RemoteRebuildWindowsXP

I'm trying to fix a problem on a remote customer computer. They got virus or trojan on their WinXP Home edition which automatically logs a person off a few seconds after logging them on. I need to fix the OS with a registry edit. The computer also could use a fresh copy of the OS installed anyhow, so I'd prefer to fix the registry, recover files, then do a full install. How can I do this from 2000 miles away? The only access I have is via UltraVNC and Logmein.com. It's a Compaq Presario 6000 desktop.

Having the customer boot up with their OEM WinXP install disk or the Compaq recovery disk only offers a full-format install, offering to wipe out all data. Not yet.

Using the OEM WinXP disk to boot into Recovery Commmand-line Counsol does not provide the regedit command, so I can't fix the boot up problem. Without fixing the boot, I can't get into the computer to copy files.

BartPE allowed me to build a rescue disk using a WinXP Home edition CD-ROM I have. It's built from a different OEM-specific WinXP disk, however, so I'm not convinced it's going to work. The only sure way is to retrieve the Compaq install disk and build a BartPE boot CDROM from that, but the customer Compaq install disk is 2000 miles away.

Plan A:

I used UltraVNC to uploaded the BartPE .iso image and the customer will have a friend burn it onto CDROM (they have no other computer to do so). To do this, the customer needed UltraVNC on a separate customer computer they can use. If not, have them install the logmein.com remote control program, then use that to install UltraVNC on their computer. You need UltraVNC to transfer files to them.

However, this all assumes the registry problem is the fix and that the installed OS will then allow me to copy files. Maybe not.

Plan B:

Here's a more sure-fire backup plan: have them boot up with linux, ssh to them, copy files, and then have them reinstall windows using the Compaq OEM WinXP disk. Put data files back.

UltraVNC to customer computer and download a copy of Puppy linux onto their working computer. I put the files onto a USB drive they plugged into the computer, and they will take the USB drive to a friend to have them burn that onto a CD-ROM and boot using Puppy linux.

Booting up puppy linux for the first time, okay through a few screens until you arrive at the desktop. Have them use the Dillo web browser to search google and download opens. You can get openssh builds from several different people, and each is a bit different. If you want key authentication, use the opeenssh-5.2p1.pet from acjn.no-ip.org:81/pupstuff. Right click and Save Link As. Replace the default /tmp with ~ to save into your puppy home directory.

Single click on the puppy desktop file (home) icon. You should see the pet file you just downloaded. Single click, and install. Read the disclaimer .. no menu items are added. If you want to see what's been installed, cd to /, and use the command find -iname sshd*.

If you use the acjn source, run /initrd/pup_rw/usr/bin/sshdSTART. This will run a script that includes generating some key pairs.

To stop the server, use the command killall sshd repeatedly until is complains that no process is stopped. If complaint fingerprint changed, rm /root/.ssh/known_hosts

====

A simpler openssh password method can be used by using the source from http://murga-linux.com/puppy/viewtopic.php?p=234111. This weak security is okay because it's only a temporary installation until the files are transferred. Click on download link for server and save as ~\openssh-server-5.1p1.pet. Install by clicking on the filename you see when you use the desktop file (home) icon file browser. After install use a console to run /etc/rc.d/rc.sshd start.

Have them change their puppy password using command line passwd, so openssh can log in using that password.

I SSHed to them using my Windows computer at home with a program called SSH Secure Shell, or the windows program Bitvise tunnelier. If you don't know the ipaddress of the customer machine, have them go to a console and use the ifconfig command.

If your customer is behind a firewall or router, remote into their working computer and set the router/firewall to to open and forward port 22 (ssh) to the broken/linux computer IP address.

My local Windows programs SSH Secure Shell or Tunnelier both offer ftp GUIs. I will use them to transfer data to my local computer. Then, using the phone or Skype/video on the working computer, I will walk them through reinstalling the Compaq WinXP disk.


Created by . Last Modification: Monday 02 of April, 2012 02:44:03 CDT by brian.