Wednesday 26 October 2022

Add Gandalf’s Windows 10PE x64 Redstone 7 Spring 2022 Edition to E2B

Gandalf's WinPE is another popular Windows 10 x64 PE. It contains lots of programs and utilities but it is rather a heavyweight. The boot.wim file alone is 2GB and to run it you will need a 64-bit CPU and 4-5GB of RAM (depending on how you boot the ISO).

The boot.wim can take many minutes to load on some systems (depends on the BIOS USB 2/3 driver speed).

The download file is 'donationware' in that you must donate in order to be given a download URL, although if you Google enough, you can find a torrent link for a 5GB .rar download which can be unpacked to give a 10.8GB ISO file which supports UEFI64 and Legacy 64-bit booting.

I changed the filename to:
so that it would boot under E2B and agFM without prompting for options or showing a secondary menu.

The ISO should work with Ventoy too (must use a .ISO file extension and ensure the system has plenty of RAM as Ventoy seems to need more RAM than E2B\agFM!). However, UEFI64 booting using Ventoy did not seem to work for me, although legacy\BIOS booting did work. I worked around this by extracting the \sources\boot.wim file from the ISO and naming it GandalfR7_boot.wim. I could then UEFI64-boot to Ventoy and then boot from the .wim file - to get the Start Menu Programs to work, I right-clicked on the Gandalf ISO file and used ImDisk to mount the ISO as drive Y:.

Note: Make sure your E2B USB drive does not have a \CDUsb.y file in the root of any partition. If it does then Gandalf  WinPE will fail to load the ISO as drive Y: and most of the added Programs in the StartMenu will not work.

Tip: If the ISO does not load as drive  Y: on reaching the Desktop, try clicking on the 'ReMount drive Y:' Desktop icon - it will try to find the correct ISO file on all connected media and mount it as drive Y:. Again this won't work if a \CDUsb.y file is present on any drive in the system.

Here is a list of the included Programs...

Secure Boot

agFM uses a Kaspersky secure-boot signed UEFI64 shim and should Secure Boot on most UEFI64 systems without a problem. Once agFM is loaded it disables Secure Boot so that non-secure payload files can be run.

This Kaspersky EFI shim file is sometimes blacklisted by the UEFI-firmware however (the hash key is stored in the DBx blacklist and would have been added by a recent Windows KB Update). You will not be able to secure-boot to agFM if it has been blacklisted in your BIOS\firmware. 

Sometimes, even if you disable Secure-Boot in the BIOS settings, it will still not load the EFI shim and just display a black screen on booting from the USB drive. In this case you can select the 'Disable UEFI64 Secure Boot (bugfix for blank screen)'  menu entry in the E2B legacy menu or the agFM menu (if necessary boot on another system). This will remove the Kapsersky EFI shim but you will no longer be able to Secure-Boot on any system because an unsigned EFI boot file will now be used to boot to agFM. The signed Kaspersky shim can be restored by using the 'Enable UEFI Secure Boot' menu entry.

For trouble-free Secure Boot, if the agFM signed EFI shim does not work, you can convert the Gandalf ISO to a .imgPTN23 file (disable your AV protection s/w first!) and then switch-in the image and secure-UEFI64 boot from it without needing any EFI shim. Windows PE uses a Microsoft signed EFI boot file and so there will be no secure boot issues.

When using MakePartImage - use the MPI_FAT32 Desktop shortcut, do NOT add rEFInd (use option 1) and do NOT auto-correct any config files as they will already be correct for a bootable USB drive.

Configure any WinPE

Gandalf RedStone7 with PEStartup + Portable Apps.

Note that you can configure any WinPE to add Desktop icons, drivers, change the wallpaper, autorun files, add registry entries, etc. simply by adding PEStartUp to the E2B drive.

1. Download PEStartUp+Papps file and extract it to the root of the E2B drive
2. Boot to any Windows PE such as Gandalf, DLCBoot, BobOmbs, HBCD_PE, etc.
3. If you don't see the wallpaper in the screenshot above, just use Explorer to find \TheOven_Startup.cmd on the E2B USB drive and double-click on it.

Some WinPE's even automatically run the .cmd file when the Desktopi is loaded.

For more details see Tutorial 143.

No comments:

Post a Comment