WindowsDevCenter.com
oreilly.comSafari Books Online.Conferences.

advertisement


AddThis Social Bookmark Button

Hacking Your Car: Install Windows on a CompactFlash Card
Pages: 1, 2, 3

Setting Up MinLogon

First we'll set up MinLogon. This is an optional component—it is not necessary for running XP from a CF card, but it does improve boot time. Search the Repositories directory on your main hard disk for the latest version of minlogon.exe and transfer it to the test virtual machine or hard drive:



  1. First go to the Windows\System32 directory of your virtual machine and rename the file winlogon.exe to winlogon.exe.bak.

  2. Copy the minlogon.exe file to the Windows\System32 directory and rename it winlogon.exe.

  3. If a Windows File Protection warning comes up warning you about changing the filename, just cancel the dialog to ensure that the new MinLogon file isn't replaced by Windows File Protection.

  4. Next, create a text file called minlogon.reg. Edit the file and enter the following text:

    
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Config"=dword:00000017
    
  5. Save the file and then merge it into the Registry by double-clicking on it. Double-check the Registry to make sure the entries were entered properly.

  6. Reboot the system.

As long as you entered everything properly, the VM will boot into XP using the System account. The first time you boot up it will prepare the user settings for the System account, so it'll take a bit longer than usual. Once that is done, go ahead and reboot again to make sure everything is working properly. MinLogon may cause problems for some applications, so if you find that it doesn't fit your needs, just restore the original winlogon.exe.

Setting Up Enhanced Write Filter (EWF)

Now that MinLogon is working properly, you can go ahead and set up EWF. Before you do so, make sure you disable the paging file by right-clicking on My Computer, clicking the Advanced tab, clicking the Performance button, clicking the Change button in the Virtual Memory section, and selecting "No paging file." You'll also want to disable system restores, by right-clicking on My Computer, selecting the System Restore tab, and checking "Turn off System Restore." (These features interfere with EWF.) One bug I've found is that when booting with EWF, XP always brings up the recovery options at bootup. You can disable this by deleting the file named bootstat.dat in the Windows directory. You'll need to search the Repositories directory again for three files: ewf.sys, ewfntldr, and ewfmgr.exe. Since the directories may change with each release, make sure you search for the latest versions and place them on the VM system.

  1. Rename the ntldr file on your root drive to ntldr.bak.

  2. Move the ewfntldr file to your root drive, and rename it ntldr.

  3. Move ewfmgr.exe to your Windows\System32 folder.

  4. Move ewf.sys to your Windows\System32\drivers folder.

  5. Create a text file called ewf.reg and enter the text from Example 4-1. (You can download these files at http://www.oreilly.com/catalog/carpchks.)

    Example 4-1. Registry entries to set up Enhanced Write Filter

    
      Windows Registry Editor Version 5.00
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction]
      "Enable"="N"
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OptimalLayout]
      "EnableAutoLayout"=dword:00000000
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
      "NtfsDisableLastAccessUpdate"=dword:00000001
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory
      Management\PrefetchParameters]
      "EnablePrefetcher"=dword:00000000
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
      BootExecute=""
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EWF]
      "NextInstance"=dword:00000001
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EWF\0000]
      "Service"="EWF"
      "Legacy"=dword:00000001
      "ConfigFlags"=dword:00000020
      "Class"="LegacyDriver"
      "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
      "DeviceDesc"="EWF"
      "Capabilities"=dword:00000000
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EWF\0000\Control]
      "ActiveService"="EWF"
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewf]
      "ErrorControl"=dword:00000001
      "Group"="System Bus Extender"
      "Start"=dword:00000000
      "Type"=dword:00000001
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-
      BEC7-08002BE2092F}]
      "UpperFilters"="Ewf"
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewf\Parameters\Protected\
      Volume0]
      "Type"=dword:00000001
      "ArcName"="multi(0)disk(0)rdisk(0)partition(1)"
    
  6. Save the file. Before you merge it, you need to alter the permissions on one Registry key. In regedit, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root. Right-click on Root and click Permissions. Set "Everyone" to have Full Control, and then merge the file by double-clicking on it. As you did for MinLogon, ensure that all the values were entered properly, and then reset the Root key permissions to the way they were before.

  7. Reboot the system.

Pages: 1, 2, 3

Next Pagearrow