CrustyWindows

Talk:Main Page: Difference between revisions

Main Page Discussion

Talk:Main Page (view source)

Revision as of 13:58, 23 July 2024

880 bytes added ,  23 July
no edit summary
VisualWikitext
No edit summary
No edit summary
==== Characteristics of a bootleg, particularly... ====
===== The tools used to make a bootleg =====
To confirm if a bootleg was made with nLite or not, look for:
* For anyAny <code>WINNT.SIF</code> or <code>WINNT.ORG</code> file, andparticularly look for athe "Generated by nLite" linestring at the beginning of the documentfile, for example:
: <code>; Generated by nLite 1.3</code>
: <code>; Generated by nLite 1.4.9.1</code>
: <code>; Generated by nLite 1.4.9.3</code>
** The version number may be different - there have been cases where bootlegs were made with really old versions going back to 1.0 or even beta versions of nLite. You should include this version number in the "This ISO was made using ..." portion if possible. Ditto for all the other tools with visible version numbers.
* Any last session files on the CD root, THIS GOES FOR ALL OTHER PROGRAMS BY DINO NUHAGIC OR ANYTHING BASED ON IT LISTED HERE.
* Any files named <code>nlite.inf</code> and all INF files for the keywords "nLite", including comments (usually at EOF) in <code>I386</code>
* The line <code>"rundll32 advpack.dll,LaunchINFSection nLite.inf,U"</code> in the file <code>cmdlines.txt</code> in the folder <code>$OEM$</code>. This will also confirm the existence of <code>nLite.inf</code> in <code>I386</code>, which is the file that holds the component tweaks done by nLite according to the user.
 
To confirm if a bootleg was made with WindowsvLite/RT Unattended7 CD CreatorLite or not, look infor:
* Lastsession.ini on the CD root
* Autounattend.xml on the CD root, if it has this string <code><!--This answer file generated by RT Seven Lite--></code> or not.
* <code>HKEY_LOCAL_MACHINE\Software\RT 7 Lite</code> in the install image's registry data. You can either load it offline on your computer or look for it using the bootleg itself.
* fppset.inf in the WINDOWS directory, and RTSLCS.dll in the System32 directory (both in the install image)
 
To confirm if a bootleg was made with NTLite or not, look for:
* Any "Auto-saved session" files, NTLite.log or YYYY-MM-DD_HH-MM-XM.ini files on the CD root.
* <code>HKEY_LOCAL_MACHINE\Software\NTLite</code>
 
To confirm if a bootleg was made with Windows Unattended CD Creator or not, look for:
* A file named <code>settings.txt</code> in the CD root, and if it contains a comment with the keywords "Windows Unattended CD Creator" as the first line of the file.
* A file named <code>RunOnceEx.js</code> or the entry <code>wucdcreator="wscript.exe %systemroot%\RunOnceEx.js"</code> or similar in <code>WINNT.SIF</code>. This is the most used feature of Windows Unattended CD Creator, its software post-installer.
 
To confirm if a bootleg was made with VistaPE or not, look infor:
* A file named <code>VISTAPE.CD</code> in the CD root
 
* ''For autoruns made with StartCD:'' Click the program's icon at the top left of the program window, or right click the program in the tasklist, and click "About"
* Check the file's version information
* Search for strings in the binary itself. It may lead you to extra clues such as version information which you may not be obvious otherwise
* You maycan use any binary checking tool, such as Detect It Easy and others, to help you
 
To confirm the program used to modify the bootleg's ISO / what software was used to make the ISO:
* If you use the program PowerISO, open the ISO image you desire, go to Tools > View / Edit sector data..., then view the LBAs 16-18. There you will find:
: CDImage (sometimes a sign that the ISO was created manually)
: Markers for e.g. UltraISO, Nero, etc.
 
Retrieved from "https://crustywindo.ws/Special:MobileDiff/28587"