got a rogue driver again causing the hdd to lock up with disk-activity again.  That should take care of that issue and tide me over until March 2010 until the bihourly shutdowns kick in and then until July 2010 when it fully expires.  Then I can decide if I want to plunk down for a single upgrade box or even retire the system.

Is there an easier way? Probably.  I would have liked to try to use Lavie’s Vista Home Premium install to attempt an in-pace upgrade to Windows 7 Home Premium, but since I am going from x32 to x64 bit, that won’t easily work.  And Alvis’s laptop was completely paved to Windows 7 RC so it will be a clean-install of sorts as well.  Luckily, my WD 320 GB portable USB drive has more than enough space to handle all the file/folder migrations required for both systems.

So many systems….so little time…

Happy Upgrading.

Claus V.

PS: for more tips see this previous Windows 7 Resources – Hot off the DVD Presses! GSD post that gave me lots of material as I prepped for the rollout process….

Sunday, November 08, 2009

Oops! Spilled COFEE, USB flash write/block thoughts, and nice tips

image

“spilled the goodness” flickr cc image by Fricke_K

In case you haven’t seen it yet…

COFEE stands for the Computer Online Forensic Evidence Extractor which is a forensics tool made by Microsoft and distributed to law-enforcement groups.  As such it seems to have a strange aura about it and sometimes generates discussions along the lines of the MiB.

AFAIK, it is just another tool that builds on Win PE technology and incorporates some automated tools (many of which are reported to be commonly available and free system and forensics utilities).  For most non-law-enforcement folks it is something like “dark-magic”.  I suspect for most forensics pros, it’s just one of many tools in the toolbox.

Anyway, seems that it accidentally got leaked onto the Net via a/some Torrent sites and is now in the wild.  And it seems it is providing more yawns than MiB snatchings from those who have cared to download it.

So far, only Martin over on his Network Security Blog has posted a thoughtful consideration on the impact, if any, this spill has: » Ethics of spilled COFEE

I’ve not bothered to download it, and probably won’t.  I’ve already got more than enough Windows PE boot systems, Linux Forensic LiveCD distros, and freeware forensics and system utilities that allow me more than enough avenues to take while assessing and analyzing a system; some but not all of which are automated.

In the end, while such tools can greatly aid the investigator sorting through ever-growing drive content volume, discovery and accurate analysis remain the domain not of automated tools, but of the skill and understanding of forensic investigators.  Even the best tools can often lead justice astray in the name of forensics investigations of Windows systems if the investigator isn’t fully clued in to what they are observing.

Topic Shift…USB storage write-blocking solutions

Miles over at the wonderfully informative and inspirational TinyApps.Org Blog tipped me off to the above forensic WriteBlocker.  At around $199, it is quite a nice pricepoint and doesn’t require the normal slew of cables and connectors other write-block devices frequently require.

Miles noted this product in particular not just for the write-block protection it can provide in imaging seized USB storage devices during an investigation or incident response, but as an alternative to a endangered tech species: USB flash drives with write/lock switches.  My work-issued Kangaroo brand drive has a write-block switch on it. Miles has found a few others.  The value of these is that they allow us to attach a USB stick loaded with tools/utilities to a suspect or infected system without fear of cross-contamination of the USB.  It’s a critical feature that is getting harder and harder to find on USB sticks.  Thus this tool might provide an (albeit expensive) solution for that bleak future.

One alternative might be to pick up a SD flash card as many of these still have write-block switches on them. Couple that with a SD card reader or USB SD card housing and you might hack-n-stien one together in a pinch.

Update: TinyApps bloggist Miles quickly responded with some valuable experiences and research on the effectiveness (or lack thereof) of the SD write/no-write switch.

Takeaway…yes SD write protected cards on a USB connection/reader “might” be fairly safe but with the correct software, it is demonstrably not a 100% bullet-proof solution.  So again, an optical disk-based boot system (Linux LiveCD/WinPE) or a physical write-block device specifically designed for that purpose may yet still be the only viable solutions.  Looks like this is a subject for more research and investigation!

Thanks Miles!

If anyone else has any linkage to offer on the subject of flash-based write/block effectiveness, please drop your tips in the comments!

I’m wondering (and might request a USB WriteBlocker for review) if it could be coupled with a USB2.0 Adapter For IDE/SATA Device to effectively make an ultra-micro physical write-block tool to use with image-capture of IDE/SATA drives.  Not sure.

Recent WindowsIR Goodness

Finally the Windows Incident Response blog has had two great posts of late:

In which Harlan tips us to this gem of an update:

Rifiuti, the tool from FoundStone for parsing Recycle Bin INFO2 files, has a version available for Vista Recycle Bins called rifiuti2. This is actually a rewrite of the original code, according to the Google Code page. And yes, there is a version available for Windows.

Equally informative as Harlan tips us to some development in RegRipper (I can’t wait to see since getting to use it recently in a live-fire incident response).  Also included were suggestions on just how RegRipper could be used with both images or against a remote (live) system.

Good stuff all the way around.

Now where did I put those handy paper towels?

--Claus V.

Super-Duper-duper Linkfest

Whole lot of link-dumping going on.

Mostly applications and utilities of note released this week.

Hope you find some nice pickings here!

Cheers!

--Claus V.

Windows 7 Resources – Hot off the DVD Presses!

Geeklet and I were out running errands Saturday and I decided to see if I could snag a copy of Windows 7 Family pack (W7-FP).

We are running W7 Ultimate (RC) versions of 32/64 bit loads on all our laptops.  It is rock-solid and approved by both the ladies over Vista.  While there is no hurry to repave to the RTM version, I figure I would do well to get the final disk set in my hands so I could re-deploy as time allowed.

Alvis even sounded enthusiastic when I suggested letting her do her own system install this time.

Alas, the first location we tried had quite a few “shell” display boxes of W7-FP but a search through the inventory found the actual product was out of stock.

Later Lavie and I went out on a second mission together and I dropped in at the local big-box electronics store. Also holding many W7-FP display boxes on the shelf, but again I was told there were none in stock….this time with a cheerful “we are out of them across the district area” to boot.  No, thank you, I didn’t want any of the widely in-stock W7 Professional or Ultimate single-license upgrade DVDs.

So the search continues.  Either it really was a limited-time release (if so Epic Fail, MS!) or hopefully more are in the pipes. 

I’m going to widen my search this week with some more locations in Houston proper.  I might be able to find an on-line download/purchase but after the fits some EDU student license users reported having, I’m a bit hesitant to go that route for now.

That said, with a soured economy, and the bargain price of 3 CALs (actually one to cover three systems) for about $150, I’m not surprised this is a hard item to find.

Here are a lot of Windows 7 related links in the meantime to wet your appetite.

Cheers!

--Claus V.

A bright new toy…Fenix LD 20 LED light

image

So about a week ago I was crawling in ceiling space inspecting new network cabling and removing old.

Somewhere along the way I misplaced the datacomm/telecom scissors out of my Paladin GripPack SurePunch Technician’s kit.   Bummer.

I spent quite a lot more time then trying to hunt them back up to no avail.  In the end I had to pop onto Amazon and order a replacement set.  However while there I learned that I had a bit of un-used Amazon gift-certificate $ on my account that I had forgotten so I figured a new flashlight was in order as well.

I had been looking at LED based lights for some time.  I have a 2-D cell Maglite in my larger tool kit, and there is the 2-AA Maglite in my cabling kit mentioned above.  I then have a 3-D cell Maglite at home and yet another 2-AA Maglite as well.  I also have a micro single AAA keychain Maglite in my car’s center console.  Like most male Americans, the Maglite has been the ubiquitous flashlight of choice in our home. However, after Hurricane Ike hit and Lavie stocked us up with two LED based Coleman lanterns, I couldn’t quite get the nice white LED light and performance out of my mind.

And the cable inspection and work in attic ceiling space with the Maglite really left me a bit unsatisfied.  The light wasn’t as intense and it was very hard to shoot a tight beam past 10 or 15 yards.

So I started looking at a LED light upgrade.  With no real experience or knowledge about them to guide me.

I initially set my eyes on this Smith and Wesson Fluxion Rebel 5 Watt Tactical Flashlight.  It seemed to get good reviews, was at a nice price-point, and had a handy barrel clip.  It looked geeky and cool.

However after reading the customer reviews on the page, I saw more than a few recommendations for Fenix brand LED lights.

So I looked some more on Amazon and found this Fenix L2D 6 Level High Performance Cree LED Flashlight.  It was more expensive and didn’t have the handy clip, but wider reviews on the Net seemed very positive. Not only that, but it had six different light-output levels.

I had almost clicked “add to cart” when I spotted in the sidebar a recommendation for the Fenix LD 20 6 Level High Performance Cree LED Flashlight.  It was again, about $5.00 more expensive than the LD 2 model.  Hmm.

So I hit the wider Net for some understanding on the difference (if any) between them.

And soon learned that the Fenix (pronounced “phoenix”) LD 20 was a no-brainer choice.

In all the reviews it was clear that the LD-20 provided a brighter, tighter beam at almost the same price as the previous model, and the Fenix was a up and coming line to watch.

So I ordered it.  (Note: this was paid for out of our own $.  No loaner or freebee provided for this post.)

And when it came in Alvis and Lavie both quickly attempted to appropriate it from me.

After reading the reviews linked above, it is clear that there is tremendous technology packed in these little lights.  And the pros who review them really have a language of their own.

So for the non-luminary geeks who are wondering about a Fenix LD 20, here are my observations.

  1. It is really, really bright. I could probably drive my car at night in an emergency if I had to by the light it throws off in “turbo mode (180 lumens)”.
  2. The beam center is tight and very bright with no dark “donuts” on my unit.
  3. I really love the clean “white” light the LED generates.  It is much easier to see object detail than the old incandescent bulb light in my Maglites.
  4. Unlike the LD-2 which has a round barrel design, the LD-20 has hexagonal rings like a pencil.  This keeps it from rolling off flat surfaces.
  5. While the variations in the barrel turning seem silly at first compared to the smooth simple design of Maglites, the Fenix design actually provides a more secure grip in my experience, particularly when wearing tactical (or mechanic’s) style gloves.  I either wear a pair of thinner black batting gloves or heavier leather mechanics gloves when doing cable pulling or equipment moving and had no worries that the light was going to slip out of my hands unlike the Maglite barrel.  Having the ability to attach a wrist-lanyard to the end also provides extra drop-free confidence.
  6. It looks mean and cool and techy and “tactical” like something taken directly off the underside of a handgun rail.
  7. The belt-clip is a very nice feature if you aren’t going to use the also nice nylon belt holster (provided) or the lanyard (also provided).  In fact, based on the way I use mini-lights at work and home, if it didn’t have a belt-clip I would take a pass.
  8. It has a great weight and balance in the hand.
  9. It uses 2 standard AA batteries.  Although lithium grade AA cells are recommended for longer light output, this is a really great feature as alkaline are cheap and common and last quite well.  If they do die, you can easily raid a quartz wall clock or something to exchange, and not have to be stuck looking for a custom-size battery that some other LED lights provide.
  10. The price is an amazing value for the quality and performance. 
  11. The mechanical “click-on/click-off” is satisfying, but to change light intensity levels (low, medium, high) a soft button touch is only required.  Then twist the bezel and both “turbo” and “strobe” are also available at a soft-touch.
  12. Yes. It really is water-proof (within limits) and functions underwater (though is no replacement for a dive-light).  So you don’t need to worry if it falls into the ditch, or a puddle, or whatever.

My only problem now is what to do with it.  It’s so nice I don’t want to leave it buried in my large response/tool bag at work.

Instead it will have to go into my smaller daily hand-carry kit along with my classic Leatherman tool, custom USB response stick, Gerber utility mini-knife, and USB hard-drive.  Some tools just need to be always at hand!

Shhh. Don’t tell anyone but I think I know what the guys in my family are getting for Christmas this year.  (And maybe my geeky girls as well!)

Fenix LD 20 High Performance LED flashlight – Highly Valca Recommended!

--Claus V.

Sunday, November 01, 2009

Fast Forensics Touch-and-Go

Touch-n-go

“C-17 Touch and Go” flickr cc image by vortran69

That last post, Sexy USB Boots (Win PE style) and the DST “fall-back” have taken a toll on me.

I had hoped to spend more time crafting this post, but I need to turn in now to be functional for when I report for duty tomorrow morning.

So here is a quick flyby of forensics related posts I have collected over the past two weeks.

Enjoy.

  • Windows 7 and the Future of Forensic Analysis – Windows Incident Response blog – nice touch-n-go on forensics in the new dawn of Windows 7. Fortunately, Windows 7 adopts many of the habits of Vista which has already been in the wild for a while so it isn’t like everyone is starting from scratch.  That said, the continued proliferation and relatively slow adoption rate of Vista means that XP has been a much more comfortable realm for many incident responders to work in.  Windows 7 will probably see a faster upgrade and saturation level so it’s time we all get prepared for what it brings to the table.

  • Timeline Creation Tools – Windows Incident Response blog – Harlan build on the challenges and techniques of timeline building in incident response.  I’m still going back and rereading all his posts on this subject and others such as this Registry Analysis post from SANS Computer Forensics, Investigation, and Response blog.

  • Windows 7 Computer Forensics – SANS Computer Forensics, Investigation, and Response blog.  Returning to Harlan’s first post above, this must be bookmarked as it contains some excellent material for reference, not just for forensic guys and gals but also for sysadmins of Windows 7 systems.  Great stuff!

  • Free Tools – Windows Incident Response blog – I’m so jealous of Harlan for getting this one up!  He has thrown down the gauntlet and provides a great intro listing of wonderful free (and many portable) utilities of interest for forensic examiners.  I’ve got many of these tools in my toolbox, plus a whole stable of many more as well.  Now I’m feeling guilty for not have the time at the moment to get them all cataloged and back-linked to share as a resource for the forensics community.  Harlan has shamed me into dealing with this so my goal is to get it up before the year is out.  I’m probably going to have to take a few days off work to get it done.

  • Tableau Forensic Products - TIM. – Tableau is teasing us with their own imaging solution that promises to be fast and easy and rock-solid.  I’m intrigued and hope they offer a beta-download to play with soon.  I also hope it is USB portable for use under Win PE booting.

  • 8 bits: View the contents of a DD image while it’s being made. I’m not sure how regularly applicable this information is, but for someone who occasionally does make dd-format images, it is cool anyway to know.

  • CAINE Live CD. – Version 1.0 released! – new release in both a boot disk ISO and a USB bootable device image doesn’t seem to bring any radical changes or features, mostly just bug fixes.  Still, if you are using CAINE (and you should be familiar with it) as a forensic LiveCD to offline boot/image/inspect a system, you will definitely want to update to this version.

  • DEFT v4.2.1 release DEFT Linux - Computer Forensics live cd.  Likewise, this also excellent forensic LiveCD distro also got a minor bug-fix update.  So update to this DEFT version as well.  This isn’t related to the promised DEFT Linux v5 road map and features which promises to bring some more bells-n-whistles to this fine forensics LiveCD distro.  No word when beta releases will be available but I suspect the critical bug fixes to v4 DEFT led to some delays in getting work on v5 completed.

  • JADsoftware - EDD home page. Jad has been hard at work updating his Encrypted Disk Detector freeware utility to version 1.1.0 which includes the following new features/release details: “…Now EDD also checks mounted logical volumes and attempts to determine if they are encrypted TrueCrypt or PGP volumes. A 100% determination can not be made but an alert is provided to the user who can then further investigate. EDD is now included as part of Microsoft COFEE!”  Spotted via this Net-Security.org post: Encrypted Disk Detector 1.1.0 released.  Related, Jad’s Internet Evidence Finder utility was also recently updated to version 2.0.6 to bring in lots of great feature improvements as well.

Back into the skies for now!

--Claus V.

Sexy USB Boots (Win PE style)

sexy boots“Tiffany’s New Boots” flickr cc image by akseez

Due to a generous birthday-fun contribution from my little bro I recently picked up a Patriot Xporter XT Boost 16GB flash drive stick for my personal use.  I’ve got a number of 512 MB ones scattered around, as well as my dependable 2 GB one, but after the latest round of family IT support service calls, I really wanted one with enough room that I could store all my portable utilities on; and still have enough room for a few ISO files.  More importantly I wanted a fairly-fast USB stick I could configure to use as a Win PE boot device.

Not that I have anything against bootable CD/DVD media.  It certainly has its place, but having a Win PE boot stick is just so much more sexy.  Not only is it wicked-fast for off-line booting a Windows system for response and support, but it also allows me to save log data or recovered files directly to, rather than try to offload them to a network share, the Net, or a non-booting USB storage device.

I’ve already covered this ground before at work with my current “for work purposes only” 8 GB USB stick.  For that I used PurvianceCS’s post on how to Create a Bootable VistaPE USB Hard Drive or Flashdrive.  Because this was based on my earlier VistaPE building work, it was a natural progression and worked flawlessly.  It does use GRUB as the bootloader for the Win PE WIM handoff.  That’s no problem and GRUB has an amazing amount of flexibility for multi-booting USB devices. However, to be honest, I never use any of the additional boot options it provides.  I just boot to the Win PE WIM file and continue on.

I had in the past posted a few link round-ups to various ways and tools and techniques for making USB devices bootable.

They all are good and provide lots of great background but I really wanted a solution that was dead-fast, simple, and rock-solid for setting up a (supported) USB storage device to be used as a boot device for Win PE builds.

This was particularly important for me as well since in our IT shop we now have over twenty-five portable Western Digital external hard drives that I keep updated with ImageX-based WIM images of our various hardware systems.  When I hand them out on projects, a folder goes with them containing CD-ROM’s of my custom Win PE boot disk along with a Clonezilla disk as well (images for those are on the drives as well).  Wouldn’t it be nice if the CD drive was funky or problematic to allow the techs to boot directly from the same device the images were stored on? Yep.

So after some brief work and experimentation, I found the following technique worked “bestest and fastest” for not only making my personal USB device quickly bootable, but all these external USB hard drives as well.  And all done with my own hands!

The Technique

This assumes a few things first, so let’s get those out of the way.

  1. There is nothing now on the drive you want to save (or you have backed it up already).
  2. The drive is (or will be) NTFS formatted.  (I’m not sure this is a requirement but it seems to improve speed.)
  3. The USB storage device supports USB booting (not all do).
  4. You are reasonably comfortable with CLI work, including DISKPART.
  5. You already know that to use the thing, you may have to set your BIOS to the “boot from USB” option (or select it in a one-time boot option at BIOS startup…).

I actually found this easiest to do while running under a Win PE 2.0 (Vista) or Win PE 3.0 (Win7) session, though you can do it from an administrator-elevated command prompt session under Vista or Windows 7 as well.

Note: Please read this carefully, review the provided supporting cross-linked posts, and make sure you understand what you are doing in advance. Also be sure you have all the required ingredients ready and on the counter-top before you start cooking!  If you don’t or aren’t sure what you are doing, you run the risk of nuking your system, possibly un-recoverably!  Your Poodles might turn pink and your beloved family hamsters might escape in the night.

Format the Drive

  1. Pop in your USB storage device.
  2. Open a command session (CMD.exe).  If not using a Win PE session, go to “Start” –> “Programs” –> “Accessories” –> “Command Prompt” and right-click and select “Run as administrator”
  3. Type DISKPART
  4. Let’s make sure you correctly identify which drive number your USB device is listed as!
  5. Type LIST DISK
  6. All storage devices will be listed.  You should be able to tell which yours is by the size. In most cases, mine shows up as “1” with my local hard-drive listed as “0”.  Yours may vary so check carefully and use your drive number accordingly in the next steps!
  7. Let’s clean up the drive first to avoid any issues.  Note: data loss will occur on the device at this point!
  8. Type SELECT DISK 1   (this makes the USB drive the focus of the actions to follow)
  9. Type CLEAN       (This deletes the MBR section of the storage device)
  10. Type CREATE PARTITION PRIMARY     (This creates a fresh, single partition out of the available space)
  11. Type ACTIVE      (This makes firmware see the partition as a “system” partition)
  12. Type ASSIGN     (This assigns the next available drive letter to the device)
  13. Type LIST VOLUME   (Take a look and make note of what drive letter got assigned to the USB device)
  14. Type EXIT

Now type the following to actually format the USB device.  Make sure your drive letter is correct!

Format <drive letter>: /fs:ntfs /q /y     (where <drive letter>: equals the USB device letter found from #13 above…in my case it was e:  )

This formats the drive letter listed, with the NTFS file system, quick, without requiring confirmation checks.

And yes…I know you can also do a format from within DISKPART.  I just like doing it this way.  It’s a personal preference thing….

Pull on your USB Boots

Now we need to do some mojo-jojo to make the USB storage device bootable.  To do so we need the BOOTSECT.EXE utility.  It is on Vista and Windows 7 setup disks as well as within the Windows AIK kits for both.

I suppose you can find it available with Google as well, but I like to have the real thing from source.

The simplest way I can recommend getting BOOTSECT.EXE is to download and install one of the following WAIK’s from Microsoft.  In fact, if you are bothering to read this post, and are a WinPE builder, I’d be surprised if you didn’t already have one of these installed.

If you have already installed it, you can find the file in either of the following locations (depending on what flavor you want).

C:\Program Files\Windows AIK\Tools\PETools\x86\bootsect.exe
C:\Program Files\Windows AIK\Tools\PETools\amd64\bootsect.exe

If you do, say, have a hand-me-down WinPE boot CD/DVD but don’t want to install the WAIK to get the tool, an alternative is to extract it from the downloaded WAIK ISO file.

You can use various freeware utilities (SlySoft Virtual CloneDrive, or Pismo File Mount, or ImDisk) to mount the ISO as a virtual folder/drive.

Then follow the tips in this handy NirSoft Blog post -- How to extract missing system files from the DVD of Windows 7/Vista -- and browse to the following location in the WAIK ISO:

\KB3AIK_EN.iso\WinPE.cab\F1_WINPE.WIM\1\Windows\System32\bootsect.exe

…and extract the file.

Mkay?

Now, in your command-line session browse over to the directory location where you have placed the BOOTSECT.EXE file and execute it with the following command:

BOOTSECT /NT60 <usb drive letter>    (Where <usb drive letter> equals your USB device)

again, in my case I would be typing BOOTSECT /NT60 E:

If all goes well you will get a message about the process updating correctly.

Type EXIT to close out the command window.

Need more info on BootSect magic?

Add your Win PE boot file.

Last step is to copy over the required files from your pre-build WinPE CD/DVD disk.

In my case I was using the Win PE 2.0/3.0 files from these previous GSD projects:

Using your favorite Windows file manager program (with options enabled to see system/hidden files) pop your Win PE 2.0 or 3.0 boot disk into your system and then copy the following files/folders over to the root of your USB device:

  • BOOT (folder & contents)
  • EFI (folder & contents)
  • SOURCES (folder & contents)
  • bootmgr (file)

At this point, you can also copy over any additional folders, (portable) programs, etc. that you might want to have available from the USB device when you boot into the Win PE environment.

You should now be able to just pop the device into a system that supports USB device booting, and selecting that option (if not already configured in the BIOS) boot the system to test.

Has worked like a charm on my devices and systems using this technique.  Sexy USB drive booting goodness, much faster and more convenient for system support than optical media based Win PE boot build can provide!

More Stuff

It seems like a lot of stuff to do to make your USB device bootable, but believe me. After making your tenth or eleventh USB storage device Win PE boot supported, you can do it in your sleep.  For me it now takes less than three or four minutes per device now to run down the steps.  Seriously!

One of the cool things I have found is that by setting up your USB storage device this way, just about any WIM PE based boot.wim file will be supported.

So what I did was create another folder SOURCES-EXTRAS and dumped other boot.wim file builds in it renamed with a descriptive hint.  Then when I want to boot using a particular Win PE build, I just have to first rename my primary WIM file in the SOURCES folder to something like boot.wim.x and then copy the alternative WIM out of by backup SOURCES-EXTRA folder into SOURCES folder, then rename it to boot.wim.  This gives me greater flexiblity when I need a particular Win PE build.  Like not using my primary one with the sexy Laura Croft background wallpaper when I am at the in-laws…just for example….but the one with a more appropriate wallpaper for that particular audience.

Other boot.wim files I have stored are as follows:

In all these cases, generally I just need to copy the boot.wim file out of the SOURCES folder and (after renaming it) drop it into the SOURCES-EXTRA folder.  Sometimes these do carry extra folders on the root, so take a look around and make sure you get any supporting folders you might need for them to work properly.  Generally those will go under the USB device root.

I also make sure I have a copy of Imagex.exe taken from the WAIK was well. Note that the Win PE 3.0 IMAGEX version is more advanced (link to nice posts from 4sysops blog) than the Win PE 2.0 version.  While I like the added features in the PE 3.0 one, I still prefer using the PE 2.0 for image capture/application at work and home (for now).

Odds-n-Ends

Here are some more (mostly) related posts that might be of interest to you as you expand your USB WinPE booting device.

Now go and enjoy those sexy boots!

--Claus V.