Fix Windows with Puppy Linux and Other Live cd Tools.

How to do things, solutions, recipes, tutorials
Message
Author
cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#46 Post by cthisbear »

Returnil in their infinite wisdom stopped their old version.

I re-uploaded the older >>>RVS 2008 free...

http://www.datafilehost.com/download-e7e13c32.html

////////

" "With Returnil, nothing that happens to your system is permanent.
Just reboot and presto! Everything is back the way it was."

http://www.returnilvirtualsystem.com/

RVS 2008 free gives you enough protection.

Don't update...some limitations after 30 days...but a goodie.
More simple...small...does the job.

I run it on a mates machine...for XP.

////

You can copy docs to another partition or usb
but not to C:> drive...because on reboot they disappear.
But then any viruses died with those files as well.

" It clones (copies) your operating system and creates a virtual environment for your PC.
Instead of loading the native operating system, a clone is loaded
that allows you to run your applications and perform your online
activities in an entirely isolated environment. In this manner, your
actual operating system is never affected by viruses, Trojans,
malware and other malicious threats.

To return to the actual operating system environment, you just need to restart your PC. "

///////////

Only in the paid versions.

" While working in the virtual environment, you have the option of
saving documents and files so that your data will not be lost when
the system is restarted.

http://www.returnilvirtualsystem.com/re ... ystem-safe

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#47 Post by cthisbear »

An old post that got dragged up from the crypt today.
But there may be some answers 4 Vista users wanting XP.

I have gone through and checked it out, but as I say some of the advice
has been superceded re viruses...
but for the most part it is OK.

http://murga-linux.com/puppy/viewtopic. ... 159#320159

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#48 Post by cthisbear »

Anyone had trouble accessing the Falcon links on the Pirate Bay.

I've just woken up to the fact that I am being blocked.

So copy the Falcon link in another window of your browser and
log on here

http://ipencode.com/

" IP Encode provides unrestricted access with our free anonymous internet browsing service to help bypass firewalls with a range of privacy features available such as URL Encoding which helps to hide the links of the site
you want to visit from being detected by web filters.

Plus if you need a little extra privacy, you can also block Scripts, Flash and Java objects which can sometimes be used by websites to find
out your Real IP Address.

Simply enter the site you want to visit below and press the
GO button to get started. "

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#49 Post by cthisbear »

I happened to see this today.

How to wipe HD with Puppy, to reinstall Windows?

http://murga-linux.com/puppy/viewtopic.php?t=68169

""""""

I would use DBan myself for a few minutes running from the
Hirens Boot cd or USB etc.

http://sourceforge.net/project/screensh ... p_id=61951

If I had other drives on my computer.....
I would disconnect them >> so that they would not get formatted as well.

If DBan looks too complicated I would use >>
Ccleaner running from Hiren's.

The screenshot doesn't show it but you can erase hard drives
with a variety of wipe options.

http://www.piriform.com/ccleaner/screen ... /ccleaner7

Beware SSD and Ccleaner

Reading up I saw this from leexgx.

" i have posted quite an number of times in the past unless
CC cleaner is doing an low level format it degrade the SSD "

http://forums.overclockers.co.uk/showth ... p=15197924

///////

So a good post....I have seen similar items here...
maybe Sylvander posted one ??


AustrAlien ...from Cowra OZ has a well thought out answer,
so read up from the original.

http://www.bleepingcomputer.com/forums/ ... try2262536

""""""""

" Off-line system restore using a LIVE CD

Step1: Navigate to C:\System Volume Information\

Inside that folder you will see a folder with a name beginning with "restore" followed by a long alpa-numeric code in brackets.

Inside the "restore<bracketed long alpa-numeric code>" folder you will see a number of folders named "RP<3 digit number>".

Choose the highest number:
That is your most recent System Restore point.

Open the "RP<highest number>" folder and inside that you will see another folder called "snapshot".

Finally, open the "snapshot" folder and you will be at this address ...

C:\System Volume Information\restore<bracketed long alpha-numeric code>\RP<highest number>\snapshot

Locate the 5 files that you need to copy from within the snapshot folder:

_REGISTRY_MACHINE_SYSTEM
_REGISTRY_MACHINE_SOFTWARE
_REGISTRY_MACHINE_SECURITY
_REGISTRY_MACHINE_SAM
_REGISTRY_USER_.DEFAULT


Copy these 5 files from here, and paste into the "config" folder at following location ...

C:\Windows\System32\config <<< folder

Step2: In the "config" folder at C:\Windows\System32\config, locate the current registry hive files ...

system
software
security
sam
default


.... and re-name them by appending .old to the filename, so that they now look like this ....

system.old
software.old
security.old
sam.old
default.old


Step3: Still in the "config" folder at C:\Windows\System32\config
Re-name the files that you copied from the restore point:

_REGISTRY_MACHINE_SYSTEM ... rename to SYSTEM

_REGISTRY_MACHINE_SOFTWARE ... rename to SOFTWARE

_REGISTRY_MACHINE_SECURITY ... rename to SECURITY

_REGISTRY_MACHINE_SAM ...rename to SAM

_REGISTRY_USER_.DEFAULT .... rename to DEFAULT (You MUST remove the dot in front of DEFAULT)


You have now completed the System Restore.
Shut down the computer, removing the LIVE CD.

Does your Windows XP system start normally now? "

////////////

AustrAlien disclaimer.

" The instructions I will provide will wipe the whole HDD.
I need to check that you have only the one partition on that HDD,
and that you don't have a second partition with data on it that you
had intended to keep intact. "

""""""""""

" If and when you are sure that you wish to go ahead and
wipe your HDD
(the WHOLE HDD!), the instructions for doing this using Puppy Linux follow.

At the Puppy Desktop, click on the console icon.

Type in the following command exactly as shown (paying attention to the spaces) and then press the <ENTER> key:

dd if=/dev/zero of=/dev/sda bs=4k conv=notrunc

This command will overwrite the drive with zeroes, and return
your hard drive to "as new" condition.

Apart from your hard drive light showing "busy", there will be
no indication of anything happening until finished,
when you will see output on the console screen as follows ...

dd: writing '/dev/sda': No space left on device
followed by some other information.

I have tested on a 2.1GB hard drive and found it to take
17.4 minutes to complete. So, be patient:

The time it takes to complete will depend very much on the size of
your hard drive. You may wish to leave it run over-night.

Simply close the console window when finished.
Then shut down the computer, removing the Puppy CD.

Boot to your Windows installation CD, create a partition,
format it, and install XP. Success? "

////////

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#50 Post by cthisbear »

I saw an old post

What format for retrieving data from crashed hard drive?

It had links to some of my older replies.

http://208.109.22.214/puppy/viewtopic.p ... 04491390e6

////////

http://forums.whirlpool.net.au/forum-re ... ?t=1174451


http://forums.whirlpool.net.au/forum-re ... ?t=1198871


http://forums.whirlpool.net.au/forum-re ... ?t=1203695


http://www.murga-linux.com/puppy/viewto ... h&id=16661

http://www.murga-linux.com/puppy/viewto ... 109#313109


http://www.murga-linux.com/puppy/viewtopic.php?t=20312

http://www.murga-linux.com/puppy/viewtopic.php?t=43134

Might be useful.

////////

I updated my first post last night.

Reposted it here 4 testing ...later deleted it
>>because I fixed the links up...40 pages.

Of course it worked here on page 4.

Reposted on page one...links didn't work.

Strange ... strange ... forum error.

////////////

Added to older content here.

Great help site.

http://help.artaro.eu/

Recover files from Windows 7 hard disk using Puppy Linux

http://help.artaro.eu/index.php/windows ... isk-7.html

Recover files from Windows XP hard disk using Puppy Linux

http://help.artaro.eu/index.php/windows ... sk-xp.html

Recover files from Windows Vista hard disk using Puppy Linux

http://help.artaro.eu/index.php/windows ... vista.html

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#51 Post by cthisbear »

Remove-windows-recovery.

"Windows Recovery is installed via Trojans that display
false error messages and security warnings on the infected computer "

Bleepingcomputers

"""""

On the Whirlpool Forum I saw this post.

http://forums.whirlpool.net.au/forum-re ... ?t=1717076

On page 2 >> • MarƒoX • >> mentioned >>Remove-windows-recovery.

http://www.bleepingcomputer.com/virus-r ... s-recovery

""""""

As usual, a good guide from this crowd. Solid advice.

http://www.bleepingcomputer.com/

""""""

So if you have messages with the following and your files are hidden
in Windows, you cannot run any programs, then this may be why.

Hard Drive Failure

System Error

Critical Error

Fix Disk

"""""""

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#52 Post by cthisbear »

Speckie.

Untested ... as I hate Internet Explorer.

"""""""""""

" Ever since Internet Explorer was created, it has lacked an essential feature; real time spell check.

Versoworks proudly brings you that feature, say hello to Speckie! "

http://www.speckie.com/home/

http://www.speckie.com/features/

' The first and only real time dedicated spell checking solution for IE.
Now battle hardened by thousands of users worldwide! '

http://www.speckie.com/help/

/////////

Thanks again to Majorgeeks.

http://majorgeeks.com/

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#53 Post by cthisbear »

How to Remove the Ask Toolbar in Avira:

I like Avira and install it on many customer computers.

But someone decided to allow an Ask toolbar to be installed.

Scumware....Crapware.

Do not install it....untick it.

http://www.avira.com/en/support-for-hom ... /faqid/861

"""""

I have seen a few posts....such as this.

http://forum.avira.com/wbb/index.php?pa ... dID=133011

"""""

So I would use a variation of the above from Bethrezen
and also use >> Gorky's post as a solution.

http://forums.digitalspy.co.uk/showthre ... p=51135134

This is what I had to do (on Windows 7) after the latest update when my umbrella was closed:

1. Go to add/remove programs

2. Right click on Avira AntiVir Personal and select 'Change

3. Select Modify, then click Next.

4. Don't tick the box to install Webguard, then click Next

5. Install Avira as usual from then on (install all components).

6. Reboot PC.

At this stage, after I rebooted, Avira displayed the same message
about installing Webguard/Ask toolbar.

This time, I chose 'Install' and repeated steps 3 to 6 above to
install Avira yet again without ticking the box to install Webguard.
After rebooting the 2nd time, everything was back to normal
(Umbrella open and no Webguard/Ask Toolbar).

You may not have to repeat the process twice like I had to, depends
if you get the pop up message again about installing Webguard.

It seems to go wrong and do a partial install if you choose
"ask me later" so that's where Avira messed up with this update I think.

""""""""

Also block these files in your firewall.

ApnToolbarInstaller.exe

ApnStub.exe
(Boots with windows whether you accept to install the Toolbar malware
or not, then attempts to Phone home)

ApnIC.dll

I tested the above in 5 XP computers and one Win7 comp.
No more problems.

"""""""""

Satisfied users...ha! ha!

Mele20 ...had a good post here.

http://forum.avira.de/wbb/index.php?pag ... ost1093086

http://forum.avira.com/wbb/index.php?pa ... dID=132567


Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#54 Post by cthisbear »

Win7′s no-reformat, nondestructive reinstall

I was reading this post on Whirlpool.

Mark@Oz had a good suggestion for Windows 7.

Question :
" If I do a system recovery with the provided DVDs will I loose
my post-installed programs? "

His answer:
" You might want to look at this link that suggests a
non publicised method for fixing a Windows installation that
will keep your existing installed programs.

(I have not had a good read of the article, but have a lot of faith in
the source of the info) "

http://forums.whirlpool.net.au/forum-re ... ?t=1729224

"""""

And the link Mark@Oz provided.

http://windowssecrets.com/top-story/win ... reinstall/

Fred Langa:

" Tell Windows a little white lie — that you’re upgrading,
even though you’re really not.

You’re not really upgrading;
you’re reinstalling the same version of the OS that’s already on the PC.

But the upgrade option leaves your files, settings, and programs
in place, undisturbed.

By pretending that you’re upgrading, you can trick the setup program
into doing an in-place reinstall!

And then, finally, the installation process begins in earnest "

////

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#55 Post by cthisbear »

Unhide desktop icons.

I had a Vista laptop infected with the Windows Restore virus.

So after cleaning out with Puppy,
scanning the drive with the usual suspects including Malwarebytes,
I had missing desktop icons etc.

I knew that I had read about this before, but I had never actually
seen it for myself.

So here are a few posts.

"""""""

Bleeping Computer's >> unhide ....worked for me.

Bleeping Computer are a stellar site for malware fixes.

http://download.bleepingcomputer.com/grinler/unhide.exe

But run the latest rkill

and then Malwarebytes' Anti-Malware first.

Instructions on this page.

http://www.bleepingcomputer.com/virus-r ... ws-restore

////

Sometimes if rkill won't stop running processes...Rogue Killer will.
Always run the latest versions.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

http://www.sur-la-toile.com/RogueKiller/

///

Other methods.

http://toddjir.com/a-virus-deleted-desk ... top-icons/

http://www.pcmech.com/forum/networking- ... tcuts.html

http://forums.malwarebytes.org/index.ph ... opic=83625

http://toddjir.com/a-virus-deleted-desk ... top-icons/

Chris.

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#56 Post by Flash »

Puppy comes with ms-sys for fixing the MBR of Windows. (Version 2.2.1 available as a .pet, for fixing the MBR of Windows XP, Vista and 7.)

Also see this thread.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#57 Post by cthisbear »

Thanks Flash...good info.

And good work from DPUP5520.

Worth reading that post.

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#58 Post by cthisbear »

Outlook Express replacement.

Use Vista >> Windows mail for Windows 7.

:::::::

My mate now uses the >> Vista >> Windows mail >> for his Win7

Download the zip and extract all files to a folder,

call it >> Windows Mail

Boot Puppy, Hirens, the Falcon whatever,

Go to >> Program Files >> in Windows 7

rename the folder >> Windows Mail to

Windows Mail Win7

Copy the extracted folder >> Windows Mail >> to

Program Files.

Make a shortcut from the file >> WinMail.exe >>

Copy the shortcut to your desktop >> voila!

when you click on it you have a completely usable
email client for Windows 7.

""""""""""

The download is here >> Vista mail 4 Win7
Size: 4.97 MB

http://www.datafilehost.com/download-fb835c27.html

Enjoy.

Tested by me on a new Windows 7 laptop this week.
for a client. Always scan any download.

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#59 Post by cthisbear »

Majorgeeks gives this site good reviews...

Tweaking.com >>>> Pick....Windows fixes

http://www.tweaking.com/

::::::

Utilities.

http://www.tweaking.com/content/overview/default.html

:::::

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#60 Post by cthisbear »

Hiren's 15.0 released.

http://www.hiren.info/pages/bootcd

Download.

Filename: Hirens.BootCD.15.0.zip

Filesize: 535.21 MB (561208675 bytes)

ISO MD5: 9656D1156037552CD09DA1A0697FCE9D

ZIP MD5: 0BB55D1195AEDDFF05D7F7E3B9FB0C68

http://www.hirensbootcd.org/download/

Chris.

linuxbear
Posts: 620
Joined: Sat 18 Apr 2009, 20:39
Location: Las Vegas, Nevada, USA

#61 Post by linuxbear »

... I downloaded Hiren's from their homepage last night and installed to a pendrive. I found no less than 5 trojans on the ziped folder which was downloaded from the Hiren's site and subsequently in the thumbdrive which I created as well. Too bad, as this looked like a wonderful tool for rescuing windows boxes

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#62 Post by cthisbear »

linuxbear:

I don't need comments posted here.

From my first post >> Page 1.

" So any helpful hints are appreciated but leave the Venom to me.

Nobody is forcing you here.
Above all ---this advice may or may not fix your problems. "

::::::::::::::::::::::::::

Hiren's has no trojans.

More likely it is BS Antivirus programs like AVG, Norton's and the like
reporting false positives.


Hiren's disclaimer..........'

" Troubleshoot

If you are getting a virus warning from the downloaded files, please check FAQ page “Why am I getting a virus warning for a file downloaded from your website

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#63 Post by cthisbear »

Want an Adobe Reader X >>>alternative.

Because this sludge that Adobe has released lately
is beyond the pale.

Gross, hangs...a total joke.

Tried it for my daughter on 3 different computers.
Must read my own advice.

I used Foxit Reader myself afterwards...pretty quick.

Do not install

>> the ASK toolbar.
Otherwise it's a goer.

Here is a March 2011 review...

FOUR Free Alternatives To Adobe Reader Malware Magnet

http://billmullins.wordpress.com/2011/0 ... re-magnet/

I have tried all these and others.


"""""""""""""""""

Warning >> Do not use CNET ...for downloads.

http://download.cnet.com/windows/?tag=hdr;brandnav

How low can you go.

I always use Majorgeeks....a fun site.

http://majorgeeks.com/

""""""""""""

http://seclists.org/nmap-hackers/2011/5

" Hi Folks. I've just discovered that C|Net's Download.Com site has
started wrapping their Nmap downloads (as well as other free software
like VLC) in a trojan installer which does things like installing a
sketchy "StartNow" toolbar, changing the user's default search engine
to Microsoft Bing, and changing their home page to Microsoft's MSN. "

""""""""

And...

http://www.geek.com/articles/geek-pick/ ... e-2011126/

http://www.infoworld.com/t/anti-spyware ... ing-181392

""""""""""

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#64 Post by cthisbear »

PC Login Now

I have used this before.....now free again.....use with care.


I saw this post on Whirlppool. >> jmatt provided the PC Login link.

http://forums.whirlpool.net.au/forum-re ... ?t=1845939

"""""

Comes down as an >> exe file>>> PCLoginNow_Full.exe

and then extracts to iso.

http://www.pcloginnow.com/product.html

http://www.pcloginnow.com/guide.html

""""""""""

Be warned.............

Cons....never experienced it myself....but.............

" Password reset process causes Windows to detect a possible
hard drive issue "

Review.

http://pcsupport.about.com/od/toolsofth ... ginnow.htm

""""

Step by step....1 - 14 pages

http://pcsupport.about.com/od/toolsofth ... nowsbs.htm

"""""""""

Chris.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#65 Post by cthisbear »

As posted by me here

http://murga-linux.com/puppy/viewtopic.php?t=75663

the Windows update error iertutil.dll is not getting any better.

Plenty of solutions by the Whirlpool crowd in the above links.

""""""""""""""

I was looking at this post on Whirlpool

http://forums.whirlpool.net.au/archive/1856678

Col Peters mentioned this for some rootkits.

Webroot AntiZeroAccess

http://anywhere.webrootcloudav.com/antizeroaccess.exe

Chris.

Post Reply