Virus removal on Windows
Virus removal on Windows
I have used Puppy Linux (either Puplite or 431) to remove a number of very stubborn virus programs from Laptops and PCs running various Microsoft OSs - at work, for our customers.
There are many virus programs for Windows, as we all know. Many of them are a real pain in the a** to get rid of. One such example is the "CleanThis".. Here are some more examples:
http://www.remove-virus.net/cleanthis-virus/
http://www.remove-virus.net/xp-win-7-ho ... rity-2011/
http://www.remove-virus.net/msremovaltool/
http://www.remove-virus.net/microsoft-s ... nter-2011/
http://www.remove-virus.net/win-7-security-2011/
http://www.remove-virus.net/windows-virus-update-2011/
The above virus programs pretend to be anti-virus software, and they all disable the normal Windows desktop, menu and task manager, and kill any programs and processes the user tries to run.
Using the Windows tools ComboFix and SuperAntiSpyware is great, and usually does the trick. However many of the above virus programs do not allow anything to be run while the virus is running, so these tools cannot, for example, get rid of the 'CleanThis' virus, once infected.
However, I have found that booting up Puppy from Live CD or USB, then manually removing the offending virus is the fastest and easiest way to clean out the infected Windows system of all offending files.
Then all that is left to do, is to boot into the fixed MS OS, and run ComboFix or SuperAntiSpyware (or both), to clean out the registry etc. (I could have simply installed ClamAV in Puppy and done it that way, too..)
In just one day, I used Puppy to clean out 4 PCs/laptops of VERY stubborn virus programs. Thank god, because my manager (and a colleague) could not get around any virus program mentioned above, and so they were considering formatting the hard drives of our customers and charging extra!
Good old Puppy to the rescue.
(and no, neither my boss nor my colleague said they will use Puppy from now on!)
There are many virus programs for Windows, as we all know. Many of them are a real pain in the a** to get rid of. One such example is the "CleanThis".. Here are some more examples:
http://www.remove-virus.net/cleanthis-virus/
http://www.remove-virus.net/xp-win-7-ho ... rity-2011/
http://www.remove-virus.net/msremovaltool/
http://www.remove-virus.net/microsoft-s ... nter-2011/
http://www.remove-virus.net/win-7-security-2011/
http://www.remove-virus.net/windows-virus-update-2011/
The above virus programs pretend to be anti-virus software, and they all disable the normal Windows desktop, menu and task manager, and kill any programs and processes the user tries to run.
Using the Windows tools ComboFix and SuperAntiSpyware is great, and usually does the trick. However many of the above virus programs do not allow anything to be run while the virus is running, so these tools cannot, for example, get rid of the 'CleanThis' virus, once infected.
However, I have found that booting up Puppy from Live CD or USB, then manually removing the offending virus is the fastest and easiest way to clean out the infected Windows system of all offending files.
Then all that is left to do, is to boot into the fixed MS OS, and run ComboFix or SuperAntiSpyware (or both), to clean out the registry etc. (I could have simply installed ClamAV in Puppy and done it that way, too..)
In just one day, I used Puppy to clean out 4 PCs/laptops of VERY stubborn virus programs. Thank god, because my manager (and a colleague) could not get around any virus program mentioned above, and so they were considering formatting the hard drives of our customers and charging extra!
Good old Puppy to the rescue.
(and no, neither my boss nor my colleague said they will use Puppy from now on!)
Just a note to this, if someone knows how to edit the Windows registry from within Puppy Linux (or Linux in general), then please tell me, it would be great!
[b][url=https://bit.ly/2KjtxoD]Pkg[/url], [url=https://bit.ly/2U6dzxV]mdsh[/url], [url=https://bit.ly/2G49OE8]Woofy[/url], [url=http://goo.gl/bzBU1]Akita[/url], [url=http://goo.gl/SO5ug]VLC-GTK[/url], [url=https://tiny.cc/c2hnfz]Search[/url][/b]
- Moose On The Loose
- Posts: 965
- Joined: Thu 24 Feb 2011, 14:54
This may work:sc0ttman wrote:Just a note to this, if someone knows how to edit the Windows registry from within Puppy Linux (or Linux in general), then please tell me, it would be great!
Install wine
copy the registry into the wine
use wine's regedit
copy it back
I haven't tried it but it seems like it may work.
The tool you're looking for is here: http://pogostick.net/~pnh/ntpasswd/. It's main purpose is to reset passwords (which requires registry access), so as an extra the author provides the registry-editing tool too. Command-line only. I tested this tool long ago with WinXP and it worked, I'm not sure of its compatibility with newer version of Windows.sc0ttman wrote:Just a note to this, if someone knows how to edit the Windows registry from within Puppy Linux (or Linux in general), then please tell me, it would be great!
Fatdog64 forum links: [url=http://murga-linux.com/puppy/viewtopic.php?t=117546]Latest version[/url] | [url=https://cutt.ly/ke8sn5H]Contributed packages[/url] | [url=https://cutt.ly/se8scrb]ISO builder[/url]
Another important thing to remember and this is from a total noob so take it with a big hand of salt
Some virus are very clever they replace the DLLs of the original OS so you not only have to get rid of the virus as such you need to find the original DLLs and put them back in place.
I only retell what was told to me I have not tested it myself.
Some virus are very clever they replace the DLLs of the original OS so you not only have to get rid of the virus as such you need to find the original DLLs and put them back in place.
I only retell what was told to me I have not tested it myself.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
@ sc0ttman
Here are the two I mentioned earlier that I compiled a while ago, sorry it took me so long just got back to the house.
@ jamesbond
It works with All Windows from 2000 up to Windows 7
Here are the two I mentioned earlier that I compiled a while ago, sorry it took me so long just got back to the house.
@ jamesbond
It works with All Windows from 2000 up to Windows 7
- Attachments
-
- chntpw-0.9.6-2.pet
- (48.83 KiB) Downloaded 566 times
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=69651][b][i]PupRescue 2.5[/i][/b][/url]
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=72178][b][i]Puppy Crypt 528[/i][/b][/url]
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=72178][b][i]Puppy Crypt 528[/i][/b][/url]
Can't beat Hirens or the Falcon to fix Windows.
The Falcon can go back in >> System Restore
and also remove Windows updates >> Hotfixes.
This is because he runs the latest ERD.
His last recovery disc runs most of Hirens 13.0
Hiren's has a great password manager as well.
ERD has an unlocker.
ERD also has an inbuilt Microsoft Scanner.
Hirens has some as well.
Don't get me wrong...Puppy gets some files that Windows locks and
even the above can't unlock.
/////////
You forgot Malwarebytes Antimalware >> free version
http://www.malwarebytes.org/mbam-download.php
http://www.malwarebytes.org/mbam.php
and Hitman Pro..one time Internet scan and fix 4 free
Do not install...run as a 1 time fix.
It has a special feature...Hitman Pro in Force Breach Mode
" The development team introduced a “Force Breach
The Falcon can go back in >> System Restore
and also remove Windows updates >> Hotfixes.
This is because he runs the latest ERD.
His last recovery disc runs most of Hirens 13.0
Hiren's has a great password manager as well.
ERD has an unlocker.
ERD also has an inbuilt Microsoft Scanner.
Hirens has some as well.
Don't get me wrong...Puppy gets some files that Windows locks and
even the above can't unlock.
/////////
You forgot Malwarebytes Antimalware >> free version
http://www.malwarebytes.org/mbam-download.php
http://www.malwarebytes.org/mbam.php
and Hitman Pro..one time Internet scan and fix 4 free
Do not install...run as a 1 time fix.
It has a special feature...Hitman Pro in Force Breach Mode
" The development team introduced a “Force Breach
-
- Posts: 416
- Joined: Thu 10 Nov 2005, 02:18
Another rescue disk.
Trinity Rescue Disk.
http://trinityhome.org/Home/index.php?c ... &locale=en
Not necessarily better, just something else.
http://trinityhome.org/Home/index.php?c ... &locale=en
Not necessarily better, just something else.
Google Search of Forum: http://wellminded.com/puppy/pupsearch.html