Using Linux to repair Windows XP or Windows 7 on any PC
I'm very new to Linux. What I'm looking to do is to use Linux to help me remove malware and etc. from any Windows based computer. We are currently using 32-bit Dell computers with Windows XP SP3. New computer orders are 64-bit Windows 7. Previously, I have used Ghost to create images, but it is getting harder to have all the different images saved and other criterias. My plan is to create an USB Linux boot with the Windows software to remove malware, trojans and all the others. I currently have an 8Gb USB flash drive to use for this project. I was looking at Puppy Linux, but I think there is something messing whether it be with puppy or me. I am not limiting myself to just this project. This just happens to be one selected and approved by my bosses. Since we are using both platforms in this school district -- Macs and PCs. I would like to evaluate how Linux could help me do my job. Eventually, I should be able to use my laptop with at least a dual boot environment. Any information would be gratly appreciate. All of the information available is confusing to an extreme newbie.
|
Correction to my post.............. I'm not limited to the 8 Gb flash drive. Thanks!!!!!!
|
Quote:
|
as much as i hate to say this, sounds like trying to use a screwdriver to pound in a nail or a hammer to put in a screw
for a live cd type environment with windows type stuff you would want bartpe http://www.nu2.nu/pebuilder/ but you havnt really said what the computers are for if they are computer lab computers have they installed deep freeze? http://www.faronics.com/en/Products/...Education.aspx this will prevent malware/viruses from doing any real damage since everything gets reset to a default state on reboot as for linux you would only have to create bare minimum 2 images, the 32 bit image and the 64bit and find out if there are equivelent linux softwares to what is currently used and put together a proposal of just plain replacing windows alltogether and seeing if it gets approved since in the long run it will save on having to put together such a spyware/malware removal boot disk and the time of regularly USING such a tool |
Quite a large fraction of repair and malware removal etc. in Widows XP involves manipulation of the registry. (I'm not sure regarding the same topic in Windows 7).
Many of the Windows programs for examining and manipulating the Windows registry will run in Wine, but they would use the artificial Windows-like registry maintained by Wine. I don't know whether it is possible to configure Wine to use the actual Windows registry from the Windows system you are trying to repair. I'm trying to do some things similar to the OP's request so I have many of the same questions. There is a Linux program chntpw.static that can be used for manipulating a real Windows registry. It is an important tool to include in your kit for repairing Windows computers. But for many operations it is very manual and tedious and command oriented. A GUI version would be much nicer, but I don't know of one. The portable Linux binary as well as the source code are available in the .zip file at http://www.pogostick.net/~pnh/ntpass...rce-100627.zip which is a link from the page at http://www.pogostick.net/~pnh/ntpasswd/ |
It can be done with linux but I would look at Barts PE or UBCD4Win or Vista PE with the tools and drivers you want built in.
|
The best method I know of removing malware and viruses from a Windows computer outside of wiping the hard drive and starting over, is from another Windows computer. When you run a virus scan software on a local computer, any viruses active in memory will scan the process tree and see the virus scanner before the virus scanner will see the virus. Now the virus has time to hide.
Take a known clean computer with an updated virus scanner installed. Reboot the target computer in safe mode with networking enabled. Connect to the administrative C$ share on the target computer and map the drive to the scanning computer. Since the virus scanner is not in resident memory on the target computer, if there are any resident viruses on the target computer that can survive even safe mode, it will only see that there is file access to the hard drive. It will not be able to detect the virus scanner as it is running on the remote system. This will clean off any known viruses from the hard drive. Now reboot the target computer and reinstall the virus scanner and allow it to scan again so it can check the resident memory and registry keys. |
Using Linux to repair Windows XP
Last week, I was able to use my Puppy Linux flashdrive to retrieve user's data from a hard drive that would not boot. Now I need to play with Puppy Linux and WINE to hopefully achieve what I think would be a very useful tool for my environment, which is a county school district. I support 80 data entry PCs -- which are either Windows XP SP3 or Windows 7.
I plan to look at BartPE for imaging, but I hate to re-image a computer if I just need to run antimalwarebyte. Can anyone tell me a good place to start with learning Linux. Technically, I'm a COBOL programmer doing PC software/hardware repairs. I would like to learn other software languages or programs to do my job. Since this district is trying to move to current technologies, I need to learn as much as possible. Thanks!!!! |
Quote:
Secondly, get a Linux box up and running, play with it, break it, try to fix it, break it again! Write silly programs in BASH. It does not matter what you write, make a simple game written in BASH if nothing else. BASH is so compared to DOS in that is runs commands, but unlike BATCH DOS scripting, BASH is more like witting programs in BASIC. FAR more powerful than DOS ever wanted to be! |
Using Linux to repair Windows
Thanks, joec@home. I appreciate the infomation. It is not easy starting started in a new environment when all of my expertise is in mainframe programming.
Are there any other materials I need to look at to help me with today's technology programming? Thanks, again!!!! |
Linux books free to read online:
http://rute.2038bug.com/index.html.gz http://tldp.org/LDP/Bash-Beginners-G...tml/index.html A load of stuff here: www.linuxtopia.org ; just click into the links.. :) |
Quote:
|
Quote:
|
Hi
What I'm using is a working combination of MiniPE-XT bootable CD with Windows and a USB drive with MalwareBytes portable good luck |
You might want to look at Trinity Rescue Kit. It's designed precisely for rescuing Windows boxes. I've used it myself for a friend's computer.
http://trinityhome.org/Home/index.ph...g=en&locale=en |
can also reset windows password ... Very cool even windows 7
|
Quote:
The last one I came across looked so realistic, that it even offered online support option, but the part, that raised my suspicions was the fact, that they were asking to buy their software, and claiming, that it would protect the computer. After inspecting more, this all software turned out to be a small scam system, designed to get money out of unsuspecting users, and most likely leaving them with no more than an empty wallet and mixed feelings of helplessness and anger. Another thing is, that nobody really knows what such tools do, and they are often used by inexperienced users, which results in even greater damage. |
Ccleaner works along with Malwarebytes it's also in hiren's-boot-cd
|
I have used Linux to externally work on Windows drives.
Windows will hide things from the viewer (even without a virus), which makes it irritating to use it to fix itself. Windows tries to keep consistent cache-files for some things like cookies and temp directories. Linux has the advantage that it bypasses all that. On the other hand it will completely ignore the cache-files and leave them inconsistent. If you wipe out those cache-files completely, then windows will rebuild them. Which ones this works for on which Windows system is beyond what I managed to figure out. I only worked on Win98 and Win2000 systems. Reformatting Win partitions using Linux does not always work, as Windows can be picky about strange things. My best approach was to create a directory on a spare partition and move anything suspicious out there (where it would not get executed). Bring in replacements from a good source. Diff against existing copies to detect corruption. Fix the MBR. Get a mimium working Windows, that would not reinfect itself, and then use it to finish repairing itself. |
Edited out personnel opnion!
virtual box or VMware and run a Virtual Machine. There is also Play on Linux which is a frontend for wine. 1) Use Global method to delete virus or system wide deletion on Network. 2) Trinity Rescue Kit -- is better it can use up to 4 virus scanners to scan a computer. 3) TotalVirus upload the file to the website it runs 40+ scanners . There is also a free version of the tool for scanning whole system. 4) For Linux only Penguin Pills allows u to load 9 virus scanners . To load Peguin Pills extract a tar.gz and edit script and locations of files loaded. Only 4 virus scanners are free. (AVG, F-prot, Avira and Avast(Avast will only support i386 ) install more with this GUI just by editing the script. 5) Get free Bootable Rescue Disks of 9 virus scanners. Can all be added to MultiPass usb stick |
Edited Version. For procesion and exact information taking out personnel opnion.
MultiPass USB or Katana: Portable Multi-Boot Security Suite. ISO's are going to be the easiest way to set up MultiPass. NO NEED TO CARRY THE LAPTOP AROUND! freeware/shareware Snapfiles. |
Edited took out personnel opnion
Have fun! |
All times are GMT -5. The time now is 05:17 PM. |