This page is a collection of methods, utilities and example commands to help a knowledgable user do some system maintaince for corrupt files and/or virus removal to a Microsoft Windows 7 OS. What makes this collection unique is the use of Linux where there may be advantages, particulary to someone who is well versed in Linux.
When a Windows 7 OS has a problem from corrupt files (due to virus or harddrive failure) performing a backup is usually the top prority. Making a harddrive image is usually a good starting point and may be a requirement when dealing with a failing harddrive. Linux is very helpful in performing these tasks and below are some commands that can save time.
Boot Linux by adding a Linux harddrive and/or re-configuring BIOS or the Boot Sequence during startup. The Linux installation my be one a USB Stick, External Harddrive or SSD (my personal favorite since it boots so quickly therefore making better use of what little patience I have for this type of work). The following commands in Linux are helpful :
To discover all connected harddrives and their partitions (very useful for harddrive/letter identification) :
fdisk -l
For editing the partition table of a specific harddrive :
fdisk /dev/sd#
When working with GPT (or GUID Partition Table which compiles to GPT) the ‘gdisk’ package should be installed and one useful command to copy a table is :
sgdisk --replicate=/dev/target /dev/source
To format (erase) the MBR (Master Boot Record), which can be useful when converting a GPT to a DOS style partition table try the following :
dd if=/dev/zero of=/dev/sda bs=446 count=1
To format (erase) the MBR and the Partition Table simply increase the count to include the contiguous partition table data :
dd if=/dev/zero of=/dev/sda bs=512 count=1
Where ‘#’ is the letter of the harddrive of interest, not a specific partition number.
The application ‘dd’ is a useful tool when making a hard drive or partition image to another harddrive or to a file for later usage. In general, you must unmount any partition included in the command arguments to ‘dd’ and ‘dd’ does not provide error checking or logging which makes it dangerous to use and can waste a lot of time while making cloning attempts. When using ‘dd’, always double check your command line and the partition output from ‘fdisk -l’ to ensure you are doing what you intend.
dd if=/dev/sda1 of=/dev/sdb1 bs=4096 conv=notrunc,noerror,sync
To copy (or clone) a complete harddrive to another harddrive :
dd if=/dev/sda of=/dev/sdb bs=4096 conv=notrunc,noerror,sync
To copy (or clone) a complete partition to another partition :
dd if=/dev/sda1 of=/dev/sdb1 bs=4096 conv=notrunc,noerror,sync
To copy (or clone) a complete partition to a file in the home directory :
dd if=/dev/sda1 of=/home/sda1.img bs=4096
To fix a corrupted partition or partition table the application :
dd if=/dev/sda1 of=/dev/sdb1 bs=4096 conv=notrunc,noerror,sync
Fast way to show progress while copying and estimate speed/ETA to allow tuning of block size (done here using ‘pv’ block size argument)
pv -B 512k /dev/sdc | dd of=/dev/sdb conv=notrunc,noerror,sync
When you need to do more advanced partition table manipulation ‘sfdisk’ can provide powerful re-tooling using fairly simple commands
You can use the Windows Restor Disk to “Fix Windows Startup” or if that fails or multiple OS’s are in use then ‘grub’ can be a good option. Before you can install a boot loader, you must first mount the partitions of interest :
It is often good to list all connected harddrives and partitions first to avoid confusion :
fdisk -l
When working with hard drives connected via USB a helpful command to list attached devices is :
lsusb
To discover all hardward USB ports :
find /dev/bus/
To list all details of a specific USB Port :
lsusb -D /dev/bus/usb/...
Fill in path using listing from previous command…
Finding large directories and files can be helpful. Some tools for achieving this are include :
du -hs /path/to/folder
Option -s is provides a summary and -h creates human readable output.
du -h --max-depth=1 /path/to/folder
To produce a list of all the folders and their sizes.
du --max-depth=1 /path/to/folder | sort -nk1
Produces output sorted from smallest to largest, which makes large files easy to find.
You may need to create directories for each partition that will be mounted. It is easier to track what you are doing if you name the directories after the “haddrive/partition” naming scheme :
mkdir /mnt/sda1 mkdir /mnt/sda2 mkdir /mnt/sda3 etc...
Then mount partition to the directory with its name :
mount /dev/sda1 /mnt/sda1 mount /dev/sda2 /mnt/sda2 mount /dev/sda3 /mnt/sda3 etc...
To install a boot loader the following command may work (read manual for switches that fit your application) :
grub-install --recheck --no-floppy --root-directory=/mnt/sda1 /dev/sd#
Where ‘#’ is the target harddrive letter, not a specific partition number. And the root directory is where Linux is located.
Reboot the computer, while booting off the target hardrive ??? then log in and excute :
sudo update-grub
This will filanize the grub instllation???
To format a partition with NTFS and not waste a bunch of time initilizing every bit to ‘0’ (which is the default mode) try the following :
mkfs.ntfs /dev/sdb1 -f
One important catch with DOS/Windows/Microsoft is that these OS’s and their applications will get confused and not install or run correctly if there is more than one primary partition. When creating partitions, only create one primary partion and the rest must be secondary. This gotcha helped to inspire the effort to create the documentation on this page.
System File Checker Tool from Microsoft is as close as you are going to get to an “apt-get” style Package Management System for windows. The following URLs provide some additional information :
http://support.microsoft.com/kb/929833 http://pcsupport.about.com/od/toolsofthetrade/ht/sfc-scannow.htm http://en.wikipedia.org/wiki/System_File_Checker http://en.wikipedia.org/wiki/Windows_resource_protection
The following URL provides a great source for the DLL’s found in a Windows 7 System :
Command for running at command line (command prompt with administrative privileges)
sfc /scannow
Command for running when booting with CD (change ‘x’ to correct drive letter)
sfc /scannow /offbootdir=x: /offwindir=x:windows
Often your ‘C:’ drive will become ‘D:’ when booting from a Rescue CD, if so the following will work :
sfc /scannow /offbootdir=d: /offwindir=d:windows
The complete break down of options that ‘sfc’ provides (shown when using the ‘/?’ switch as an argument):
sfc [/scannow] [/verifyonly] [/scanfile=file] [/verifyfile=file] [/offbootdir=boot] [/offwindir=win] [/?]
The ‘sfc’ application pulls files from a cache, which for Windows 7, is located at :
C:WindowswinsxsBackup
As of Windows 7, Microsoft refers to this backup directory and related services as WRP or Windows Resource Protection.
When the ‘sfc’ has problems you can interpret the protected log files using some form of the following command :
findstr /c:"[SR]" %windir%LogsCBSCBS.log >"%userprofile%Desktopsfcdetails.txt"
When this command alone isn’t enough, here is a list of more commands :
http://pcsupport.about.com/od/commandlinereference/tp/windows-7-commands-p1.htm
Sometimes you have to re-install windows. You should fetch your Microsoft product keys to aid in the re-installation especially if you performed an “Upgrade Anytime” style upgrade at some point. I thought this tool from Microsoft could help fetch these product keys and is less scary than downloading other key fetching applications from mysterious sources :
http://www.microsoft.com/en-us/download/details.aspx?id=11936
However, No luck… After evaluating various free options, ProductKeyFinder.exe with file size of 882 KB installed and worked well
Deployment Image Servicing and Management Tool or ‘DISM.exe’ is another tool which might be useful :
dism /online /cleanup-image /checkhealth
dism /online /cleanup-image /restorehealth
If the backup files are corrupt, ‘imagex.exe’ may allow one to create an image from another system running the same OS by performing something like the following :
imagex /capture c:mydata c:data.wim "My Data"
imagex /apply c:data.wim 1 d:
http://windows.microsoft.com/en-us/windows/answers?tId=e4611720-6add-4040-be9f-40516369d629
git commands that are useful :
git remote show origin