Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

BartPE on a USB stick


  • Please log in to reply

#1
RupturedHope

RupturedHope

    Member

  • Member
  • PipPip
  • 52 posts

*Artellos waves

Yep, it was me who suggested a BartPE Disk :)

What -I- think is the best about BartPE is the file manager is similar to windows, creating an environment you'll recognize (and know).
You can build a disk yourself, or use a pre-made disk with some pre-installed applications on it.

Regards,
Olrik


Thought I should start the thread here, where it belongs. So now I have a usb stick, a hard disk with possibly infected files, and one working & clean computer.

I had been given to understand it is possible to make a mini-windows on a usb, so one could extract a few files individually --a digital airlock of sorts-- clean/print/transpose them in this BartPE environment, and then transfer the clean copies/new files elsewhere, effectively salvaging the data.

  • Can this be done?
  • How? (step by step, plz; I'm not fully digiliterate)

Edited by RupturedHope, 02 September 2009 - 11:35 AM.

  • 0

Advertisements


#2
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts
Hey,

I'm just building my own BartPE before I will dive into instructing you :)
Just a little patience is required. :)

Regards,
Olrik
  • 0

#3
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Patientkitteh haz patience.
  • 0

#4
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts
Hello again! :)

DISCLAIMER:
This post was approved by a GeekU Mod for posting for this specific user.
Members that are not Malware Staff should not use this speech to try and help other people.
If you suspect someone has this same issue, direct them to the malware forum.


You will need:
  • A Windows XP SP2 Installation Disk
  • A USB Stick with 512MB of space
And you will need to download:
PEBuilder
PE2USB
Windows 2003 Service Pack 1
Dr.Web CureIt!
PLEASE MAKE SURE YOU HAVE NO DATA ON THE USB DRIVE
WE WILL BE FORMATTING IT IN THIS PROCESS

  • Download all these files into one folder in your hard drive. (I.E. C:\pebuilder)
  • Write down the name of the Dr.Web Cure It! file. (pk5s383s.exe for me)
  • Open Start and hit Run then type cmd and hit enter.
  • In the command prompt, type the following commands:
    md C:\pebuilder\srsp1
    md C:\pebuilder\extras
    C:\pebuilder\WindowsServer2003-KB889101-SP1-x86-ENU.exe -x (you will be asked to extract them somewhere, answer with: C:\temp
    copy C:\temp\I386\setupldr.bin C:\pebuilder\srsp1\setupldr.bin
    expand -r C:\temp\I386\ramdisk.sy_ C:\pebuilder\srsp1\ramdisk.sys
    move C:\pebuilder\<cureit>.exe C:\pebuilder\extras\cureit.exe
    (Replace <cureit> with the name you made note of in step 2)
    '''Do not close the command prompt when you're done with these commands'''
  • Open up pebuilder.exe, Point the Source to your Windows XP Disk and The Custom to C:\pebuilder\extras.
  • Find out what Drive Letter your USB Drive is using. For ME that would be F:
  • Go back to the command prompt and type the following:
    C:\pebuilder\pe2usb.bat -f F:
    WARNING! THIS STEP FORMATS YOUR USB DRIVE
Ok, so now the USB is ready for use.
The next step would be to boot from the USB, you might need to change your boot order in the BIOS.
Then in the bottom left, click GO and open the Command Prompt.
Then in the command prompt, type:
X:\cureit.exe
This should start Dr.Web's Cure It! and will allow you to do a scan.

Sources:
http://users.telenet...ootPEUSB_UK.htm
http://www.freedrweb.com/
  • 0

#5
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Quick snag : my windows XP install cd is SP1... Yeah, it's that old. :)
  • 0

#6
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts
Hmm.. Try it with the SP1 disk first.
If it doesn't work we will get into slipstreaming SP2, But only if it's needed.

Regards,
Olrik
  • 0

#7
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
So once I have this USB stick, how do I use it? Do I disconnect the C drive, hook up the D drive, and just stick the USB in the computer?
I'm not sure, but I've never seen USB in the boot options before....

Sorry for the delay, by the way, been a bit tad busy juggling life and the repair of my flatmate's computer. :)

Edited by RupturedHope, 07 September 2009 - 11:24 PM.

  • 0

#8
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts
Hello again RupturedHope,

Once you have it set up, you make sure the BIOS is set to boot from your USB first. (Or use the boot menu, generally F12)
You don't have to disconnect the C Drive, you can just boot straight from the USB.
You should hook up the drive you want to scan. :)

And don't worry about the delay :) I have enough to do :)

Regards,
Olrik
  • 0

#9
schuc

schuc

    New Member

  • Member
  • Pip
  • 5 posts
Hello and thakns for this thread. I believe I followed the instructions at the top of this thread exactly and filled in a few items(like renaming pe2usb.cmd to pe2usb.bat before executing, etc), but the result still isn't ending up in a bootable flash drive that runs BartPE.

The creation of the BartPE process went without any errors. When I ran pe2usb.bat, my USB stick was formatted and the files on it are:

H:\>dir
Volume in drive H is USB
Volume Serial Number is F87B-956E

Directory of H:\

03/24/2005 08:33 PM 298,096 ntldr
08/03/2004 09:38 PM 47,564 ntdetect.com
11/30/2009 11:52 PM 157 winnt.sif
11/30/2009 11:55 PM 189,323,264 bartpe.iso
4 File(s) 189,669,081 bytes
0 Dir(s) 3,821,731,840 bytes free


Shouldn't the iso be expanded and not in the image file form there? Well, I expanded it on my USB stick as well and that didn't help, so I'm still trying to get this stick bootable...and with my BartPE environment running on it.

Any help would be greatly appreciated. Thanks!
  • 0

#10
excelcier

excelcier

    New Member

  • Member
  • Pip
  • 1 posts

Hello and thakns for this thread. I believe I followed the instructions at the top of this thread exactly and filled in a few items(like renaming pe2usb.cmd to pe2usb.bat before executing, etc), but the result still isn't ending up in a bootable flash drive that runs BartPE.

The creation of the BartPE process went without any errors. When I ran pe2usb.bat, my USB stick was formatted and the files on it are:

H:\>dir
Volume in drive H is USB
Volume Serial Number is F87B-956E

Directory of H:\

03/24/2005 08:33 PM 298,096 ntldr
08/03/2004 09:38 PM 47,564 ntdetect.com
11/30/2009 11:52 PM 157 winnt.sif
11/30/2009 11:55 PM 189,323,264 bartpe.iso
4 File(s) 189,669,081 bytes
0 Dir(s) 3,821,731,840 bytes free


I had the exact same experience. I have XPSP3, I ran this entire process several times and when I boot up, it doesn't boot from my USB stick. Yes, before asking, I verified I can boot from USB. I used the same USB stick, formatted it and put on MSDOS.sys, IO.sys and command.com from Win98 and voila.. C:\ prompt boot, no problem. I've also booted Ubuntu Linux. But, when I did this process for XP, it ignored the USB stick and booted normally. I have the same 4 files on the USB stick when I finished this process. What am I missing?

Shouldn't the iso be expanded and not in the image file form there? Well, I expanded it on my USB stick as well and that didn't help, so I'm still trying to get this stick bootable...and with my BartPE environment running on it.

Any help would be greatly appreciated. Thanks!


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP