Guide | How To BoraMurdar's Fix Tools

[StriderHunterX]

Hot damn....What a topic.

I thought that having Hiren's and Parted Magic would be good enough.Time to spend on another 8GB pendrive.....

Thanks for the info.

 

[kiric96]

This is not true
Always better and recommended to cure of ^Linux-based^ live cd, so there is no active infected files that may interfere with the disinfect in the windows environment( infected memory modules, drivers, etc///)
They can clean malware from outside the infected Windows system, so the malware won’t be running and interfering with the clean-up process.
If Windows won't start or if the computer won't start in safe mode, using an antivirus rescue CD. An antivirus rescue CD allows you to scan an infected computer without having to start Windows. Many antivirus companies provide free rescue CDs. They are extremely effective at removing malware from a computer.
A rescue disk is helpful when the malware infection is at such level that it is impossible to clean the computer using regular anti-malware applications.
The malware won’t be running while the antivirus tries to remove it, so the antivirus can methodically locate and remove the harmful software without it interfering.

i agree with bora murdar, our friends at Dr. web writes:

Spoiler

Each anti-virus program has its own unique concept of building anti-virus protection. Dr.Web does not cure viruses in archives, but this does not decrease the level of protection it provides compared to similar programs on the market. Dr.Web perfectly detects viruses in archives and, with SpIDer Guard constantly enabled, such viruses have no chance of getting outside the infected archive to infect a system. Moreover it’s unlikely that any anti-virus can boast that it cures all of the viruses it detects in an infected archive! To "cure” archives one must not just cure (or remove) the infected file inside the archive, one must repack the archive to make its contents accessible again to the user. In most cases such repacking is impossible without licenses to the archiving algorithm. If an anti-virus developer claims to be able to cure archives, ask to see all of his licenses

i think that now a days we see less real viruses infections, today malware are trojans, worms and so on, however i manage myself to run and clean rootkit-virus infected machines with EEK and some other tools for me Kaspersky rescue is a heavy tool in terms of portability and usability

 

[marzametal]

Use BootIce to partition USB flash drives. It also allows for different formats, can have exFAT, FAT32, NTFS occupying 3 partitions on the one drive. In Windows only one partition shows, in *NIX, all show. There is also a 32 and 64 bit version.

Thought it might come in handy especially if you're traveling between different OS types. might be worth keeping some tools seperate. If my 2c sucks, tell me to bugger off

 

[StriderHunterX]

Hey,Bora...One question:Any of these tools assist in Ransomware?

 

[BoraMurdar]

Hey,Bora...One question:Any of these tools assist in Ransomware?

Well yes and no.
Ransomware infection is the last thing user can be infected with. Except if there is a special tool released by some AV vendor for specific ransomware, you can run that decryption tool in MiniWindowsXP from Hiren's Boot and try to recover your files.

 

[Overkill]

I wrote similar article long time ago, so now it's time for updated one.

This article I wrote in hope it could help you guys for solving different problems affecting your PC and in order to fix it, update it, restore it, clean from infections etc. Note : I know that almost everyone which computer has been infected and is more or less knowledgeable will try to clean infection manually, by himself, but again, I strongly recommend to ask for help in our Malware Removal section from our expert @TwinHeadedEagle

This story is much/less about one 8gb usb flash drive where I have pretty much everything I need.

Backup and Recovery from image, malware removal, deletion of undeletable files, format recovery, data recovery, checking disk for errors, changing admin password you forgot, installing-reinstalling OS, recovery of broken master boot record, ntldr is missing, wrong driver load, system restoration, etc...

As well as showing how to create and enter bootable environment (where you can do pretty much everything), I will show you my set of tools (all free) that I am using also.

Preparing :

For the creation of bootable usb drive you'll need :

1. USB Flash Drive [8gb minimum] View attachment 25781
2. YUMI [direct download link]
3. Set of bootable ISO's and some tools [will have a word of that later]

______________________________________________

Creation of bootable usb drive

USB boot is the process of using a USB storage device to boot or start a computer’s operating system. It enables computer hardware to use a USB storage stick to get all essential system booting information and files rather than the standard/native hard disk or the CD drive. All popular operating systems support the creation of a bootable USB drive that can be plugged into a USB slot to boot a computer, server or laptop. USB boot works much like the legacy floppy disk drive (FDD) booting capability. It is mainly used to recover, repair and install an operating system. It provides users with an alternative method to boot a system. Typically, to perform a USB boot, a bootable USB device must first be created. The bootable USB drive can be set up using a native operating system component or through various third-party utilities. The software/utility will copy all the operating system files and boot sequence into the USB drive to enable the USB boot.

YUMI

Unlike Rufus, UNetbootin and other tools, YUMI is capable of creating the multiboot environment, where you can create a bootable USB that can boot several boot images that are stored on a single USB. It can be used to create a Multiboot USB Flash Drive containing multiple operating systems, antivirus utilities, disc cloning, diagnostic tools, and more. YUMI uses syslinux to boot extracted distributions stored on the USB device, and reverts to using grub to Boot Multiple ISO files from USB, if necessary.

HOW?
Well, simple. You insert your USB Flash Drive, run YUMI, it will show you this window

So in 3 simple steps you can create your bootable USB Flash Drive.

• Step 1 - Shows your USB Flash Drive [I recommend you to untick option "Showing All Drives" as that way it will show you your partitions of your hard disk, and so to avoid formatting your data by accident, untick this option and it will show you only your USB Flash Drives]
• Step 2 - Choosing your ISO, your distribution
• View attachment 25791 View attachment 25793
• Step 3 - After selection you browse to the ISO (you've previously downloaded on your HDD), search and select it for opening, and click "Create". Wait for process to finish.

That's it
Example you have selected to create bootable usb containing Kaspersky Rescue Disk. Go for "Select Distribution" and select Kaspersky from the falling window, find ISO you've downloaded and click "Create" Your USB is still pluged in. Restart your computer, press F8 or F12 (or whatever key is associated for entering the Boot Menu on your machine) while the system tries to find bootable drives connected to the machine (CD, HDD, USB), maybe you'll need to enter BIOS first to give computer an option to start from the USB drive (every motherboard nowadays supports booting from USB drives). Choose option "Boot From USB Drive". It will show you this menu (well not exact the same )

So you can use your keyboard to browse to the menu of the YUMI Multiboot USB environment. So called GRUB [syslinux also]. Go to "Antivirus Tools" and select to boot your Kaspersky Rescue Disk to clean infection, for example.
That's not all. Like I said, YUMI allows you to put as much number of ISO files to be booted, as long as size of your flash drive limits you. After successful creation of Kaspersky Rescue Disk you can add whatever you want : Windows 8.1 Installation Setup ISO, Comodo Rescue Disk, Ubuntu.... whatever.
And after you unplug your USB Flash Drive, and want to add something you forgot, YUMI will automatically detect that bootable Flash Drive exists and it will just add new ISOs you select to the list of existing ones.

Common questions and problems.

• What if ISO image I want to boot, is not listed in YUMI falling window? Well, you can use last 3 options from a falling window View attachment 25802. That way, ISO will not be extracted on your USB, but YUMI will give a command that ISO you want to boot will be booted into memory [RAM] and extracted there. Note : example, if your system has 2GB of RAM, you cannot boot ISO image using this method that is larger than 2GB. You'll get an error "not enough memory for operation". I recommend you to use option "Try Unlisted ISO (GRUB)"
• No bootable usb/image error shows in boot menu after you select "boot from usb". - OK, one thing is that your USB flash drive need to be formated in FAT32 file system. YUMI has build in option for that. Just tick it.

______________________________________________

My USB Flash Drive

• Windows 8.1 with Update x86, my original ISO from Microsoft
• Hirens Boot CD
• Kaspersky Rescue Disk
• Comodo Rescue Disk
• Lazersoft Recovery Suite Free (Created ISO from it and add it to the boot menu)
• Minitool Partition Wizard Bootable ISO
• Acronis Rescue Media
• + BoraMurdar's Fix Tools View attachment 25813

I needed to merge screenshots into one, sorry for my awesomeness in photoshoping [level over 9000]
Some folders have subfolders, or multiple files like Kaspersky folder has Kaspersky TDSS Killer, RahniDecryptor, almost every portable removal tool from Kaspersky...
Malwarebytes has offline virus database included with setup. Most of these repair tools (except setups) are portable and 7zip-ed to maximum, to save space. Etc etc etc.


All the cleaning unremovable junk, backup, restore, malware removal I am doing from Hirens Boot and Acronis Rescue Media (for my PC only), Macrium Reflect for other machines.
I like Hirens because it is Preinstallation Environment, MiniXP... Windows in fact, so you can run all these tools (portable or not) from there. Everything runs from RAM so there's no worry about reinfection if you have already infected machine. Emsisoft Emergency Kit runs smoothly from Hirens. You can even go online through WiFi (if you have situation where the only connection to the internet is through WiFi), as Hirens has most of wireless drives build in to be autodetected if selected.
Lazersoft Recovery Suite can help you if Windows broke it's boot files, boot manager, master boot record or similar. It has some awesome tools and it's free

Kaspersky Rescue Disk, Comodo Rescue Disk and Minitool Partition Wizard doesn't need an intro.
They are well known already.

Just wanted to share this with you guys, maybe some of you may find this article useful...
Stay safe

What size usb did you use?
EDIT:NM I overlooked it

 

[Vasudev]

I'm a combination of Strelec Win 10 PE, HBCD, UBCD, F4 UBCD and Boot Repair as Diagnostics OSes. As for AV LiveCD Kaspersky Rescue Disk and Dr.Web LiveAV.
HBCD and UBCD won't work in UEFI mode and cannot detect NVMe drives. So, Strelec is the best tool.
Thanks @BoraMurdar.

 

[BoraMurdar]

Strelec is kinda illegal If you want a free backup, recovery and partitioning solution you can use AOMEI PE Builder to create your own recovery environment. Lazersoft Recovery Suite Free Edition is also a great option

Spoiler

Boot up from CD or USB disk

• Full access to non-bootable PC, Lazesoft Recovery Suite Live CD, giving you access to your computer even if Windows can’t or Windows is completely broken.
• Boot from various brands of desktops, laptops like Dell, ThinkPad, Hp, Sony, Toshiba, Acer, Samsung, etc.
• With WinPE-based and linux-base bootable disk builder, Lazesoft Recovery Suite has best hardware compatibility.
• Boot up computer from CD or usb disk.
• Support any types of hard disks like SATA, IDE and SSD.
• User friendly Boot Media Builder interface.
• Create USB boot disk.
• Fast, easily, natively create PE Recovery Disk on 32 and 64 bit of Windows Vista, 7, 8, 8.1.
• Support building bootable DVD
• Added options to special WinPE version and type while building boot disk
• Added options to special custom drivers while building boot disk
• Supports UEFI boot mode and BIOS boot mode
• Create WinPE 5(Windows 8.1) x86 boot disk
• Create WinPE 5(Windows 8.1) x64 boot disk
• Build Bootable USB Hard Disk

Instantly repair PC when Windows can't start normally

• One Button Click Repair the crashed Windows system
• recover Windows from critical system errors when BSOD or it displayed a black screen.
• Recover MBR and partition information
• Recover missing or corrupted Windows system files such as 'ntldr is missing', 'bootmgr is missing', etc.
• Recovery or edit corrupted registry, virus-infected registry key value.
• Rebuild/Repair the Boot Menu
• Edit and Repair Windows boot file boot.ini or BCD
• Rescue Windows XP, Vista, Windows 7, Windows 8 and Windows 8.1 32 and 64 bit.
• Recover partition after accidental deletion or partition table damage.
• Lazesoft BCD Doctor

Easily recover data from non-working computer or disk

• Access and copy files from computer even if Windows can't start.
• Recover deleted files even if emptied from the Recycle Bin
• Rescue files after a hard disk crash
• Rescue files after accidental format, even if you have reinstalled Windows.
• Rescue files after a partitioning error
• Rescue files after RAW partition or RAW hard drives
• Recover files including documents, photos, video music and email etc.

Quickly reset Windows Local and Domain Account admin passwords

• Reset Windows password even if forgot or lost it.
• Clear Windows Local Password
• Reset Windows Domain Password
• Unlocks and Enables user accounts.
• Find Windows key when you want to reinstall it
• Recover Windows 8/8.1 OEM product key from BIOS
• 100% recovery rate.

Clone & Backup Partition or Disk

• Back up the system disk of the running Windows
• Clone the system disk of the running Windows
• Create Backup Disk or Partition Compression Image.
• Create Raw Disk or partition Image (sector by sector copy).
• Clone entire Windows or Data hard drive or partitions to an internal or external disk.
• Transfer disk or partitions from an old hard disk drive to a new one.
• Partitions can be copy either with original sizes and locations, or Resizes transferred partitions to match new hard disk size.
• Clone with fast mode and complete mode.
• There are two methods can be used when cloning, Only copy used blocks or sector by sector copy.
• Clone GPT disk
• Backup and Restore GPT disk

Create, format, delete, Wipe partition and disks

• Bootable rescue CD or USB disk.
• Format FAT, NTFS Partition.
• Create, Delete partitions of any type.
• Supports large disks: up to 2TB volumes on MBR.
• Wipe Partitions or disk for data security reason.
• Hide/unhide partition.
• Set active partition.
• Lost Partition Recovery
• Show Disk Properties
• Edit Sector
• Change GPT Partition Type
• Change Volume Drive Letter
• Create VHD disk
• Install Windows 7/8/10 on VHD
• Install Windows 8/8.1/10 on USB disk
• Check file system errors and disk failures of partitions
• Check the bad sectors of disks
• Rebuild the MBR(Master Boot Record)
• Rebuild the Boot Sector of the system volume
• Build Bootable USB Hard Disk

 

[Vasudev]

Strelec is kinda illegal If you want a free backup, recovery and partitioning solution you can use AOMEI PE Builder to create your own recovery environment. Lazersoft Recovery Suite Free Edition is also a great option

Spoiler

Boot up from CD or USB disk

• Full access to non-bootable PC, Lazesoft Recovery Suite Live CD, giving you access to your computer even if Windows can’t or Windows is completely broken.
• Boot from various brands of desktops, laptops like Dell, ThinkPad, Hp, Sony, Toshiba, Acer, Samsung, etc.
• With WinPE-based and linux-base bootable disk builder, Lazesoft Recovery Suite has best hardware compatibility.
• Boot up computer from CD or usb disk.
• Support any types of hard disks like SATA, IDE and SSD.
• User friendly Boot Media Builder interface.
• Create USB boot disk.
• Fast, easily, natively create PE Recovery Disk on 32 and 64 bit of Windows Vista, 7, 8, 8.1.
• Support building bootable DVD
• Added options to special WinPE version and type while building boot disk
• Added options to special custom drivers while building boot disk
• Supports UEFI boot mode and BIOS boot mode
• Create WinPE 5(Windows 8.1) x86 boot disk
• Create WinPE 5(Windows 8.1) x64 boot disk
• Build Bootable USB Hard Disk

Instantly repair PC when Windows can't start normally

• One Button Click Repair the crashed Windows system
• recover Windows from critical system errors when BSOD or it displayed a black screen.
• Recover MBR and partition information
• Recover missing or corrupted Windows system files such as 'ntldr is missing', 'bootmgr is missing', etc.
• Recovery or edit corrupted registry, virus-infected registry key value.
• Rebuild/Repair the Boot Menu
• Edit and Repair Windows boot file boot.ini or BCD
• Rescue Windows XP, Vista, Windows 7, Windows 8 and Windows 8.1 32 and 64 bit.
• Recover partition after accidental deletion or partition table damage.
• Lazesoft BCD Doctor

Easily recover data from non-working computer or disk

• Access and copy files from computer even if Windows can't start.
• Recover deleted files even if emptied from the Recycle Bin
• Rescue files after a hard disk crash
• Rescue files after accidental format, even if you have reinstalled Windows.
• Rescue files after a partitioning error
• Rescue files after RAW partition or RAW hard drives
• Recover files including documents, photos, video music and email etc.

Quickly reset Windows Local and Domain Account admin passwords

• Reset Windows password even if forgot or lost it.
• Clear Windows Local Password
• Reset Windows Domain Password
• Unlocks and Enables user accounts.
• Find Windows key when you want to reinstall it
• Recover Windows 8/8.1 OEM product key from BIOS
• 100% recovery rate.

Clone & Backup Partition or Disk

• Back up the system disk of the running Windows
• Clone the system disk of the running Windows
• Create Backup Disk or Partition Compression Image.
• Create Raw Disk or partition Image (sector by sector copy).
• Clone entire Windows or Data hard drive or partitions to an internal or external disk.
• Transfer disk or partitions from an old hard disk drive to a new one.
• Partitions can be copy either with original sizes and locations, or Resizes transferred partitions to match new hard disk size.
• Clone with fast mode and complete mode.
• There are two methods can be used when cloning, Only copy used blocks or sector by sector copy.
• Clone GPT disk
• Backup and Restore GPT disk

Create, format, delete, Wipe partition and disks

• Bootable rescue CD or USB disk.
• Format FAT, NTFS Partition.
• Create, Delete partitions of any type.
• Supports large disks: up to 2TB volumes on MBR.
• Wipe Partitions or disk for data security reason.
• Hide/unhide partition.
• Set active partition.
• Lost Partition Recovery
• Show Disk Properties
• Edit Sector
• Change GPT Partition Type
• Change Volume Drive Letter
• Create VHD disk
• Install Windows 7/8/10 on VHD
• Install Windows 8/8.1/10 on USB disk
• Check file system errors and disk failures of partitions
• Check the bad sectors of disks
• Rebuild the MBR(Master Boot Record)
• Rebuild the Boot Sector of the system volume
• Build Bootable USB Hard Disk

Yep I know. But modern hardware requires Strelec. Do you have an alternate link for Lazersoft because I hate cnet downloader.

 

[BoraMurdar]

Yep I know. But modern hardware requires Strelec. Do you have an alternate link for Lazersoft because I hate cnet downloader.

Lazesoft Recovery Suite Home Download

 

[Vasudev]

Lazesoft Recovery Suite Home Download

Thanks, how do i burn it using YUMI? Should I choose boot from grub or something else?

 

[BoraMurdar]

Thanks, how do i burn it using YUMI? Should I choose boot from grub or something else?

New YUMI has options to boot multiple instances of Windows PE. But you can also boot it from the grub