This walkthrough describes how to create a customized Windows PE image with SbWi nTech Plug-in.

The primary tool for customizing Windows PE is PEImg, a Windows P E command-line tool. After creating a customized image, you can deploy the image to a hard disk or create a bootable Windows PE RAM disk on a CD-ROM, a USB flas h drive (UFD) or a hard disk.Windows PE is bundled in the Windows Automated Inst allation Kit (WAIK). You can download the Windows Automated Installation Kit (WA IK) from the Microsoft Website. This download will contain all the tools necessa ry to create the customized image.Click the link below:http://www.microsoft.com/ downloads/details.aspx?familyid=c7d4bc6d-15f3-4284-9123-679830d629f2&displaylang =enStep 1: Set up a Windows PE Build EnvironmentIn this step, you create a requi red directory structure that supports building a Windows PE image.On your techni cian computer, click Start, point to All Programs, point to Windows OPK or Windo ws AIK, and then click Windows PE Tools Command Prompt.The menu shortcut opens a Command Prompt window and automatically sets environment variables to point to all the necessary tools. By default, all tools are installed at C:\Program Files \version\.At the command prompt, run the Copype.cmd script. The script requires two arguments: hardware architecture and destination location. For example,copyp e.cmd <architecture> <destination>where <architecture> can be x86, amd64, or ia6 4 and <destination> is a path to the local directory. For example,copype.cmd X86 C:\winpe_x86The script creates the following directory structure and copies all the necessary files for that architecture. For example,\winpe_x86\winpe_x86\ISO \winpe_x86\mount Step 2: Mount the Base Windows PE ImageIn this step, you mount the base image to a local directory so that you can add or remove packages. At t he command prompt, mount the base Windows PE image (Winpe.wim) to the \Mount dir ectory by using ImageX. For example,imagex /mountrw c:\winpe_x86\winpe.wim 1 c:\ winpe_x86\mountStep 3: Add Additional WINPE PackagesBy using the Peimg tool, you install Windows features by using the /install option. Windows features are inc luded with the base image (Winpe.wim) but are not installed. You can also import packages and add drivers and language packs.Add a Windows feature to the base i mage by using the peimg /install command. For example,peimg /install=<pkg> c:\wi npe_x86\mount\Windowswhere <pkg> denotes the package name. For example,peimg /in stall=WinPE-HTA-Package c:\winpe_x86\mount\Windows the following packages includ ed with Windows PE and are required to be installed. Repeat this step for each p ackage.Package Name DescriptionWinPE-HTA-Package HTML application supportWinPE-M DAC-Package Microsoft Data Access Component supportWinPE-Scripting-Package Windo ws Script Host supportWinPE-WMI-Package Windows Management Instrumentation (WMI) supportWinPE-XML-Package Microsoft XML (MSXML) parser support The next steps ne ed to be carried out manually via Windows Explorer. If you are unsure of any of the information given please do not continue as attempting to do so may result i n both the machine you are creating this image on and the recovery machine to be come redundant!Step 4: Adding SbWinTech Plug-inIn this step, you will need the f ollowing files to complete the SbWinTech plug-in. These files can be located und er the Recovery folder from your SafeBoot installation CD. If you installed Endpoi nt Encryption (formerly called Safeboot) from the downloaded zip file from McAfe e, then the Recovery folder is also extracted from that zip file. SbAlg.sys Safeboot .sys (also known as safeboot.w2k, this can simply be renamed to Safeboot.sys) SbA lg.dll SbComms.dll SbDbMgr.dll SbErrors.xml SbUILib.dll SbWinTech.exe SbXferDb.dll kenPwd.dll Sbtag TxtSetup.OEMWith the image still mounted browse using Windows Exp lorer to the <mount> directory, for examplec:\winpe_x86\mount The following fold ers will need to be created in the following locations under the mounted image. For example,Location Folder to be createdC:\Winpe_x86\mount\Windows\System32\ Sa feBootC:\Winpe_x86\mount\Program Files\ SafeBootC:\Winpe_x86\mount\Program Files \SafeBoot\ SbAlgsC:\Winpe_x86\mount\Program Files\SafeBoot\ SbReadersC:\Winpe_x8 6\mount\Program Files\SafeBoot\ SbTokensOnce the folders have been created copy the following files to those locations. Location Files to be copiedC:\Winpe_x86\ mount\Windows\System32\SafeBoot\ SbtagTxtSetup.OEMC:\Winpe_x86\mount\Windows\Sys tem32\drivers\ SbAlg.sysSafeboot.sys (also known as safeboot.w2k, this can simpl y be renamed to Safeboot.sys)C:\Winpe_x86\mount\Program Files\SafeBoot\ SbComms. dllSbDbMgr.dllSbErrors.xmlSbUILib.dllSbWinTech.exeSbXferDb.dll C:\Winpe_x86\moun t\Program Files\SafeBoot\SbAlgs\ SbAlg.dllC:\Winpe_x86\mount\Program Files\SafeB

SbT

oot\SbTokens\ SbTokenPwd.dll Step 5: Adding Registry KeysYou will need the follo wing file to add the necessary registry keys. This file can be located under the Recovery\Components folder from your SafeBoot installation CD. Registry Changes.re gWith the image still mounted go to START > RUN and type in the following, reged it.exe.In the Registry Editor locate HKEY_LOCAL_MACHINE Next go to File > Load H ive and browse to your mounted image s System32\config directory. For examplec:\wi npe_x86\mount\Windows\System32\config Locate the file named SYSTEM and open (not e that this file will NOT have an extension).A Load Hive dialog box will open as king for a Key Name, you must give it the name SafeBoot . (disregard the Winpe entry in the picture). Select OK.If you now expand HKEY_LOCAL_MACHINE you will see we have a key entry called Safeboot, this key contains all the registry keys etc fo r your image under HKEY_LOCAL_MACHINE.To add the registry keys for the SBWintech plug-in go to FILE > IMPORT and import the registry file. The registry files wi ll automatically create the entries needed.Select the SafeBoot key you loaded pr eviously and go to File > Unload.Exit the Registry Editor. DO NOT EXIT THE REGIS TRY EDITOR WITHOUT UNLOADING THE HIVE FIRST.Step 6: Commit Changes to the ImageI n this step, you commit the changes to the original image file (Winpe.wim) by us ing the ImageX /unmount option with the /commit option. For example,imagex /unmo unt c:\winpe_x86\mount /commitStep 7: Replace the Default Boot.wim FileIn this s tep, you replace the default Boot.wim in the \ISO directory with your new custom ized image. The image must be called Boot.wim. For example,copy c:\winpe_x86\win pe.wim c:\winpe_x86\ISO\sources\boot.wim Step 8: Create ISO imageYou now have a customized Windows PE RAM disk image that you can place on bootable media.At the Windows PE Tools Command Prompt, create an .iso file by using oscdimg. For exam ple, (NOTE: this is one command line)oscdimg -n -bc:\winpe_x86\etfsboot.com c:\w inpe_x86\ISO c:\winpe_x86\winpe_x86.isoBurn the image (Winpe_x86.iso) to a CD-RO M

Corporate KnowledgeBase Endpoint Encryption for PC 5.x Plugin for WinPE 3.0 Printer Friendly Rate this Page Corporate KnowledgeBase ID: KB72521 Last Modified: July 16, 2012 Environment McAfee Endpoint Encryption for PC 5.x WinPE 3.0 For details of all supported operating systems, see KB51109. Summary This guide provides the information you need to configure a Windows Preinstallat ion Environment (PE) 3.0 to include McAfee s Endpoint Encryption for PC plugin. Th e EEPC plugin detailed in this guide supports only x86 (32bit) architecture. For more information about WinPE 3.0, visit http://technet.microsoft.com/en-us/libr ary/dd799308(WS.10).aspx. Intended Audience: McAfee documentation is carefully researched and written for the target audience . The information in this guide is intended primarily for: Administrators - People who implement and enforce the company's security program. Security Officers - People who determine sensitive and confidential data, and def ine the corporate policy that protects the company s intellectual property.

Reviewers - People who evaluate the product. The document is broken down into the following sections Setting up WinPE 3.0 Accessing the WinPE 3.0 Image Editing the WinPE 3.0 Environment Committing Changes Solution Creating the Endpoint Encryption for PC 5.x Plugin for WinPE 3.0 CAUTION: This article contains information about opening or modifying the regist ry. The following information is intended for System Administrators. Registry modific ations are irreversible and could cause system failure if done incorrectly. Before proceeding, McAfee strongly recommends backing up your registry and unders tanding the restore process. For more information, see: http://support.microsoft .com/kb/256986. Do not run a .REG file that is not confirmed to be a genuine registry import file .

1.Set up WinPE 3.0: NOTE: First download and install Windows AIK. At the command prompt, run the Copype.cmd script. The script requires two argume nts: hardware architecture and destination location. Syntax: copype.cmd <architecture> <destination> Where <architecture> can be x86, amd64, or ia64. <destination> is a path to the local directory. Example: copype.cmd x86 c:\winpe_x86 The script creates the following directory structure and copies all the necessar y files for that architecture: Directory Files c:\winpe_x86 ETFSBOOT.COM file.txt winpe.wim c:\winpe_x86\ISO BOOTMGR c:\winpe_x86\ISO\boot BCD BOOT.SDI BOOTFIX.BIN ETFSBOOT.COM c:\winpe_x86\ISO\boot\FONTS CHS_BOOT.TTF CHT_BOOT.TTF JPN_BOOT.TTF KOR_BOOT.TTF WGL4_BOOT.TTF c:\winpe_x86\ISO\EFI c:\winpe_x86\ISO\EFI\MICROSOFT c:\winpe_x86\ISO\EFI\MICROSOFT\BOOT BCD c:\winpe_x86\ISO\EFI\MICROSOFT\BOOT\FONTS CHS_BOOT.TTF

CHT_BOOT.TTF JPN_BOOT.TTF KOR_BOOT.TTF WGL4_BOOT.TTF c\winpe_x86\ISO\sources c:\winpe_x86\mount

2.Access the WinPE 3.0 Image: At the command prompt, mount the base Windows PE image (Winpe.wim) to the \Mount directory by using ImageX. Example: Dism /Mount-Wim /WimFile:C:\winpe_x86\winpe.wim /index:1 /MountDir:C:\winpe_x86\ mount

3.Edit the WinPE 3.0 Environment: a.Open <regedit> and from the mounted WinPE image, and load the SYSTEM hive unde r [HKEY_LOCAL_MACHINE]. b.Click HKEY_LOCAL_MACHINE, File, Load Hive. c.From the mounted WinPE Image, navigate to Windows\System32\Config\SYSTEM. d.Name the Winpe hive, for example pe3. e.Access the following Registry entry: [HKEY_LOCAL_MACHINE\pe3\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-080 02BE10318}] f.Edit the Multi-String UpperFilters with Values: SAFEBOOT PartMgr Example Registry file: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\pe3\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-080 02BE10318}] "Class"="DiskDrive" "ClassDesc"="@%SystemRoot%\\System32\\StorProp.dll,-17000" @="Disk drives" "IconPath"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,69,\ 00,6d,00,61,00,67,00,65,00,72,00,65,00,73,00,2e,00,64,00,6c,00,6c,00,2c,00,\ 2d,00,33,00,32,00,00,00,00,00 "Installer32"="StorProp.Dll,DiskClassInstaller" "NoInstallClass"="1" "SilentInstall"="1" "UpperFilters"=hex(7):53,00,41,00,46,00,45,00,42,00,4f,00,4f,00,54,00,00,00,50,\ 00,61,00,72,00,74,00,4d,00,67,00,72,00,00,00,00,00 g.Add the following key and value: [HKEY_LOCAL_MACHINE\pe3\ControlSet001\services\SafeBoot] "Type"=dword:00000001 "Start"=dword:00000000 "ErrorControl"=dword:00000003

h.Add the following key and value: [HKEY_LOCAL_MACHINE\pe3\ControlSet001\services\SBAlg] "Type"=dword:00000001 "Start"=dword:00000000 "ErrorControl"=dword:00000003 "Group"="Primary Disk" NOTE: The entry for Group is of the type String Value. i.Unload the WinPE mounted hive. j.Close regedit. k.Add the Endpoint Encryption for PX files listed below to the following locatio ns in the mounted WinPE image. You may need to create some folders. IMPORTANT: SafeBoot.sys file is named as safeboot.w2k. The file must be renamed to safeboot.sys as soon as it is copied into the correct location. File Name Location SafeBoot.sys \Windows\System32\Drivers SBAlg.sys \Windows\System32\Drivers SbAlg.dll \Program Files\SafeBoot\SBAlgs (this is the algorithm representing the algorithm used to encrypt the system) SbTokenPwd.dll \Program Files\SafeBoot\SbTokens \Program Files\SafeBoot\ SbReaders SbWinTech.exe \Program Files\SafeBoot SbXferDb.dll \Program Files\SafeBoot\ SbComms.dll \Program Files\SafeBoot\ SbUILib.dll \Program Files\SafeBoot\ SbDbMgr.dll \Program Files\SafeBoot\ SbErrors.xml \Program Files\SafeBoot\ 4.Copy the Courier fonts to avoid display problems when viewing the WinTech Work space. copy %windir%\fonts\cour*.* c:\winpe_x86\mount\windows\fonts

5.Commit Changes: a.Commit changes to the WIM: Dism /Unmount-Wim /MountDir:C:\winpe_x86\mount\ /Commit b.Copy new WIM image to BOOT ISO: copy c:\winpe_x86\winpe.wim c:\winpe_x86\ISO\sources\boot.wim /Y c.Create a bootable ISO image: oscdimg -n -bc:\winpe_x86\etfsboot.com c:\winpe_x86\ISO c:\winpe_x86\winpe_x86.i so