Wednesday, September 24, 2008

Using LinuxDefender Live To Rescue Your Windows NTFS Drive

Hey There,

Did I actually mention Windows and NTFS in the title of this post? It's a good thing I managed to squeeze a little "Linux" in there or I'd commit myself to the nearest convalescent home immediately ;) Actually, though, if the title is a bit off-putting, this post is all about freeware Linux and how to use it to fix NTFS partitions if you need to. Therefore, this post can be reduced to the following rough verbal equation: "You can use Linux to fix Windows" + "A Fixed Windows Box Equals Happy Windows Users" = "Linux is fantastic and makes it easy for you to fix your loved ones' computers when they're crashed and blue-screening, so they'll be able to leave you alone again as soon as possible ;)"

LinuxDefender Live has been around for a long time, and I do have my own set of duplicate boot CD's that I keep handy just in case my family's Windows box can't find the SYSTEM file and insists on a re-install (which, and this is probably true for everyone, just will not do... too much important stuff on the hard drive and no backups of any kind). For those of you who've never used LDL, it's a special distribution of the Knoppix Linux distro which was made specifically to run off of CD. The idea was, anywhere you went that had a PC, you could probably boot up a working Linux system and access the internet (or the information you carry around with you on a USB stick or some other portable HDD). Knoppix is an excellent solution that does what it advertises, and is actually still good enough to allow you to fix FAT filesystems and many other FS types. It's really the ideal combination of on-the-go functionality and miracle-OS-cure in one.

LinuxDefender Live steps it up a notch with their built in support for NTFS filesystem read/write mounting. LinuxDefender Live is more of a compilation of Knoppix and a lot of other programs that they could squeeze onto a boot CD, than a new version of Knoppix. Relative weights and merits aside, it's still great to have around when you want to fix a Windows NTFS filesystem problem quickly (Letting your Recommended Daily Allowance of Television get ripped and torn away day after day is a slippery slope. Granted, the worst that can happen is you might start reading more books, but it's a serious consideration, nonetheless ;)

The procedure for using LinuxDefender Live to fix your Windows NTFS problem is simple enough, with one catch that I can never seem to get around (except for one way, of course, or I wouldn't be writing about this. Some day, for a goof, I promise to write a post where I offer only questions and no answers, promo a few Get-Rich-Quick scams, ramble on about something else completely unrelated to the topic and end it all in mid sentence ;)

Considering that we've got an easy issue (like the SYSTEM file, in C:\WINNT\ is corrupted and you just need to be able to copy it off and replace it with SYSTEM.BAK, which you can't do without practically reinstalling your Windows OS, because it won't boot), these are the steps we'd take to fix it up and make everything better:

1. Pop open the CD tray while the system is still powered on. If that doesn't work, power it down and use the pinhole-method (sticking a pin in the hole in the front of the CD-ROM drive to manually eject it). Place the LinuxDefender Live CD in there and close it back up. Then power up or restart your machine as your situation dictates.

2. However your system allows you to, push the correct button (f1 or maybe f10/f12) when you power up the machine so that you can get to the system settings and make sure that your CD-ROM drive is listed as a Boot Device and is in the Boot Sequence (preferably first) so that our CD will be able to boot the system from the CD-ROM drive.

3. Power on the machine and kick back. Knoppix (I mean LDL ;) is unusually pleasant to watch, especially when you're in the company of people who don't know what the Hell any of the boot messages mean (as if I understood them all myself ;).

4. Once you're finished booting up and have either your desktop GUI (Gnome or KDE on my version) or the CLI (if you don't mind huge fonts and screen run-off) up and running, just mount the windows hard drive like you'd mount any Linux hard drive, on a temporary mount point. If you prefer to use the GUI, you can mount the disk just like in Windows, but, if you're like most unblessed people, you'll either get errors when you try to mount the disk (complaining about NTFS) or when you try to access it.

5. Here's where the troubleshooting starts. If you open a terminal window in your GUI (so you can keep a decent scrollback buffer and fit more words on the screen), you can try to mount the windows disk to a mountpoint of your own creation, using the specific flags to indicate that you want to mount the disk read/write as filesystem type NTFS. Fortunately, probably, you'll be good to go in a few steps.

6. The first thing to check at this point is that all of the requisite files are available. The NTFS read/write support is provided by the captive project, which requires that you have the ntoskrnl.exe and ntfs.sys files available. You can generally get these by just clicking the huge "Install NTFS Drivers" Icon on your desktop. Alternatively, you can run:

host # sudo captive-install-acquire

from the command line.

7. At this point, if you use wireless networking, you may be in a bit of a jam. I've tried to get around this by creating separate driver floppies but, when all is said and done, the hassle of having to connect an ethernet cable from your router to your PC or laptop is worth the time it takes. If you are already "hard-linked," you shouldn't have any issues with running the command. This problem simply arises from the fact that the LinuxDefender Live CD can't have those two essential Windows files on it for one reason or another (I'm sure it has something to do with licensing costs ;)

8. Even if you are connected to the network successfully, the command may not work the first time. If it cannot complete, it will let you know (in detail) what you need to do. This can be as easy as just typing another command line first, to (this happens often) making "real" disk space available to write the two Windows NTFS drivers to. I usually go with a floppy. My floppy actually already has the two files from 3 different versions of Windows on it, but that's just me ;)

9. When captive is finished installing, you can mount your Windows drive and access it like any regular Linux drive. Again, be sure to pass the options to mount (man mount) to indicate that you want to mount the disk read/write as NTFS. I'm incredibly paranoid, so I just cd directly into the WINNT directory (in this instance), copy off the bad SYSTEM file, copy the SYSTEM.bak file to SYSTEM, cd back to where I was and umount. Actually, if I was really bad, I'd just use absolute path names ;)

10. Now, you just exit or reboot and remove the LinuxDefender Live CD (or vice versa). Windows should come right up and run as poorly as it always has ;)

The biggest pain is that, since LinuxDefender Live is on CD (read-only media), you won't have the two NT drivers the next time you have to save your machine. If you know you're always going to be working on the same machine( and it's possible), carve out a tiny partition (not NTFS) and put them there so they're easily accessible the next time you have to go round and round. Otherwise, copy them to floppy before you quit. Then again, as a third option, you can just copy them to a floppy, or anywhere, after you've got Windows back up and running. I prefer to stick with the versions captive grabs, since they're more likely to be absolutely compatible (strange things change between Service Pack Versions :). Plus, if you have the files on floppy, you won't have to depend on an internet connection to get the files (or other more convoluted methods like booting off of a DOS disk and grabbing them from your hard drive that way... there's always a way!)

Hope this little walk-through was of some help to you. Tons of extra information can be found at the links to the products listed on this page. They're straight-up links to the distro's and company web pages (No sales involved since it's all free ;)

Next up in our "avoiding Windows support" series: How to train yourself to screen calls from friends and family ;)


, Mike

Thanks to an intrepid reader who found this "working" link to the last release of LinuxDefender Live!!_v1.5.6_CeBIT.iso

Please note that this blog accepts comments via email only. See our Mission And Policy Statement for further details.