Boot to almost anything using an IODD Mini SSD device emulator

In a recent E2B chat session, a user wanted to use an E2B USB drive to contain lots of special disk images. These images contained multiple partitions. Some of these images used multiple GPT partitions. For instance multiple Mac OS X installers, full multiple-partition Windows To Go with BitLocker, full Linux OS with swap and encrypted data partitions.etc.

Unfortunately, such a scenario is not feasible when using Easy2Boot (at least not easily!) - however, the user did own an IODD DVD emulator, so I suggested using it's VHD feature.

He did not realise that it could be used in this way!

The IODD Mini

The IODD Mini #ad  SSD CD\DVD drive emulator is a solid-state version of the IODD 2531 and 2541 (see previous blog article here).

You can see from the picture below that it is approx 9cm x 4cm in size and will easily fit in a pocket.

As you may know, these Zalman and IODD 'DVD' emulators can load ISO files and then the USB device will appear as a USB DVD drive.

They can also load a VHD file and then it will appear to a computer as a 'USB disk' - so you can boot to a VHD containing a fully install Windows OS.

However, he did not realise that you could simply create an 'empty' VHD and then select that on his IODD device - thus the USB drive will appear as an unformatted USB drive.

He can then partition and format it as he wishes, install an OS to the USB 'drive', etc.

Thus it is possible for his IODD to contain multiple disk images of different multiple-partition Windows OS's, Linux OS's with swap partitions, Mac OS X, Mac Installer, Hackintosh Installers, DOS Flash images, etc. and they can be MBR or GPT partitions.

He can even mount more than one VHD as a disk device, so the second VHD could contain common programs, drivers, data, etc. which he can easily access after booting from the first VHD. You can even boot from one VHD and install to another VHD.

The IODD Mini VHD file can be configured to appear as a Removable 'Flash' drive or a 'Fixed Disk' HDD - just use either a .RMD extension or a .VHD file extension. If required, you can also write-protect the virtual disk too.

agFM v1.64 released

agFM v1.64 2020-10-31

• Update Passmark's memtest86 EFI files to v8.4
• grubfm MBR bugfix for some WinPE .wim files not booting using agFM - e.g. DLCBoot 2019 ISO.

Thanks to Arfan for reporting the DLC MBR-boot bug and to developer a1ive for fixing it.

Read more: https://www.easy2boot.com/download/agfm-history/

Note: This version has a bug in the F3 Boot menu - please use a later version!

eBooks

You can get free updates by using the email link that was sent to you when you purchased the eBook.

Here are the current versions.

• eBook #1 11/09/2020  Getting started with Easy2Boot_v2.18.pdf
• eBook #2 29/10/2020  How to make a UEFI multi-boot Easy2Boot USB drive v1.01.pdf
• eBook #3 21/10/2020  How to install Microsoft Windows using Easy2Boot_v1.7.pdf
• eBook #4 08/10/2020  UEFI-multiboot using the a1ive grub2 File Manager_v1.16.pdf

• 22/07/2020 Getting started with grub4dos_v1.01.pdf

Ventoy

Ventoy has been updated recently and is currently at version v1.0.26.

You can add Ventoy using the .cmd script in the \e2b folder on the agFM partition of your E2B USB drive.

'Hack into Windows' YouTube video uploaded

 

This video demonstrates how to use the UtilMan XML files to create a new ADMIN account or reset an offline account password.

It should work even if your PC contains multiple Windows installations.

It speeds up and semi-automates the process so that you do not have to type multiple Windows commands.

The latest beta version of E2B v2.06c has the latest version of the .cmd scripts which now also patches the Magnify.exe file.

Amazon Prime deals end today!

 In case you missed it, today is the last day of the Amazon Prime sale.

If you read my earlier blog posts, you will know that I have recently subscribed to Readly and cancelled all my paper magazine subscriptions. Yesterday, I noticed that the Amazon Fire HD's are now on sale with massive reductions, so I just received my new Fire HD 10 (#ad) this morning - installed Google Play and Chrome - and logged into Readly.com. Wow! Very nice display and it works as an Amazon Echo Show too - bargain!.

agFM v1.63 released

 agFM v1.63 just has a very small change to the \boot\grubfm\SAMPLE_startup_menu.txt example menu file. The small change will cause all .pf2 font files that are present in your theme folder to be automatically loaded.

#SET STYLE (change section below if required)
#mymenu=0   standard agFM theme
#mymenu=1   using $mytheme as theme   (rename folder \boot\grubfm\themes\sample_slack to slack) NO SPACES - DO NOT USE sample_slack folder as it will be changed on update
#mymenu=2   User wallpaper, no theme  (change USER MENU CONFIG section below)
#mymenu=3   Text mode - most compatible and quickest - use if keyboard issues (English only) - see section 3 below
set mymenu=0
#if mymenu=1 then mytheme specifies the theme folder to be used
set mytheme="slack"

######## MYMENU=1 - USERS GRUB2 THEME ########
if [ "${mymenu}" = "1" ] ; then
# Load fonts - if your theme uses special fonts (not unicode) this loads ALL font files
# The .pf2 font files should be inside the theme folder
for font in (${user})/boot/grubfm/themes/${mytheme}/*.pf2; do loadfont ${font} ; done
# You can use the lsfonts command to list the currently loaded fonts

# Rename \boot\grubfm\themes\sample_slack folder to slack then edit background.png to add your own wallpaper
# uncomment 'menu_pixmap_style' in each .txt file to add a grey box behind the menu text
export theme_std="(${user})/boot/grubfm/themes/${mytheme}/theme.txt";
export theme_fm="(${user})/boot/grubfm/themes/${mytheme}/fm.txt";
export theme_info="(${user})/boot/grubfm/themes/${mytheme}/info.txt";
export theme_help="(${user})/boot/grubfm/themes/${mytheme}/help.txt";
export theme=$theme_std
# themes must not contain spaces
if ! [ -f "$theme" ] ; then echo "ERROR: Can't find $theme" ; read ; fi
fi
####################################

This means that if you use your own grub2 theme and it contains .pf2 font files, then they will be automatically loaded.

e.g.

set mymenu=1
set mytheme="seven14Large"

seven14Large theme

Tip: How to repair a Windows 8/10 system that won't boot without needing any another copy of Windows or WinPE

Although it is always better to try to repair a Windows OS by booting from the original Windows ISO, it is not always present on your E2B USB drive!

This tip works for most Windows 8 or Windows 10 systems. It allows you to repair the OS without needing to have any ISO or WinPE type payload file on the E2B drive and it will always use the correct matching version of WinRE to repair or access the original OS installation - even if you don't actually know what OS version was installed.

It relies on the fact that most Windows 8/10 systems will already contain a \Recovery folder on the internal hard disk containing a winre.wim file. It could be contained within a separate Recovery partition or it could be in the main NTFS boot partition.

This method allows you to boot to the Recovery console and from there you can use the various repair/troubleshooting repair features or drop to the command shell and type in your own commands.

Since E2B\agFM\Ventoy can boot from .wim files, we can directly boot from the winre.wim file like this...

KonBoot v3.6 is now available

 KonBoot v3.6 is now the latest version and has a few bugfixes, etc.

Kon-Boot is currently the only solution worldwide we are aware of that can bypass Windows 10 online passwords!

 Main updates:

• Updates for macOS Catalina 10.15.7 and macOS Big Sur 10.16 beta

• Updates for Windows 10

• Installer updates

KonBoot can now be added to your E2B USB drive but you must purchase a licence.

The more expensive version is about the only software that allows you to get past a Windows Online account on a Windows 10 system.

Of course, a free alternative to bypass a Windows 10 online account login (by creating a new account) can be done by booting to a Windows 10 ISO from Easy2Boot (UEFI or MBR) and choosing the Utilman - Hack Windows.xml XML file. 

For more instructions, see the UtilMan E2B web page.

Hack into a Windows 8/10 online account - just type '2'!

Win 8 does not require a Safe Mode boot (but Win10 does!).

agFM v1.62 released

 agFM v1.62 has some bug fixes, language improvements and some new features and changes. The main change is that the first-letter auto-jump feature now works in grubfm as well as the startup menu.

The default agFM menu (\boot\grubfm\startup_default.cfg) now sets the three grub2 variables:

Readly is free for 2 months (offer ends this month)

This is just a heads up about the end of the Readly special offer. Readly is the online magazine service which I have been enjoying now for over a month. I have now cancelled my three paper magazine subscriptions as I now just use Readly to read all my magazines. This saves me about £9 a month plus I get to read dozens of the other mags that I am interested in!

The Readly special offer of 2 months free ends October 31st.

You can read all these and 100's more!
Photography, cars, games, fashion, DIY, hobbies, finance, etc. it's all there!

Here are a few of my reasons:

1. Save money - OK, I admit it, my initial reason was that it was cheaper. If your household subscribes to lots of mags, you can save a small fortune!
2. If I don't like it, I have nothing to lose - it's free for 2 months and I can always cancel the subscription at any time.
3. I reckon I only actually read 50% of the pages anyway.
4. I never re-read or go back to the old mags - every so often I throw them out, so why do I need them in paper format? I can always download a copy now anyway.
5. Save the forests - the pages are useless as toilet paper anyway!
6. Unlimited! I can now read 100's of magazines for free
7. Browse all mags
8. Free daily and weekend newspapers
9. Access to all back-copies
10. Searchable - I can search all mags for keywords instantly
11. I don't have to wait for the post to arrive (which is sometimes a day or two late) - the latest issue is available very quickly on Readly.
12. I get an email whenever a new issue comes out.

P.S. I bought an Amazon Fire HD 10" (#ad). It is cheap and ideal for reading the mags/newspapers on. I installed Google Play store and then the Readly app.

agFM v1.61 released (improves UEFI boot support when using .imgPTN23 files)

Taylor contacted me yesterday to ask how to switch back the original E2B partition after successfully managing to UEFI64-boot and switch in a new WinPE .imgPTN23 file.

My answer was to use the BIOS Boot menu to boot to the agFM Partition 2 and then pick the 'Restore E2B partitions' menu option from the agFM menu...

However, it seems the reason that Taylor was having problems, was that his/her Thinkpad T470s BIOS was only listing the first WinPE Partition 1 in the Boot Menu - the 2nd agFM partition was not listed in the boot menu!

No UEFI Boot option listed for Partition 2!

It seems that the UEFI BIOS only listed the first partition that it found that has a readable (usually FAT) partition and that contains a valid UEFI boot file - in this case \EFI\BOOT\BOOTX64.EFI in the WinPE Partition 1.

E2B and agFM updates are broken!

 Yesterday I had some problems with Easy2Boot.com. My host WebNode has now finally admitted that they have made some changes to the server without telling me!

This had the affect that you may have got error pages such as 'Too many redirects' when accessing some pages on the www.easy2boot.com website yesterday. This should now be fixed.

However, the other problem is that the download URLs on the E2B site have now all been changed by WebNode and thus broken. This means that the .cmd scripts which used wget.exe to fetch the latest versions are now all broken! Grrrr...

So the current Easy2Boot v2.05 version will no longer download agFM from the E2B host servers when you ask it to add agFM to partition 2! Also the various update scripts in agFM are all broken now and so a new version of agFM (v1.60) has just been updated and released.

If you are having problems updating E2B, please download the latest versions from the Alternate Download site. Extract the files to an empty folder and run the UPDATE_E2B_DRIVE.CMD script.

If you get stuck, you can always just extract the E2B files in the E2B zip file straight onto your E2B partition, and extract the agFM .zip file straight onto your agFM partition 2.

Please let me know if you have any issues. I will release E2B v2.06 in the next few days.

2020-10-02: The old download URLs now seem to be working again!

Ventoy 1.0.22 is released (no more 10-sec wait!)

 'longpanda' has released the latest version of Ventoy and the 10-second delay has now been removed.

You can update to this new version by downloading the new Ventoy-1.0.22-Windows.zip file and drag-and-drop it onto the \e2b\Update agFM\Add_Ventoy.cmd file on partition 2 (or if you have the latest agFM beta, simply click on the Update_to_latest_Ventoy_version.cmd file).

agFM v1.60a BETA now available

This BETA version has some more minor grub\grubfm bugfixes.

It also allows us to use the auto-jump feature (as used in E2B grub4dos menu). You hit a letter key and the next menu entry beginning with that letter is highlighted on the menu.

# disable the grub2 menu debug hotkeys c and e (agFM v1.59+)
# Tip: To enable using a special hotkey - see hiddenentry "[TAB] ENABLE GRUB2 HOTKEYS" example at bottom of this file
#export grub_disable_console=1
#export grub_disable_edit=1
# enable first-letter auto-jump hotkey feature in this menu only (does not work in grubFM) - console and edit hotkey must be disabled.
#export grub_enable_menu_jump=1

The first two settings will propagate to grubfm when it loads, however the menu_jump setting is not supported by the grubfm menu system, so auto-jump only works in your initial startup_menu.txt menu file.

Download v1.60a BETA from here

I hope the developer, a1ive, will also add the jump_menu feature into grubfm - but first the F search hotkey which is already used to search the USB drive for certain files types, will need to be re-assigned to a non-letter hotkey, e.g. F7/F8/F9/F10.

F - grubfm Search hotkey

P.S. I have also added an experimental \e2b\Update agFM\Update_to_latest_Ventoy_version.cmd script - this will automatically find the latest version of Ventoy, download it and add it to your E2B drive. This saves having to find the latest version yourself and then drag-and-drop the zip file onto the Add_Ventoy.cmd batch file.

agFM v1.59 available with 'c' and 'e' grub2 menu hotkey disable feature

 agFM v1.59 has a few small bugfixes which a1ive has added into grub and grubfm.

This version also allows you to disable the grub2 menu hotkeys c and e to prevent the user from accidentally pressing the c or e key and dropping into the console or the menu edit screen.

Since it is often useful to have a 'secret' key which will enable the grub2 hotkeys again, the SAMPLE_startup_menu.txt file also contains a hiddenentry example which allows you to press the TAB key if you want to enable the grub2 hotkeys, but you must press TAB quickly as soon as the initial menu with timeout is displayed - TAB won't work once the agFM File Manager is loaded,

Here are the entries in the SAMPLE_startup_menu.txt file which you can now add into your startup_menu.txt file if you have one in ptn2:\boot\grubfm (uncomment the lines in red):

# disable the grub2 menu debug hotkeys c and e (agFM v1.59+)
# Tip: To enable using a special hotkey - see hiddenentry "[TAB] ENABLE GRUB2 HOTKEYS" example at bottom of this file
#export grub_disable_console=1
#export grub_disable_edit=1


#hiddenentry "[TAB] ENABLE GRUB2 HOTKEYS" --hotkey tab {
# unset grub_disable_console
# unset grub_disable_edit
#}

Download v1.59 from here

agFM v1.58 released + new Ventoy

There was a bug in agFM v1.57 which caused the E2B Ventoy boot option to not be shown in the E2B Main Menu.

Also, wget was not downloading the core.img file correctly.

This version has a newer version of wget.exe and a revised \e2b\Add_Ventoy.cmd file.

To update agFM go to Partition 2 \e2b\Update agFM folder and run Download and update agFM_v2.cmd

After you update to agFM v1.57, you can drag-and-drop any new version of the Ventoy ZIP file onto the \e2b\Update agFM\Add_Ventoy.cmd file and you should have working E2B Main Menu and agFM F5 options to launch Ventoy from UEFI64 booting.

agFM will thus allow you to Secure UEFI64-boot to Ventoy without needing to disable Secure Boot or use Mok Manager (which does not work on many systems). Ventoy does not require contiguous files and is quicker when loading and running ISOs.

Ventoy 1.0.21 released

Ventoy v1.0.21 has just been released (adds beta support for VHDs) and it now warns the user if it is not running from an 'official' Ventoy USB drive!

You now have to wait 10 seconds.

The developer, longpanda, has said he will change this in the next version as he will check that the partitions conform to the correct 'Ventoy' layout and then will maybe just show the 'UNOFFICIAL' word on the screen just to signify that if you do find a problem with Ventoy, you should test it again using an 'official' Ventoy USB drive before reporting the issue.

So hopefully this delay will be removed in the next version of Ventoy. Meanwhile, if you don't want this delay, use Ventoy 1.0.20.

'eBook #1 - Getting started with Easy2Boot' - v2.18 is now available

 I have made some minor revisions to eBook #1.

If you have already purchased it, you can get the new version by using the download link that was emailed to you previously.

If you are interested in agFM and UEFI-booting, the eBook #4 has also been recently updated to v1.15.

E2B eBooks are listed here.

P.S. Subscribe to get the latest news.

E2B v2.05 and agFM v1.57 released

 

To update, click the Make_E2B.exe - Update E2B button.

Then check that you have E2B 2.05 and agFM 1.57 by MBR and UEFI-booting.

To add Ventoy, download the latest version of Ventoy .ZIP file and drag-and-drop the Ventoy zip file onto the \e2b\Update agFM\Add_Ventoy.cmd file on the 2nd agFM partition.

Ventoy does not require the ISO files to be contiguous.

# Change Logs

E2B 2.05 2020-09-09

1. Change sort code so E2B menu system can now work on systems with just 64MB RAM.
2. Bugfix in Make_E2B.exe for Chinese language not working
3. Enhancement - alphabetically sort files in LstFExt.g4b - so now \_ISO\WINDOWS\XP ISO files are sorted alphabetically.
4. Add_Ventoy.cmd added - \_ISO\docs\MAKE_E2B-USB_DRIVE\Add_Ventoy.cmd can be used with Ventoy.xx.xx.xx.zip to add or update Ventoy onto 2nd agFM Partition.
5. Windows Install menu will display 'HDD1=GPT' if it detects that the first internal hard disk has GPT partitions.

agFM v1.57 2020-09-09

1. Bugfix for MBR\Legacy install of Windows Setup not allowing Internal hard disk to be selected
2. Update agFM version
3. Ventoy support - F5 now will boot to Ventoy if present on Partition 2
4. \e2b\Update agFM\Add_Ventoy.cmd added (drag and drop Ventoy zip file onto Add_Ventoy.cmd to add Ventoy MBR+UEFI64).

Note: I have also updated eBook #4 and eBook #1. You can obtain the updates by using the link in the confirmation that was email sent to you by Payhip when you first purchased it.

P.S. Don't forget to subscribe to this blog for more news!

E2B v2.05d Beta now includes Add_Ventoy.cmd batch file

E2B v2.05d Beta now includes \_ISO\docs\Make_E2B_USB_Drive\Add_Ventoy.cmd. 

Just download the latest Ventoy .zip file and drop the Ventoy .zip file onto the Add_Ventoy.cmd file on your E2B USB drive (Windows 10 only).

Let me know if you see any see issues.

P.S. agFM v1.57Beta3 also includes the Add_Ventoy.cmd file in the \e2b\Update agFM folder. This means that Windows 7/8 users can first switch to the 2nd partition (using Switch_E2B.exe - Access partition 2 on Removable drive button) and then drag-and-drop the downloaded Ventoy .zip file onto the Add_Ventoy.cmd file. Don't forget to switch back partitions 1 and 2 afterwards!

Get ready for a second Corona wave!

Will there be a second wave? 

In the UK and probably many other countries, the schools, colleges and universities are starting to open again. Also we are being asked to go back into our offices and shops. However, if we are not careful, this could lead to the start of a second wave of the epidemic.

It has been estimated that over 40% of grandparents are 'carers' for their grandchildren. Since Corona has a more severe effect on older people and those with health problems, it makes sense to continue to avoid contact and close proximity to ALL other people (even those in the same household). The grandparents should try to keep their distance from the kids (somehow!).

The larger the 'dose' - the more severe the symptoms? 

agFM v1.57 Beta2 with full F5 VENTOY support

I have now added a patch into agFM and recompiled it since a1ive has not yet made the change to the f5.sh file in the github master.

The F5 key will now boot to Ventoy once you update partition 2 with the new v1.57Beta2 version.

Follow the previous blog article for instructions on how to add Ventoy to your E2B USB drive.

Here are three useful FREE text tools I use every day

Here are my three favourite utilities for text file maintenance.

If you work with scripts, batch files, source code, etc. you probably use them already but I will list them here just in case...

SwiftSearch

Searches for files on all NTFS drives in seconds! Can use multiple wildcards in the search string e.g. *win*.iso or abd*def.j*.

Note: Does not work on exFAT, FAT32 or other non-NTFS file systems - but it is super fast!

Tip: If you add a drive (e.g. NTFS USB drive or change a drives contents), then you must press F5 to reload the NTFS filesystem indexes before searching again.

WinMerge

Compare two files or two folders. Side-by-side view lets you easily copy over portions of a file with just a click. This makes it very easy to compare two versions and make changes.

FNR

Find and Replace - find any string in all matching files and can then replace all occurrences with a different string in all those files.

This is useful when I want to find out which files contain a particular string. I can then double-click to load up the file or I can replace the string with a different string throughout all files.

agFM v1.57 Beta1 with VENTOY support

 These new versions are experimental and they allow you to add any Ventoy release to your E2B+AgFM USB drive.

Background

a1ive's latest grubfm allows the F5 function key to boot Ventoy or AIOBOOT from a separate partition which contains those files. However, it is not very useful as we cannot use the same FAT32 partition that E2B+agFM already uses and Ventoy requires a particular fixed partition order!

If Ventoy is detected, then pressing F5 will boot from efi/boot/bootx64.efi on the Ventoy partition or MBR\Legacy boot from the grub2 boot sector (which is actually grub4dos on an E2B drive). The Ventoy files cannot therefore be on the same FAT32 partition as the agFM files.

AIOBOOT can be present on any partition and F5 will boot from the /efi/boot/bootx64.efi file or the /AIO/grub/i386-pc/core.img file (for MBR\Legacy booting). The AIOBOOT files cannot therefore be on the same FAT32 partition as the agFM files.

So the current Ventoy\AIOBOOT F5 function is not suitable for E2B+agFM!

New Betas

5000+ free magazines

Just signed up to Readly (first month free - cancel if you don't like it!). It's the Spotify of mags! Not only can I view 1000s of mags for free, but I have access to back copies and I can search ALL of the mags for any mention of a key word or phrase (such as "easy2boot") and see all the pages which mention E2B in all mags! I am seriously considering cancelling all my current paper mag subscriptions! This is cheaper, faster and gives me access to way more mags. Only problem is that I might have to buy an iPad or Chromebook now...

P.S. I bought an Amazon Fire HD 10" (#ad). It is cheap and ideal for reading the mags/newspapers on. I installed Google Play store and then the Readly app.

agFM v1.56 now available

Anwar has discovered a bug where agFM (MBR grub2 only) can report a contiguous file as being non-contiguous.

agFM v1.56 - changes from v1.55 are...

1. SAMPLE_startup_menu.txt revised - now only shows 'Restore E2B Partitions' menu entry when the backup partition is a valid MBR.
2. Bugfix in agFM MBR code (grubfm.iso) to fix issue of some files reported as not contiguous (thanks to Anwar for reporting bug).
3. Latest agFM build with various bug-fixes.
4. Variable 'hires' (set hires=1) can now be set in your menu so that WinPE runs at highest screen resolution available (e.g. set in in startup_menu.txt). Setting this may cause virtual machines to default to their highest resolution but it should be OK to set the hires variable when booting from real systems.
5. The wimboot code has changed - do not specify bcd, boot.sdi or bootmgr files in wimboot command list as they are not needed. MBR\Legacy also uses the wimboot command now.
6. Ventoy modules have been removed by a1ive from agFM..

The new v1.56 version of E2B agFM can be found here. Just unzip the file directly onto the second FAT32 partition to update from v1.55.

The Update download is still 1.55 and will be updated in a few days to 1.56.

UEFI Secure Boot is in chaos!

As you may be aware, the agFM grub2 boot files which are added to the second FAT32 partition when you make an Easy2Boot v2 USB drive uses a Kaspersky shim to load the a1ive grub2 kernel.

Because the Kaspersky shim is signed, it means  that it can load the grub2 kernel which can then effectively disable Secure Boot!

This allows us to boot an insecure grub2 kernel and we can do pretty much anything we like to the system, including booting to non-secure OS's!

This loophole was reported to Microsoft last year (if not before!) and Microsoft tried to fix it using a Windows Update KB which was rolled out to all Windows 10 systems earlier this year. The 'hotfix' added an entry into the UEFI firmware dbx 'blacklist' of the BIOS. Thus the signed Kaspersky shim file was blacklisted by the UEFI BIOS.

Unfortunately, the KB hotfix caused problems with many systems because the same signed Kaspersky shim was used by some OEMs as standard - so these systems suddenly refused to Secure UEFI-boot after the Microsoft Update was applied!

So Microsoft quickly reversed the KB Kaspersky hotfix part in the next hotfix removed the blacklist dbx entry from the UEFI BIOS again. So - assuming you could get your system to non-secure boot by disabling Secure Boot in the BIOS, you could do a Windows Update and then re-enable Secure Boot again. Of course, your system would still be vulnerable though.

Since then it seems Microsoft, Linux developers and grub2 developers have actually bothered to look at and analyse the shims and grub2 code which they are getting signed and have found a large number of other vulnerabilities too!  To me this raises a number of questions about the Microsoft Secure Boot signing process:

1. What did Microsoft actually do when they signed Secure Boot files - just accept a huge amount of $$$ and sign any old boot file without bothering to fully analyse it?
2. Why does everyone insist that Open Source code is so desirable when there has been gaping security holes in grub2 for years?

A recent number of these vulnerabilities have now been fixed in grub2, but updating systems is not going to be easy! We cannot simply blacklist all current and older versions of grub2 by adding entries to the UEFI dbx blacklist. This would prevent any OS on older drives, backups, old install media, USB drives, PXE servers, etc. from Secure Booting because they would still contain the old, blacklisted, grub2 signed UEFI boot files. See the 'mitigation' section of this article for more details.

For the complete picture, read the whole article here.

Note also that very new linux/grub2 OS's (install ISOs and updates) may have these new 'fixes' added and it may prevent them from UEFI Secure booting and in some cases even non-Secure UEFI booting then fails!...

July 30 Important Update

Some of the Linux distribution updates appear to be leading to unsuccessful reboots. The developers and distribution maintainers are working to provide new updates. The maintainers are recommending to avoid installing updates for grub2, shim, and other bootloader-related applications until new packages are available. Some of the issues to watch are listed below:

• https://access.redhat.com/security/vulnerabilities/grub2bootloader
• https://bugzilla.redhat.com/show_bug.cgi?id=1862045
• https://bugzilla.redhat.com/show_bug.cgi?id=1861977
• https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1889556
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966554
• https://status.cloud.google.com/incident/compute/20009#20009005

Easy2Boot eBooks (PDFs) are now all $5

The E2B eBooks are now all reduced to only $5 each again. If you have not yet read all of them then now is your chance!

• E2B #1: How to make a multiboot USB drive using Easy2Boot
• E2B #2: How to install Microsoft Windows using Easy2Boot
• E2B #3: How to make a UEFI multi-boot Easy2Boot USB drive
• E2B #4: UEFI-multiboot using the a1ive grub2 File Manager 
• Getting started with grub4dos

There are some user comments\reviews on the E2B sites Guest Book page if you want to see what others thought of them.

Updates are free. Just use the download link that is emailed to you again to check for later versions.

re. Fixing faulty computers

This is just a quick blog post to say 'Hi'. I have been busy doing other things recently (like playing with my new IODD Mini SSD - Amazon link which is performing very well) so I have not been spending much time on E2B.

In my few moments of free time, I have been enjoying watching Adamant IT  repair shop YouTube videos which are quite entertaining. He has videos on 'live' repair and also 'live' PC builds as well as reviews, etc.

Although I have retired from repairing/building/developing PCs and Notebooks now, unless they have changed a lot in the last 6 years or so, I thought I would go through what I tended to do to diagnose and fix PCs\Notebooks.

Add Medicat 2020 to your Zalman\IODD disk

The Medicat 20.05 download comes as a .BIN file which contains a 512-byte header file which is only recognised by a few utilities such as OSFMounter and ImageUSB by Passmark.

Here is how to convert it to a VHD file which is suitable for loading via your Zalman\IODD device.

Note: For medicat.20.06.1.img - from here - I used BitTorrent and then just copied the .img file to my IODD\Zalman and renamed it to medicat.20.06.1.vhd. You can then mount it as a virtual drive.

Instructions for medicat 20.05  .bin file

COMSS 2020-06 multiboot ISO now available (Ru/Eng)

The COMSS 2020-06 multiboot utility ISO is now available. There is a Lite version and a 'full fat' version. The initial menu prompts you to select either Russian or English at the start.

New in version 2020-06:

Add the new 2020 Medicat to your E2B USB drive

The release of Medicat 20.05 is rather odd. It is intended that you make a Medicat 64GB or larger USB drive from it and it is not suitable for multibooting.

Note: See also https://rmprepusb.blogspot.com/2022/01/quickly-add-medicat-2112-to-easy2boot.html

The new Medicat only supports 64-bit CPUs. It is based on Ventoy which requires two particular partitions in a specific order and the download is a PassMark .bin file which has a 512-byte header portion and so it cannot be treated as a VHD file or normal disk image file which we can use with a Zalman\IODD virtual drive emulator.

The main Medicat ISO is inside the image and contains the WinPE .wim file.
When Medicat boots, it will look for the USB drive and mount the USB drive as Y:.
It then expects to find program folders under Y:\Programs and the PortableApps programs under the Y:\PortableApps folder.

There are other ISOs within the image and Ventoy is used to boot them. We can extract these other ISO files from the .bin image and simply copy them to our E2B USB drive.

Medicat 20.06 is a .img file. It does not have the 512-byte header and can be renamed to .VHD for use with a Zalman\IODD. However it does not boot correctly as a .vhd using E2B and so must also be converted as below if using it on an E2B USB drive.

Medicat 21.01 is in the form of zip files for use with 7Zip and Ventoy. You are supposed to extract the contents to the first partition of a previously-made Ventoy USB disk. Instead, you can extract the files to an empty folder on your Windows hard disk and then decide which ISOs, etc. you want to copy to your E2B USB drive's first NTFS partition and choose the appropriate menu folder. Alternatively, just copy all the files (except \autorun.inf and \autorun.ico) to the root of your E2B first NTFS partition and only use Ventoy to boot to Medicat. It will add lots of folders to the root however and may overwrite the contents of your \ventoy folder which will affect the Ventoy theme and menu settings.

Medicat 21.01 zip file contents

Instructions (v20.06)

E2B reaches 1/2 million downloads per year!

I just noticed today that since I started using Fosshub to host the E2B downloads in June 2019, the download counter for E2B has now reached over 500,000 downloads!

I can also tell that in the last 30 days, the Make_E2B.cmd file that is used to make a new E2B USB drive, has been run over 63,000 times (it downloads a file to notify the user of the latest version of E2B) and that the agFM UEFI files have been downloaded over 19,000 times in 30 days.

Boot any ISO from the IODD Mini USB SSD CD\DVD drive emulator

IODD Mini

The IODD Mini #ad  SSD CD\DVD drive emulator is a solid-state version of the IODD 2531 and 2541.

You can see from the picture below that it is approx 9cm x 4cm in size and will easily fit in a pocket.

Note: This IODD Mini was supplied to me by IODD for evaluation and feedback.

In fact, the white 1m USB 3 cable (micro-B USB 3 to Type A USB 3) that comes with it, is larger and bulkier than the device itself.

Kon-Boot v3.5 now allows us to use larger E2B USB drives

If you buy a licensed version of Kon-Boot v3.5, you can now use it with large USB drives (previously we were limited to drives of 16GB or less).

This means you can now licence a 128GB or 256GB SanDisk USB E2B flash drive or even a 2TB USB Hard Drive.

Once you have installed Kon-Boot, you can backup the files, re-format the drive as an E2B drive and then copy back on the special encrypted USB-drive specific EFI boot file made by the Kon-Boot .exe install process.

If you have already purchased a Kon-Boot licence and have activated it on a small USB flash drive (<16GB) then you cannot switch the licence to a different USB drive - you must purchase a new licence for each drive you want to use Kon-Boot with because the USB Vendor, Product ID and Serial Number of the USB drive is encrypted into the boot file the first time you make a Kon-Boot USB drive. The same USB drive values are recorded on their server for each unique licence number.

Details of how to add the licensed Kon-Boot UEFI boot files to an E2B v2 USB drive are in eBook #4.

You can instead just make a FAT32 .imgPTN or .imgPTN23 file from the files on the Kon-Boot USB drive. Make sure the volume name is KONBOOT once it is switched-in.

Note: E2B+agFM allows you to Secure Boot without needing to purchase the more expensive 'commercial' Kon-Boot licence. However, Windows 10 (UEFI) online account bypass support is only included with the full Kon-Boot commercial licence.

If you see this, the licence details did not match with the USB drive's ID!

Note: For best compatibility, the Kon-Boot files should be within 128 GiB from the start of the USB drive.

agFM v1.55 available

Changes

1. Remove HDCLONE menu from startup_default.cfg menu
2. Improve 'Restore E2B partitions' detection menu entry so does not appear if no valid backup
3. Update to latest a1ive grub2\grubfm version

To download and update run \e2b\Update agFM\Download and update agFM_v2.cmd from the second agFM partition.

IODD Mini SSD 

For simple ISO and VHD booting, this neat little USB 3 SSD AES256-bit encrypted drive is hard to beat! Just select the ISO\VHD on the display and boot. VHD files can be set to emulate a fixed or removable USB drive and you can write-protect it too if you wish. You can also set the whole SSD drive in the same way, so you can have a 512GB Removable USB 3 SSD drive or a write-protected 512GB Fixed disk or any combination thereof.

P.S. I just received an IODD Mini 512GB SSD drive from IODD for evaluation. So please let me know if there is anything in particular you would like me to cover. So far I am impressed! It is quite small, fast and seems to work well.

E2B v2.04 and agFM v1.54 released

E2B v2.04
1. Bugfix for Windows Install + UEFI agFM imdisk error
2. Danish keyboard scan file added
3. Strelec ISO direct boot (.isowin)
4. Support .isoventoy file extension
5. Update E2B now updates agFM partition

a1ive agFM v1.52
1. Support .isoventoy file extension
2. Update to latest grubfm version
3. WinPE ISO files have extra 'choose wim' boot option

a1ive agFM v1.53
1. Bugfix - Setup.exe restarts if parentheses (  ) in filename of Windows Install ISO - now fixed

a1ive agFM v1.54
1. Bugfix - .imgptn files not listed if Secondary Menu option enabled in F4 menu

https://www.easy2boot.com/download/

E2B v2.04d fixes 'imdisk' bug when installing Windows from agFM

If you are using agFM v1.50 or later and are using a Removable USB drive for E2B, then you will find that the Windows Install from ISO function using agFM stops with an 'imdisk' error if you also use an XML file.

This is due to agFM actually using ImDisk to mount the ISO now (since v1.50) and so the E2B cmd file tries to install imdisk again.

If you are using a USB Fixed disk for E2B then you won't see this error.

This bug is fixed if you update to E2B v2.04d.

I will release E2B v2.04 very soon, so please let me know if you find any issues with it.

E2B eBooks special offer ends tomorrow - SORRY - TOO LATE NOW!

Some of the eBooks were previously priced at $6.99, $7 and $10 but for the month of May the price was reduced to just $5 each. If you buy more than one eBook you get a 10% reduction on all eBooks in your Basket too.

This 'Corona' special offer ends tomorrow when the price will go up from $5 each to $6.99 each.

P.S. There are a few reviews about the eBooks on the GuestBook page if you want to see if they might be useful to you (and I didn't pay them to write that - honest!).

agFM v1.51 for E2B officially released

See previous blog article for details.
To update, you can now run  \e2b\Update agFM\Download and update agFM_v2.cmd.

For best results, you should also download the latest Beta of E2B.

agFM eBook #4 v1.13 is now available (updated today).

agFM v1.51v2 Beta now available

Download from Alternate Download site as usual.

This version adds the ability to use a file with a .imgptnREP3 file extension (file must be on partition 3).

Changes from 1.50 (v1.51v2 changes in orange)

• New search (F) button added (e.g. search for file types such a .iso, .wim). 
• Boot Windows ISO option now runs X:\Setup.exe so that Repair option is offered if no XML file is specified. 
• Allow use of file extension override suffixes (e.g. Medicat v18.10 stable_.isowin.iso) so extension can be kept as .iso but it will immediately boot with no secondary menu. 
• Support _.winntsetup.iso file extension suffix for booting to Windows PE from Install ISO and directly loading the ISO into WinNTSetup.exe. 
• Danish language. 
• Ventoy boot option for ISOs added
• Bugfix for Auxilliary partition image file not detected as hfs type 0xAF (e.g. MacOS..imgPTN23+MacOS.), 
• .imgPTNrep3 file extension now supported (file must be in partition 3). 
• Add a check to prevent one .imgPTN* file from being used if a .imgPTN* file has already been switched in (thus preventing the backup MBR from being overwritten). 
• The 'Restore E2B Partitions' menu entry in the startup_default.cfg menu is now displayed whenever the MBR partition table contains a 'switched-in' .imgPTN image.

The .imgptnREP3 file extension allows you to replace partition 3 with any other image file.

I extracted the 10GB 3.hfs file from a Niresh Catalina.dmg file and renamed it.

When it is switched in to replace partition 3, I can use the agFM menu to boot from it (use F3) - you should also be able to directly boot to it from a Mac using its Clover boot manager.

You can thus  UEFI-install any MacOS from one E2B drive.

Please feedback any issues/successes/failures!

agFM v.1.51v with Ventoy now available

A1ive has now added Ventoy v1.0.10 to the main build of agFM.

You can download the latest beta v1.51v from here.

The advantage of Ventoy is that it can work from a write-protected drive (but agFM requires writeable media for some functions) and the ISO files do not need to be made contiguous. It may also boot faster. The disadvantage is that it is relatively young and may have quite a few compatibility issues.

I have found that Ventoy does not seem to like UEFI-booting under VirtualBox, so if you experience any issues with the Ventoy boot option for ISOs, please test it on a real system.

Please note: There are three 'SKUs' of Ventoy v1.0.10:

1. Official Ventoy release from Ventoy website
2. Ventoy as added to A1ive grubfm
3. Ventoy as added to E2B+agFM

If you experience any issues on a real system with Ventoy, please first test by renaming \boot\grubfm\config on the agFM partition so that the E2B+agFM modifications are suppressed and thus you are testing the pure a1ive version of Ventoy.

Before reporting any Ventoy issues it is best to make an official Ventoy USB drive and re-test the same ISO on that and then report the issue to Ventoy via reboot.pro. Make sure you clearly state what version you have tested (Ventoy USB drive, or A1ive Ventoy (no config file), or E2B agFM Ventoy) and also how you booted (MBR or UEFI) + make\model of target system.

New agFM v1.51 Beta and E2B v2.04c Beta available

I have made some tweaks to agFM so that it can now directly boot Strelec, DLCBoot, HBCDPE, Bob Omb's PE, Gandalf PE and Medicat ISOs - no secondary menu is presented if you use file extension override suffixes.

agFM now understands some file extension override suffixes (similar to E2B feature) - e.g.  filename_.override.iso

The special suffix tells E2B\agFM to boot it as if it had that file extension. This allows the file to still keep it's .iso file extension which is needed by some WinPEs to make them work correctly.

· Medicat v18.10 stable_.isowin64.iso
· Bob Omb's WinPE_.isomap64.iso
· DLCBoot WinPE_.isohw.iso
· Windows 10 x64 Eng_.winntsetup.iso

Currently isowin, isomap, isodef, isodefault, isoagfm, isoloop, isohw, isope and winntsetup are supported - with or without the four special suffixes 64, 32, 3GB, 4GB.

agFM v.1.51 

• New search (F) button added (e.g. search for file types such a .iso, .wim from current folder). 
• Boot Windows ISO option now runs X:\Setup.exe so that the Windows Repair option is offered if no XML file is specified. 
• Allow use of file extension override suffixes (e.g. Medicat v18.10 stable_.isowin.iso) so extension can be kept as .iso but it will immediately boot with no secondary menu. 
• Support _.winntsetup.iso file extension suffix for booting to Windows PE from Install ISO and directly loading the ISO into WinNTSetup.exe.

This should be used with E2B v2.04c Beta.

Check the Alternate Download site for these new versions (see top-left sidebar).

Full details are in eBook #4 on agFM v1.12 which I have just updated so you can download the new versions now.

E2B v2.04b Beta includes Danish language and keyboard + better Strelec ISO support

v2.04b Beta now includes the Danish language as an option.

If you want to boot to a Strelec ISO, try the extension .isowin. This should allow you to boot to the two Win10 WinPEs using the Easy2Boot menu system or using the agFM menu system.

Easy2Boot v2.03 released

• a1ive grub2 File Manager.mnu and Enable or Disable UEFI Booting.mnu added to \_ISO\MAINMENU folder.
• The three letters 'MBR' will be ignored if present anywhere in any file extension. This can be used to prevent agFM from listed these files. Useful if the files do not support UEFI-booting and only boot via the E2B menu system.
• New version SWITCH_E2B.exe to fix small bug which affected the appearance only (not function). 
• New default background
• Update_E2B_Drive.cmd now will update agFM files if present. 
• Internet ping test changed in MAKE_E2B_USB_DRIVE.cmd script in case ipv4 blocked. 
• agFM Sample Mnu files folder added with examples files, 
• WinContig files updated
• Keyboard scan code files updated
• KeyCheck.g4b test script added (type KeyCheck from grub4dos console and press down keys to get BIOS key status codes (e.g. NUM LOCK, CAPS LOCK, CTRL, etc.)
• XP Step 1 now warns user if not enough memory to load XP ISO file into RAM
• Example commented code added to SDI_CHOCO.cmd for detecting UEFI or MBR boot

https://www.easy2boot.com/download/

64-bit Scraper cold-boot attack now available!

So the head of SMERSH switches off his password protected and BitLocker-protected PC and walks out of his office to go home for the night.

Stealing the hard drive will get you nowhere because it is encrypted.

But you quickly break into his office - remove the DIMM RAM sticks and plonk them into a flask of liquid Nitrogen and then go back to your secret base. After a few minutes you have collected all the bytes that were in that RAM into a file on your USB drive. Now you can analyse the file to find out what passwords and images, etc. were in his RAM just at the point he shut it down. For instance you could use PHOTOREC to find jpeg images or perhaps use some of the investigative tools in Kali Linux to find passwords or the BitLocker key?

Later you will return the DIMM sticks and no one will be any the wiser. If the BitLocker key or any passwords were found in memory, you could try them out and gain access to the encrypted hard drive too.

Up to now this was only possible for a maximum of 4GB because the 'scraper' code only worked as 32-bit code. However, Basel has now also compiled a 64-bit version for us which seems to work nicely!

My original blog was here and I have updated the original RMPrepUSB Article 124 to include a menu for the 32-bit and 64-bit versions that he has kindly provide - great work Basel!

So now even BitLocker will not protect you Colonel Niktin!

YouTube video of a Cold Boot Attack here.

P.S. A funny thing happened in the park this morning ...
The local park had just opened for the first time for ages (it had been closed due to Corona) and my brother took his collie dog there for a walk as he used to do in the pre-Corona days.
Once there, the dog had a great time and then she saw an old friend - a whippet that she loves to chase and play with. Then suddenly the whippet runs along and puts his foot in a rabbit hole or something and 'SNAP!' goes his right hind leg - broken!
Everyone came to his rescue and even a wheelbarrow was fetched by someone to transport him back to the car park and get him to the vets. No one blamed my brother or his dog - it was just a freak accident.
So my brother goes back to his car and there a middle-aged lady bends down to make a fuss of his collie dog when the lady stumbles, falls over and hits her head on a large stone on the ground. She was unconscious for quite a few seconds and took some more time to slowly come to her senses.
So after that, my brother drove home very slowly and carefully with his dog and they are both staying indoors all day just in case anything else happens! You couldn't make this up!

P.P.S. The vet set the dog's broken leg but unfortunately it later got infected and so had to be amputated. The dog has now been re-named as 'tripod'.

New large font theme for agFM (and discovery of a bug in grub2 themes)

I was experimenting with some grub2 themes yesterday (to use a large font for partially sighted users) and I wanted to create a menu which had a different theme.

However, I noticed a strange problem - sometimes one icon would be missing from the menu list!

agFM v1.50 is now available

agFM v1.50 now can directly boot from DLCBoot ISOs such as DLCBoot2019_v3.6.iso.  Change the extension to .isowin for immediate booting on selection in the agFM menu.

So that it also works with E2B, you can use a filename ending in _.isohw.isowin.

This version also includes a version of grub2 with an enhanced echo command which allows you to easily output coloured text (see previous blog for details or eBook #4 which I have just updated to v1.11).

You can update agFM by running the \e2b\Update agFM\Download and Update agFM cmd file.

Add your own Help menu to agFM

If you have made your agFM MBR+UEFI-bootable USB stick, you might want to add some instructions for your users - or to act as a reminder for yourself on how to use the USB stick in case you forget in a few months time.

You could add a 'Help' menu entry to your Start-up menu and it could display help in the form of a jpg/bmp/png. For instance, you could write the help information in Word or PowerPoint, add your Logo or other graphics and diagrams, and then use a screen capture to save it as a 1024x768x24 colour .jpg file. Then you could simply display the jpg.

Another option would be to display text - perhaps in different colours too.

The following is an example help.cfg file which is saved in UTF-8 format (using Notepad) to preserve non-English glyphs. Note that if you use the text mode for your menu system (mymenu=3) then you should only use English ASCII characters, the background colours are restricted and graphics files (jpg/png/bmp) cannot be displayed.

agFM v1.49 and E2B v2.03c are now available

agFM v1.49 has enhancements and it can now boot directly to Sergei Strelec ISOs. WinPE support has been improved. The extension .isowin (or .isowin64) may now also work for some WinPE ISOs - check the List of Tested Payloads (bottom of page) or eBook #4 (updated just now to v1.10) for the correct file extension to use if you want to skip the secondary menu.

UEFI64 booting should be a bit faster now too.

E2B v2.03c has also had a few changes too including a new default background.

Please feedback any comments.

Keep safe and don't forget to subscribe,
Steve

How to boot 64-bit Linux ISOs on a 32-bit UEFI system (such as the Asus T100)

Some systems such as the Asus T100 Transformer notebook range are a bit of an odd fish!

They have a 64-bit CPU but because they have limited SSD storage (e.g. 32GB or 64GB), the manufacturers use a 32-bit version of Windows. This means that because Microsoft insist that OEMs ship with Secure UEFI enabled, the manufacturers have to use 32-bit UEFI firmware.

In the case of the T100, the firmware does not support Legacy\MBR mode (no CSM option) so we usually need to find UEFI32 OS's.

'Corona special offer' on E2B eBooks - now only $5 each

Some of the eBooks were previously priced at $6.99, $7 and $10.

I have now reduced the price so they are all only $5 each - you can also get a 10% discount on all of the eBooks when you purchase more than one (add one to the Basket and then you will see the others). Why not put down that game controller or 'Joy Stick' (well, that's what my wife calls it), and become a wizard of the USB stick instead?

This special offer will only be for a limited time so grab 'em while they're hot!

P.S. There are a few reviews about the eBooks on the GuestBook page if you want to see if they might be useful to you (and I didn't pay them to write that - honest!).