/linkedfs/usr/share/doc/helpdocs.htm

Large files files are truncated, but you can click here to view the full file

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html><head>


<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>Trinity Rescue Kit  | CPR for your computer | Trinityhome | </title>

<style type="text/css">
/* ========================================================*/
/*                              Vision.To CMS / www.vision.to                      */
/*                      SPECIAL CSS PRINT STYLE BY www.vision.to           */
/* ========================================================*/
body {
        text-align: left; /* IE Only */
        margin: 0;padding: 0;
                color: #000;
font-family: Georgia, "Times New Roman", Times, serif;
  font-size: 12pt;
}
/*---------------------------------------------------------------*/
#print-wrapper {
margin-top:0;
        padding: 2px;
        margin-left: 0;
        margin-right: auto;
        width: 600px;
                min-width:598px;
        border: 1px none #ddd;
        text-align: left;
background:#fff;
color:#000;

        }
        }

/*---------------------------------------------------------------*/
#print-header {
        /*clear: both;*/
                border-bottom: 1px solid #ddd;
                padding: 0.5em;
                margin-bottom: 2px;
        }
/*---------------------------------------------------------------*/

#print-content {
        /*float: left;*/
                width: 100%;
        position: relative;
                /*
        margin-left: auto;
                margin-right: auto;
        */
                text-align: left;
                color:#000;
        padding: 0.5em;
min-height:650px;
height:expression(this.scrollHeight > 650 ? "auto":"650px");
        }

/*---------------------------------------------------------------*/
#print-footer {
        text-align: center;
        color: #000;
                margin-top: 2px;
        padding: 0.5em;
        /* line-height: 1.2em; */
        clear: both;
                border-top: 1px solid #ddd;
        }

.brclear {
/* Use a break with this class to clear float containers- Thank You Big John :-) positioniseverything.net */
clear:both;
height:0;
margin:0;
font-size: 1px;
line-height: 0;
}


</style>
<meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1  (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1  (Unix)" name="GENERATOR"></head><body>
<div id="print-wrapper">
  <div id="print-header">
    <h1><img src="helpdocs_files/200610190000370.gif" alt="image" class="BartsCmsImage" height="135" width="140"> Trinityhome</h1>
  </div>
  <div id="print-content">
    
<div id="page-container" class="page-container"><!-- open page-container -->


<h1 class="page-title">Trinity Rescue Kit  | CPR for your computer</h1>



<div class="page-content">





<a href="#K94N78PT0VFVLYYDHBV9JJ0N7EUA3RSDQMRNK66BSCW41">Getting started with TRK</a><br><a href="#E3JEBK6FCRUYGL65MT9YXJBJ20Z7EK5IEFNFQKKS25G8H">0. Quick and dirty guide to using TRK</a><br><a href="#841YA21RBZPBCRPIQGT0BYCFWYCIELPDGF1G8SY9GCAJU">0.1 The easiest way to get it onto a CD: a self burning TRK</a><br><a href="#YUU68L1SK1TXA04XDZX4MPPJJXTUJZP8J95IKX0WNJIN9">0.2 Burning TRK with Magiciso</a><br><a href="#NDQL3ZBZYMUVVWYN4348DUF9650TV0083FKX5LMUY6EJS">0.3 Booting from TRK</a><br><a href="#BL8Q8FN81J34KW4EMG9IHTQJZ2L5J22LD02C6FAXQ4S0Q">0.4 Resetting passwords</a><br><a href="#48H6PKLBPTE32K9P95Q4T4MADLMZA6W5431IEDKTWQLN0">1. TRK for Linux newbies</a><br><a href="#2FK5NB4F87EHQWYKAJWGIQZLFA53HWY9185EAZJ9XPGCA">1.1 What is TRK? What 's a live distribution?</a><br><a href="#BVJ9IR04WMV4XH1MSM34S6T8MGH4JW8KHHKQYBKKN6FBD">1.2 What is different between accessing your PC from Windows and accessing from TRK?</a><br><a href="#WQKZJKT0E8QJQM9HJZ4WTYKI5DK0ZDBLUMB3YUU2S9B7M">1.3 Getting around with common linux commands (cd, cp, mv, rm, more, grep, mount)</a><br><a href="#M69SKN1KBY3NSX3XG2DPJ306MHH6EL0SIZ9UD05EPYT7K">1.4 Reading information about your PC (dmesg, /proc/partitions)</a><br><a href="#QBRDPTSD001QIT0CN3AHZ75WRJKLINJYQ024JJ8A9ZQIH">2. TRK own commands and utils</a><br><a href="#XFPUBF4W6TFSCHXH5RXKMFAR0BVLGLR3S6NTBHF71KQ3T">2.1 Virusscan</a><br><a href="#HW79FF1ZME1FBEY6DVXDG60JAJVNKK6T64SB9I0MMSSPW">2.2 Winpass and regedit</a><br><a href="#SI14T7V9WN984HEA7MUC0E8RMGDSNVN63F0LCLKYZKWTS">2.3 Mass Clone: a multicast disk cloning tool</a><br><a href="#VZX1W3W6015LZRZ127YCKFJS9LX59AAU0YKLR6IHYETNW">2.4 Winclean</a><br><a href="#TTVJRRE5QQRJBVB2F61R719J0CHFRFVAZGJFXPBD4SM6D">2.5 Mountallfs</a><br><a href="#HH1WPPJEI4DHJTAHXPSYR3637JMCUVX22NNH2YLBSPI18">2.6 Updatetrk</a><br><a href="#DNEHBFA6ISQPQUF15A9HX1XVYX82E8LIMQQNVRJ480INJ">2.7 Trk2usb</a><br><a href="#WM8PAWXULFITSRN0X6I1YVCLB9IA41FQDD5E0TYBZ7VGP">2.8 Trk2iso</a><br><a href="#EGNT0M1F9DJ7XUB34LIEU8DXZVGDWEW0K9IAMAFLDQJ09">2.9 Fileserver</a><br><a href="#20T4DLR6P2JZL5SVUKVM5FB7MQPKJQUCFC6INMF3FQSSK">2.10 Bridge</a><br><a href="#PSTEW6D05PZF2FK7VHGLCYWQZWP8T538NMCAJF0FVPLMV">2.11 Setip</a><br><a href="#WU8QP3M0YGLR9XQ8V4MW69X4SZF6ZM1L701LTECHLNZLB">2.12 Setproxy</a><br><a href="#C3E9S86L5Q2DV4J2X7FRSW3NCGQ426N40T3HR0UMGLR1F">2.19 Ntfsundeleteall</a><br><a href="#MFRIGTQ75RPR5IIC4TXNKUF95JATHDEUIV3PEIMA01RV9">2.13 Getswap</a><br><a href="#U49HULJB0RZJRSQX054MZS1LH8P05M7QG7X0I628MRH48">2.14 Trinisup</a><br><a href="#FKJT61FZ5GVCPWKXWTXSLUF6CQM3YVP36YM2QSRKZCNEY">2.15 Pi - automated backup wrapper script originally for Partition Image</a><br><a href="#3HU5ZWWY8SYP7AEGNHT9CEDCSWG7RQEJXZELK1AJJYYGZ">2.20 Clonexp (obsoleted by mclone)</a><br><a href="#4WP777Y6KKDSK5E2140SK6QED0J74GSY26W03JWEV0X5V">3. Procedures</a><br><a href="#LIAT4IG4QYXT3EP1K2EVX276MK95G33SC3B7CH1S6NBZT">3.1 Rescueing files of dying harddiscs (mounting network =&gt; cp, ddrescue)</a><br><a href="#QVQWIA3HK45X8M47KB6N7V5KDDAWB7HSSYD1Y78814V0G">3.2 Recovering deleted files or files from formatted drives (ntfsundeleteall, photorec)</a><br><a href="#7PFVZK0Q4R5TZMDJ351RJA8VHEBE66K4KQP91EPVWKEKX">3.3 Recovering lost partitions (testdisk, gpart, fdisk)</a><br><a href="#L5ICUK4HDV6QAJA1ISR37W4DEYAHUY95TI8CT3KXNHCPR">3.4 Bootsector repair</a><br><a href="#UHPDX3JS857PC91QX5QDU7JHMFX9NFZ8NECA7MT6HQKJQ">3.5 Manually cloning a Windows installation</a><br><a href="#JVI22F4QK5AFSUR3MHQC9ZW33AWHWA05W9XNES3PN4V5N">3.6 Hardware testing</a><br><a href="#4PL88HNFBZGXK7BHVL44UCJIPXXUD8I7MU5L2JR38YRJW">3.7 Virus scanning</a><br><a href="#AKDLI8WEFV4L96NMKIKSXE2ZQWDFRHLSTQ42PQ6UB16AX">3.8 Manual PC cleaning</a><br><a href="#ZTZJTNZS1Z028YDFIX59T2IQNHU57JDW236KHV38JU1IH">4. Boot time options and triggers</a><br><a href="#Z034WGIXRNSS0HJZYHKU5ED0RRGXKGQA7I4TQDF6RYPH6">4.1 Boot menu options</a><br><a href="#EUGBVSAKSIDQ4SSW21D1CDTZC5RKS0DXKJY51ZFJ7J022">4.2 Triggers</a><br><a href="#9PAH415576DS0RB2Z5DH8AQ1XFD42G21V39QU4LS1P9S6">4.2.1 The TRK options server: make your lan TRK aware</a><br><a href="#CA4YM8MPTJ078B4RZR3V7NZDL7WUM33Q4XDGWQVE0KCZM">4.2.2 Scripts on the computer's local harddisks</a><br><a href="#B8MI3TRVGJ2SY2XHN562I89WYSUF20I4ZWCSETDL364RY">4.2.3 Script on the TRK medium</a><br><a href="#SMFWK0I2J980KIYM9IK3CSPF1J06UQ3C29YDZ75874YID">5. Upgrade, update and change of bootmedia procedures</a><br><a href="#VCMNDG08JQ9JED3YXFLITGXVHLRRQIXBL9PPFEMQUMZZR">5.1 TRK on CD</a><br><a href="#FIRS44G0F6QRJDGPU467B1R5DHKC3QV9ZCRU6XJBUZS43">5.2 How to install/upgrade your USB media to run the latest version of TRK</a><br><a href="#DJQBVW3TV8F9F6T9P2QZJ9WFCCVH0HU3SA5CWYWHX2G2Z">5.3 Setting up your PXE boot environment</a><br><a name="K94N78PT0VFVLYYDHBV9JJ0N7EUA3RSDQMRNK66BSCW41" &nbsp;="" id="K94N78PT0VFVLYYDHBV9JJ0N7EUA3RSDQMRNK66BSCW41"></a><h1>Getting started with TRK</h1><h2><span style="font-size: 10pt; font-family: Arial;"><o:p></o:p></span>Foreword and conventions of this documentation:</h2>
<h3>Consulting help</h3>
<p>-Trinity Rescue Kit 3.4 has manpages for almost every utility, even
the ones specific to TRK (new since 3.4). So if you need help on a
certain command, like f.i. Winpass, just type 'man winpass' at the
commandline. All manpages themselves are always online available at
http://trinityhome.org/manpages</p>
<p>-This helppage is also available as a single document locally on the TRK medium.  <strong>You can call on this documentation as one big page from TRK by typing 'trkhelp'</strong>
at the command prompt (or chosen from the startup menu). This will
start the builtin Links browser in graphical mode opening all of the
documentation at once. To be able to switch between this help and your
commandprompt, you must be in text mode</p>
<p>Most commands also have a built-in help. Most of the time 'command -h' or 'command –help' will help you a lot further.</p>
<p><br>
Use the key "q" to quit links and type 'trkhelp -t' to run in text
mode. Once in textmode, use alt+F2 to go the second console of TRK. In
total there are 6 consoles, each switchable with their respective alt+
function key.<br>
If you are not online, you can consult the local documentation which is on the TRK medium by entering 'trkhelp -l'. <br>
You can combine these two parameters: 'trkhelp -l -t' gets you the local helpfiles in textmode.</p>
<p>-All TRK&nbsp;manpages are also available online in html format.&nbsp;Browse them here: <a href="http://trinityhome.org/manpages/">http://trinityhome.org/manpages/</a></p>
<h3>&nbsp;<br>
Conventions</h3>
<p>-literal commands that you can execute in TRK or Linux are put
between 'single quotes'. Omit the quotes when using the real
commandline. Exceptions on these quotes will be mentionned (when single
quotes really appear in the command).<br>
<br>
-"double quotes" are used to emphasise words, unless they are used inside commands.<br>
<br>
-&lt;trkmedium&gt; stands for the rootfolder of the medium on which TRK
runs. TRK can be run from CD, usb stick/disk, fixed harddisk or from
network over PXE. These specific bootmethods will be explained later in
this document.<br>
<br>
-this documentation is intended for people who at least have some
experience with computer troubleshooting or know how to install their
own Windows. If you have absolutely no idea of this, I recommend you
call someone who knows more.</p>
<p>&nbsp;</p><br><a name="E3JEBK6FCRUYGL65MT9YXJBJ20Z7EK5IEFNFQKKS25G8H" &nbsp;="" id="E3JEBK6FCRUYGL65MT9YXJBJ20Z7EK5IEFNFQKKS25G8H"></a><h1>0. Quick and dirty guide to using TRK</h1><p>This
page is intended for the really impatient who are passing by here and
probably just want to reset a password in Windows. The procedures
assume you are using MS&nbsp;Windows.</p>
<p>I'll make sure I don't type too much text for you to read.</p>
<h2>In short...</h2>
<p>TRK&nbsp;is not a software you install on your computer in Windows
but rather a completely independent operating system based on Linux and
which runs from CD (or USB stick or network).</p>
<p>To get the latest version of TRK, go to the download page or download the latest copy here.</p>
<p>The quickest way to get you running TRK is to download and run the self-burning TRK&nbsp;version.</p>
<p>If you want to see how the self burning of TRK&nbsp;is done, see the page on <a href="https://trinityhome.org/Home/index.php?content=0.1_THE_EASIEST_WAY_TO_GET_IT_ONTO_A_CD_A_SELF_BURNING_TRK&amp;front_id=19&amp;lang=en&amp;locale=en">0.1&nbsp;Self burning TRK</a></p>
<p>Should you want to burn the iso with a 3rd party software called magiciso, see <a href="https://trinityhome.org/Home/index.php?content=0.2_BURNING_TRK_WITH_MAGICISO&amp;front_id=19&amp;lang=en&amp;locale=en">0.2&nbsp;Burning TRK&nbsp;with Magiciso</a></p>
<p>For booting from TRK, see <a href="https://trinityhome.org/Home/index.php?content=0.3_BOOTING_FROM_TRK&amp;front_id=19&amp;lang=en&amp;locale=en">0.3&nbsp;Booting from TRK</a></p>
<p>For password resetting, see <a href="https://trinityhome.org/Home/index.php?content=0.4_RESETTING_PASSWORDS&amp;front_id=19&amp;lang=en&amp;locale=en">0.4 Resetting passwords</a></p>
<p>If you know how to burn an isofile, skip section 0.1 and 0.2.</p>
<p>If you know how to boot from CD, skip section 0.3</p>
<p>For password resets, you can equally skip section 0.4 because
TRK&nbsp;3.4 now has a simple menu from which you can select whatever
you need to do.</p>
<p>&nbsp;</p><br><a name="841YA21RBZPBCRPIQGT0BYCFWYCIELPDGF1G8SY9GCAJU" &nbsp;="" id="841YA21RBZPBCRPIQGT0BYCFWYCIELPDGF1G8SY9GCAJU"></a><h1>0.1 The easiest way to get it onto a CD: a self burning TRK</h1><p>-Download and save the latest copy of the self-burning TRK, e.g. "trinity-rescue-kit.3.4-build-366.exe"</p>
<p>-Doubleclick on "trinity-rescue-kit.3.4-build-366.exe"</p>
<p>Now see the screenshots</p>
<p>&nbsp;Ok, you've put your blank CD&nbsp;in the tray, now answer yes
and see all of the next screens pass by.&nbsp;There 's no more work for
you on the burning part!</p>
<p><img src="helpdocs_files/10-selfburn-trk.jpg" alt="" height="138" hspace="5" vspace="5" width="587"></p>
<p><img src="helpdocs_files/11-selfburn-trk.jpg" alt="" hspace="5" vspace="5"></p>
<p>&nbsp;</p>
<p><img src="helpdocs_files/12-selfburn-trk.jpg" alt="" hspace="5" vspace="5"></p>
<p>&nbsp;</p>
<p><img src="helpdocs_files/13-selfburn-trk.jpg" alt="" hspace="5" vspace="5"></p>
<p>&nbsp;</p>
<p><img src="helpdocs_files/14-selfburn-trk.jpg" alt="" hspace="5" vspace="5"></p>
<p>&nbsp;...and that 's it, now boot from it.</p><br><a name="YUU68L1SK1TXA04XDZX4MPPJJXTUJZP8J95IKX0WNJIN9" &nbsp;="" id="YUU68L1SK1TXA04XDZX4MPPJJXTUJZP8J95IKX0WNJIN9"></a><h1>0.2 Burning TRK with Magiciso</h1><p>There
are many other programs that can burn ISO files to a CD. Magiciso is
just used as an example because it's one of the most easy to
use.&nbsp;An alternative might be the very lightweight <a href="http://www.terabyteunlimited.com/downloads-free-software.htm">BurnCDCC</a> or another free and full blown CD writer is <a href="http://cdburnerxp.se/">CD&nbsp;Burner XP</a>.<br>
Users from Windows 7 can just burn an ISO&nbsp;to disk without installing any additional software.</p>
<p>Remember that to install programs or run the self burning TRK, you have to be an administrator of your local computer.</p>
<p>The screenshots speak for themselves</p>
<p>1<br>
<img alt="" src="helpdocs_files/01-wwwmagicisocom.jpg" hspace="2" vspace="2"></p>
<p>2<br>
<img alt="" src="helpdocs_files/02-wwwmagicisocom.jpg" hspace="2" vspace="2"></p>
<p>3<br>
<img alt="" src="helpdocs_files/03-mi-disclaimer.jpg" hspace="2" vspace="2"></p>
<p>4<br>
<img alt="" src="helpdocs_files/04-burn1.jpg" hspace="2" vspace="2"></p>
<p>5<br>
<img alt="" src="helpdocs_files/05-open-file.jpg" hspace="2" vspace="2"></p>
<p>6<br>
<img alt="" src="helpdocs_files/06-burn2.jpg" hspace="2" vspace="2"></p>
<p>7<br>
<img alt="" src="helpdocs_files/07-burn3.jpg" hspace="2" vspace="2"></p>
<p>8<br>
<img alt="" src="helpdocs_files/07-burn4.jpg" hspace="2" vspace="2"></p><br><a name="NDQL3ZBZYMUVVWYN4348DUF9650TV0083FKX5LMUY6EJS" &nbsp;="" id="NDQL3ZBZYMUVVWYN4348DUF9650TV0083FKX5LMUY6EJS"></a><h1>0.3 Booting from TRK</h1><p>To
be able to boot from TRK, I&nbsp;can give you a few tips, but there is
never 1 uniform way on how to do it because every computer is different
and every brand has different shortcut keys.</p>
<p>In many cases, the fact that the CD with TRK&nbsp;is in your CD tray
when you boot your computer might be enough to get it booting from it.</p>
<p>In other cases, you get the option to select the bootdevice at
startup. Depending on the brand, this might be with any different
function key or even "esc" and "enter".&nbsp;Most of the time, the
power on screen tells you what key to press.</p>
<p>Ultimately you must set the bootsequence in the bios of the
computer.&nbsp;The bios is basic configuration of a computer before
even any operating system or software has been started.</p>
<p>Here 's a few screenshots I've taken from VMWare, which basically behaves like any other physical computer.</p>
<p>Here 's the initial bootsplash which lasts only a few seconds. <br>
<img src="helpdocs_files/bootsplash-vmware.png" alt="" height="480" hspace="5" vspace="5" width="640"><br>
The text speaks for itself. </p>
<p>Hitting "esc" is enough to select a temporary bootdevice. <br>
<img src="helpdocs_files/bootselection-vmware.png" alt="" height="418" hspace="5" vspace="5" width="546"></p>
<p>Alternatively if you hit F2, you can go into the bios and set the
bootsequence permanently.&nbsp;Remember that in that case when you have
a bootable CD in your tray, your PC&nbsp;will always boot from
that.&nbsp;It will also make startup slower because it will first look
for a cd and its bootability.<br>
<img src="helpdocs_files/bios-boot-vmware.png" alt="" height="480" hspace="5" vspace="5" width="640"></p>
<p>Now this is only an example for VMWare.&nbsp;Any other computer is
different in the fact that it can be any of the other function keys you
need to press to enter the bios or choose a bootdevice.&nbsp;Read the
text from the splash screen.</p>
<p>To get a better explanation on setting the bootsequence, take a look at the documentation done for Hiren's Bootcd:</p>
<p>


 	<style type="text/css">
	<!--
		@page { margin: 0.79in }
		P { margin-bottom: 0.08in }
		A:link { so-language: zxx }
	-->
	</style>   

</p>
<p><a href="http://www.hiren.info/pages/bios-boot-cdrom">http://www.hiren.info/pages/bios-boot-cdrom</a></p>
<p>&nbsp;</p><br><a name="BL8Q8FN81J34KW4EMG9IHTQJZ2L5J22LD02C6FAXQ4S0Q" &nbsp;="" id="BL8Q8FN81J34KW4EMG9IHTQJZ2L5J22LD02C6FAXQ4S0Q"></a><h1>0.4 Resetting passwords</h1><p>Once
you 've managed to burn TRK&nbsp;to CD and set the right bootsequence,
you can start doing stuff with it, like resetting the password (that's
what you came here for didn't you?).</p>
<p>See this little <a href="https://trinityhome.org/Files/trk-screenshots/video/trk-winpass-howto-01.avi">movie</a> which runs you through it from A to Z and do some further reading on the <a href="https://trinityhome.org/Home/index.php?content=3922.2_WINPASS_AND_REGEDIT&amp;front_id=19&amp;lang=en&amp;locale=en">usage of winpass.</a></p>
<p>You will notice that once you started TRK, the simple menu that you get is self explanatory.</p>
<p>&nbsp;</p><br><a name="48H6PKLBPTE32K9P95Q4T4MADLMZA6W5431IEDKTWQLN0" &nbsp;="" id="48H6PKLBPTE32K9P95Q4T4MADLMZA6W5431IEDKTWQLN0"></a><h1>1. TRK for Linux newbies</h1><p>This
section gives a quick introduction about the concepts of Linux, a live
distribution and how you should see and control your computer from the
viewpoint of TRK</p><br><a name="2FK5NB4F87EHQWYKAJWGIQZLFA53HWY9185EAZJ9XPGCA" &nbsp;="" id="2FK5NB4F87EHQWYKAJWGIQZLFA53HWY9185EAZJ9XPGCA"></a><h1>1.1 What is TRK? What 's a live distribution?</h1><p>


 	<style type="text/css">
	<!--
		@page { margin: 0.79in }
		P { margin-bottom: 0.08in }
		H1 { margin-bottom: 0.08in }
		H1.western { font-family: "Times New Roman", serif }
		H1.cjk { font-family: "Bitstream Vera Sans" }
		H1.ctl { font-family: "Bitstream Vera Sans" }
	-->
	</style> 

</p>
<p>This is a definition for people that have absolutely no idea of what
an operating system means. If you don 't understand what I just said,
you need to read the following text. The people who do know what it all
means, might take the following definition as incorrect, but that 's
just so I can explain in simple language what I mean.<br>
<br>
“Trinity Rescue Kit" or <strong>TRK is a collection of programs that can start a computer in an alternate way if it failed to start normally.<br>
</strong><br>
TRK is a so called "live distribution" of Linux. Linux is in fact the
"brain" and "the senses" that drives your computer, all the programs
are the limbs that allow you to control it. All this put together make
up a so called operating system. Because of confusion in terminology
and because of the so many flavors, we talk about Linux being the
operating system and what makes it complete with programs is called the
distribution. And as for distributions, a lot of flavors exist
(hundreds, maybe even thousands). One of these flavors is Trinity
Rescue Kit. TRK is a "live" distribution because it can boot from
removable media, perform hardware detection on-the-fly and automate as
many configuration tasks as possible.<br>
<br>
TRK operates completely from RAM (= compare this with the short term
memory of your brain) and read-only media. This means also it doesn ‘t
touch nor change anything stored on your computer until you tell it to
do so. Another implication this will have is that by starting your
computer with Trinity Rescue Kit you have the guarantee that no viruses
that might be on your local computer can become active. In the case of
your computer running Microsoft Windows in normal circumstances, it
just is impossibe by design that a windows virus can run on TRK because
TRK is Linux.<br>
<br>
You have the possibility of using 5 different antivirus scanners with
TRK (current version of this writing: 3.4). One of them, the free open
source Clamav is integrated in the distribution, the other 4, F-prot,
Bitdefender Vexira and Avast get downloaded from the Internet when
launched. For Avast you need a free license key handy, for which you
need to<a href="http://www.avast.com/registration-free-antivirus.php"> register on their site</a>.<br>
<br>
More on what TRK is can be read on the frontpage</p>
<h1 class="western"><br>
&nbsp;</h1>
<p>&nbsp;</p><br><a name="BVJ9IR04WMV4XH1MSM34S6T8MGH4JW8KHHKQYBKKN6FBD" &nbsp;="" id="BVJ9IR04WMV4XH1MSM34S6T8MGH4JW8KHHKQYBKKN6FBD"></a><h1>1.2 What is different between accessing your PC from Windows and accessing from TRK?</h1><p>


 	<style type="text/css">
	<!--
		@page { margin: 0.79in }
		P { margin-bottom: 0.08in }
	-->
	</style>Instead
of running programs on your computer using Windows, you are now
starting your computer with something completely different. Trinity
Rescue Kit is not designed to give you the same environment you get
normally, but to provide you the means and the utilities to perform
rescue and repair operations that might not be (anymore) possible on
your computer in normal Windows operation mode.<br>
<br>
Because this is Linux, you will not see your drives in the same way you
do under Windows (or DOS), but they will appear as logically assigned
devices. So instead of the C:-drive, you will get /dev/hda1 in which
‘hda’ is your first available harddisk ('h' in hda is for ide drives,
's' is for scsi, sata and removable drives), hda1 is the first
(primary) partition on which a filesystem may reside. The filesystem
used in general for Windows is NTFS. This stands for New Technology
FileSystem, but in the mean time the "New" in technology is already
more than 12 years old. Nevertheless, it has gotten some improvements
over the years and it is, I must admit, a good filesystem. The other
filesystem natively supported by Windows is FAT, which come in the
flavors FAT12 (for floppies), FAT16 (for small disks up to 2Gb) and
FAT32 (for bigger disks).<br>
<br>
What 's also different from Windows is that these filesystems are not
accessible by default in Linux, you have to so called "mount" them.
Where in Windows you will get a drive C: with your files on, in Linux
you have to call the command 'mount' and mount the filesystem against a
subdirectory. An example of this: let 's say your drive C: is /dev/hda1
(/dev contains the collection of device references on your system). You
have a directory /mnt0. In this case you type 'mount /dev/hda1 /mnt0'.
When you invoke the command 'mount' afterwards without any parameters,
you will see that /dev/hda1 is mounted on /mnt0. If you cd to that
directory and type 'ls' (=equivalant of 'dir' in Windows), you will get
a directory listing of what 's available on that C: drive.<br>
<br>
Now with this all explained, you should see the picture: TRK runs on
your computer but treats it as a doctor inspecting a dead body:
everything is there, but the person is not. You can now perform surgery
on the body and try to revive it.
</p>
<p>&nbsp;</p><br><a name="WQKZJKT0E8QJQM9HJZ4WTYKI5DK0ZDBLUMB3YUU2S9B7M" &nbsp;="" id="WQKZJKT0E8QJQM9HJZ4WTYKI5DK0ZDBLUMB3YUU2S9B7M"></a><h1>1.3 Getting around with common linux commands (cd, cp, mv, rm, more, grep, mount)</h1><p>


 	<style type="text/css">
	<!--
		@page { margin: 0.79in }
		P { margin-bottom: 0.08in }
	-->
	</style>   

</p>
<p>This is a small tour on commands you will find useful when working
with TRK (and Linux in general). Let 's take as a convention that
commands you have to type are put between 'single quotes'. At the
commandline you omit these quotes (unless I say not to).<br>
<br>
What I 'm going to teach here is basically how you work with files, like copying, moving, editing, etc...<br>
<br>
First, let's start with changing directories.<br>
<br>
People that have worked with the commandline in Windows or Dos will
recognize many things. The big difference with this is that directories
in Linux are separated by forward slashes instead of backslashes in
Windows. Another big difference is that Linux folders and files are
case sensitive: capitals have to be typed as capitals, otherwise the
file or folder will not be found.<br>
<br>
-<strong>cd</strong><br>
<br>
The command to change a directory (or folder how it 's called in Windows) is 'cd'<br>
f. i. you want to change to the directory /tmp you type 'cd /tmp'. If
the folder contains spaces, there are two ways you can get into them:
or you put the foldername between double quotes or you use so called
escape characters to represent the spaces.<br>
<br>
Let 's say we want to cd to the folder 'Documents and Settings' you can
type 'cd "Documents and Settings"' or 'cd Documents\ and\ Settings'
where the backslash (\) in Linux is used to 'escape' characters, i.e.
you treat the characters litterally instead of as a control character.
Enough of that.<br>
<br>
Another way of easily changing directories is by typing the first
letters of it and then pressing the tab-key. F.i. type 'cd Doc' and
press tab. The command will complete as 'cd Documents\ and\ Settings'.
If more files or folders match, the tab command will show you the
possible options left. Very nice feature, saves you lots of time and
painful fingers.<br>
<br>
-<strong>cp</strong><br>
<br>
File copying, the second thing you 'll probably need.<br>
Once you 're in the right directory, you need to be able to copy files to other locations.<br>
Here 's how to do it, together with the most important switches.<br>
Take a file called file1, located in /tmp/ and you want to copy it to
/home: simple command 'cp /tmp/file1 /home' or when you first cd-ed to
/tmp: 'cp file1 /home/'. Source-target.<br>
Suppose you want to copy multiple files, you can use a wildcard with
'*'. If /tmp contains file1 and file2 and copy them both at the same
time: 'cp /tmp/file* /home/'<br>
If you want to copy files and folders recursively, together with all the attributes, use the switch '-a'<br>
To see what gets copied while it 's busy, add the '-v' parameter too (verbose).<br>
Say /tmp contains 'file1', 'file2', a subfolder called 'testfolder'
which also contains 'file3', then perform 'cp -av /tmp/* /home' This
will copy the complete contents of /tmp, including subfolders to /home.<br>
If cp asks you to overwrite already existing files, you can force that by adding '-f' (force) to your command:<br>
'cp -avf /tmp/* /home'<br>
<br>
-<strong>mv</strong><br>
<br>
Moving files. This is the same principle as copying files but easier, e.g.<br>
'mv /tmp/* /home' moves all the contents, including subdirs to /home<br>
Adding the parameters -v and f moves them verbosely without prompting to overwrite existing files.<br>
<br>
-<strong>rm</strong><br>
<br>
Remove files.<br>
Remove 1 file, example: 'rm /tmp/file1'<br>
Remove files recursively, without prompting: 'rm -rf /tmp/*'<br>
<br>
-<strong>more</strong><br>
<br>
Viewing files and output of commands. This is a util you can use any
time there 's too much output coming to your screen or you need to look
into a file.<br>
E.g.: 'more /tmp/file1' shows you the contents of file1, but gives it a
page at a time. To go to the next page, press space. The arrows and
enter key scroll down line by line.<br>
You can use this command also in combination with other commands to halt their output so you can read what it says.<br>
Example: 'dmesg | more' : 'dmesg' gives you the output of your kernel
startup procedure and recent system messages, but it 's maybe about 300
lines of output. So in this case we so called "pipe" the output of
'dmesg' to 'more' using the "|" sign. In this way I have also explained
you with an example the use of "command piping"<br>
<br>
-<strong>command piping</strong><br>
<br>
Continueing on this subject, let 's see what other uses command piping can do for us.<br>
It can be used to filter out a certain line with a specific keyword.<br>
Let 's say you want to know whether there 's a file called
Document.doc' somewhere in a subdirectory, but you don 't know which.
Then use this command from within the base directory you want to search
in: 'find ./ | grep -i document.doc' (the -i parameter upper- or
lowercase characters)<br>
You can also pipe the output of a command to a file instead of the
screen. F.i. to put the complete filelisting of a directory tree to a
file, do like this 'find ./ &gt; /tmp/filelist.txt'<br>
<br>
-<strong>editing files</strong><br>
<br>
Here 's quickly how to use vi, the most common text editor on Linux.
Beware: this does not edit Word documents or any other document format
that is in binary format.<br>
Open a file or create a new file: 'vi /tmp/file1'<br>
Move your cursor around with your arrows to the line you want to edit.<br>
To insert text, type 'i', this will put you in insert mode. To remove
text, use 'x', (go out of insert mode first with escape). To remove or
cut a complete line, use 'dd'. You can paste this line elsewhere with
'p'.<br>
This is basically editing in vi. To save a document, go out of insert
mode and type ':wq' (colon write quit). To exit without saving: ':q!'
(colon quit exclamation mark).<br>
If you don 't like vi, you can use pico which is a bit simpler to use, but less common on the different Linux systems.<br>
<br>
-<strong>mounting filesystems</strong><br>
<br>
When working with Linux and more specifically here with Trinity Rescue
Kit, it is imperative that you understand the way you "talk" to
filesystems.<br>
Whereas Windows just assigns a driveletter to any local filesystem it
knows and finds (which is only NTFS and FAT), Linux does it all by
invoking "mount" of a filesystem against a directory where you mount it.<br>
Trinity Rescue Kit has a utility called "mountallfs" that searches for
every filesystem on the local computer's disk drives and mounts it in a
directory that has the same basename as the device where the filesystem
resides. More on that later in this documentation. In other, normal
Linux distributions, local filesystems are detected or created on
install.<br>
<br>
Let 's talk now how to perform manual mounting.<br>
Mounting can be performed with any filesystem, regardless of it being local or on the network. <br>
<br>
*<u> Mounting a local filesystem can be done like this:</u><br>
<br>
To know what device contains te filesystem you want to mount, you can
look at a file called "/proc/partitions" This will tell you the
partition lay-out of your disks, which will most likely contain
filesystems. A common "/proc/partitions" file may look like this:<br>
<br>
/dev/hda<br>
/dev/hda1<br>
/dev/hda2<br>
<br>
/dev/hda claims in fact the whole disk. Under Windows it is impossible
to create a filesystem in there, under Linux it is possible but
improbable and not recommended.<br>
Most likely you will find a filesystem on /dev/hda1 and /dev/hda2, which will be you C: and D:-drive under Windows in general.<br>
Mounting this is quite easy, in general you don 't have to give any paramters with it, Linux will detect the type of filesystem.<br>
'mount /dev/hda1 /mnt0'<br>
<br>
Trinity Rescue Kit by default has two directories for manual mounting
of filesystems. You can create as many as you like, in as many subdirs
as you like. That 's all I 'm going to explain about local filesystem
mounting. I recommand you use "mountallfs". More on that later.<br>
<br>
* <u>Mounting network filesystems.</u><br>
<br>
This is a very interesting bit, because with Trinity Rescue Kit you
will want to evacuate your files to another computer. In TRK (and most
other Linux distributions) it is possible to talk to Windows
filesharing technology. For those who want to know the name of this
technology, it 's called SMB (=Server Message Block). TRK can act as a
client as well as a server. In this case we 're talking about TRK as a
client.<br>
<br>
Let 's say you have a running windows machine and you 've configured it
to share "myshare". If you have not configured a share, you can connect
to the c$ hidden share, but then you need to deactivate "Use simple
simple filesharing" in the folder options of your Windows explorer. But
let us take the "myshare" share.<br>
<br>
For the ease of use, it 's a good thing to create a user on your
Windows machine called "root", give him a password and make it an
administrator. But that 's not really necessary, you can also use the
local "administrator" account, this will just require you to add a
parameter to the mount command.<br>
<br>
Let 's take the case of the "myshare" share, your Windows pc has
10.0.0.5 as ip-address (always faster to just point to the ip-address
instead of the name) and you 've created a local user called root. Then
here 's the command: 'mount //10.0.0.5/myshare /mnt0'<br>
<br>
You will get prompted for a password in if no output is given, your
share should appear under /mnt0. Make sure "myshare" has enough
permissions for the user "root"<br>
<br>
If you don't want to create a user, you don 't want to create a share
and you did disable simple filesharing (or your windows machine is
member of a domain), you can go ahead like this:<br>
'mount -o username=administrator //10.0.0.5/c$ /mnt0' , which will
prompt for the password an give you the credentials of "administrator".
You can already pass the password (e.g. blahblah) in the commandline if
nobody is looking over your shoulder: 'mount -o
username=administrator,password=blahblah //10.0.0.5/c$ /mnt0'<br>
<br>
Below is a screenshot of a Windows PC that has opened the disk of a remote TRK booted machine.</p>
<p><br>
<img alt="" src="helpdocs_files/fileserver-explorer.png" height="600" hspace="5" width="800"></p>
<p>&nbsp;</p>
<p>&nbsp;</p><br><a name="M69SKN1KBY3NSX3XG2DPJ306MHH6EL0SIZ9UD05EPYT7K" &nbsp;="" id="M69SKN1KBY3NSX3XG2DPJ306MHH6EL0SIZ9UD05EPYT7K"></a><h1>1.4 Reading information about your PC (dmesg, /proc/partitions)</h1><p>


 	<style type="text/css">
	<!--
		@page { margin: 0.79in }
		P { margin-bottom: 0.08in }
	-->
	</style>Let 's summarize a little what 's already been said and look at reading info on your computer.<br>
<br>
-<strong>/proc</strong><br>
<br>
Standard Linux always has a filesystem called "proc", which is a
virtual filesystem in which files reside that have to do with your
hardware and running processes. It 's a wonderful invention. We already
talked about /proc/partitions, which is a file containing all local
disk partitions.<br>
<br>
Another interesting file is /proc/cpuinfo, which gives you information about your CPUs<br>
<br>
/proc/meminfo gives you information about the memory usage. Don 't let
yourself get misled by the Memfree line, which will always look very
low. Actually, Linux always reserves most part of the memory so it can
make use of it in a fast way. What you need to look at is the Active
and Inactive. The maximum amount of memory you will see will never be
more than 4Gb, since the TRK kernel needs to keep maximum compatibility<br>
<br>
Another useful file to read info on your cdrom drive is /proc/sys/dev/cdrom/info.<br>
<br>
Those are about the important files in /proc you need to know about now.<br>
<br>
-<strong>dmesg</strong><br>
<br>
The command "dmesg" gives you your kernel messages. Any hardware
detected will give you a message somewhere in the output of this
command. If you want to know the type of network card that has been
detected, perform 'dmesg|more' and look for any mentions of eth0,
eth1,...<br>
<br>
What type of harddisk controller you have: dmesg. Just use it when you
find yourself stuck on hardware questions. Also disk failures will be
visible with this command. Network errors, link down, etc, one command.<br>
<br>
Another way of looking at this information is through /var/log/messages
(more /var/log/messages), which on normal Linux distributions contain
output logs of previous boots too.<br>
<br>
To know what device your newly inserted USB stick has, plug it in, let
it settle for a few seconds and then run dmesg again. Or just run
'dmesg|tail' to see only the last added lines.<br>
Here 's an excerpt of what you might read from dmesg. It tells you something about your network card:<br>
<font face="Courier New"><font size="2">eepro100.c:v1.09j-t 9/29/99 Donald Becker http://www.scyld.com/network/eepro100.html<br>
eepro100.c: $Revision: 1.36 $ 2000/11/17 Modified by Andrey V. Savochkin &lt;saw@saw.sw.com.sg&gt; and others<br>
ACPI: PCI Interrupt 0000:05:08.0[A] -&gt; GSI 20 (level, low) -&gt; IRQ 16<br>
eth0: OEM i82557/i82558 10/100 Ethernet, 00:08:02:C6:4E:9D, IRQ 16.<br>
Board assembly 262285-001, Physical connectors present: RJ45<br>
Primary interface chip i82555 PHY #1.<br>
General self-test: passed.<br>
Serial sub-system self-test: passed.<br>
Internal registers self-test: passed.<br>
ROM checksum self-test: passed (0x04f4518b).</font></font><br>
<br>
-<strong>lspci and lsusb</strong><br>
<br>
This gives you any information on what 's on your PCI and respectively
USB bus. This doesn 't only mean what 's in your PCI slots, but
everything on the bus, so also onboard ethernet and usb controllers.
</p>
<p>

<strong>-lshw</strong>

</p>
<p>Now here 's a great utility that can give you a complete listing of
all your hardware, recognised and not recognised. When you run it, it
will give you a LOT&nbsp;of output, so best here is to run it 'lshw |
more', or if you only need specific info about f.i. disk drives, you
can run 'lshw -C&nbsp;DISK'. Getting the info off your TRK can be done
directly to the interweb (provided your network card got detected) by
running 'lshw | wgetpaste', which will publish the output on
http://pastebin.ca and return you a short url to where it can be found.</p>
<p>

<br>
-<strong>smartctl</strong><br>
<br>
The smartmontools are part of Trinity Rescue Kit and not so common on
normal Linux systems, yet they are a valuable addition to any system.
What it does is read the s.m.a.r.t. information of disk drives so you
can know when errors start to occur.<br>
<br>
Just use it like this: 'smartctl -a /dev/sda' where sda is your first
scsi or sata drive. Make sure smart is enabled in the computer's bios.<br>
<br>
-<strong>acpi and acpitool</strong><br>
<br>
Two tools to read the battery and thermal information of your computer. Type acpi --help to get more info on possible options.<br>
<br>
acpitool can give you much more information like fan speeds and cpu.
Also certain laptop types are supported for their special features like
brigthness on Asus laptops etc...<br>
<br>
-<strong>df and du</strong><br>
<br>
Two standard utils provided in Linux. df shows you the usage of your
mounted filesystems, du shows you the usage of a specific folder. Use
it like 'df -h' and 'du -h' where "-h" stands for "human readable",
making the output rounded to mega- and gigabytes.<br>
This is in short how you can get to know your computer a little and how to jumpstart using Linux and Trinity Rescue Kit.<br>
<br>
<strong>-lshw</strong><br>
<br>
Recently recommended and added, but looks very promising, lshw gives
you a complete list of all your hardware in your computer. Best to pipe
this to a file, because the list can get long.
</p>
<p>&nbsp;</p><br><a name="QBRDPTSD001QIT0CN3AHZ75WRJKLINJYQ024JJ8A9ZQIH" &nbsp;="" id="QBRDPTSD001QIT0CN3AHZ75WRJKLINJYQ024JJ8A9ZQIH"></a><h1>2. TRK own commands and utils</h1><p>Let 's look at the added value of Trinity Rescue Kit, with its own specific commands and utils.</p><br><a name="XFPUBF4W6TFSCHXH5RXKMFAR0BVLGLR3S6NTBHF71KQ3T" &nbsp;="" id="XFPUBF4W6TFSCHXH5RXKMFAR0BVLGLR3S6NTBHF71KQ3T"></a><h1>2.1 Virusscan</h1><p>


 	<style type="text/css">
	<!--
		@page { margin: 0.79in }
		P { margin-bottom: 0.08in }
		H1 { margin-bottom: 0.08in }
		H1.western { font-family: "Times New Roman", serif }
		H1.cjk { font-family: "Bitstream Vera Sans" }
		H1.ctl { font-family: "Bitstream Vera Sans" }
		H2 { margin-bottom: 0.08in }
		A:link { so-language: zxx }
	-->
	</style>

</p>
<p>Virusscan is a script that actually wraps 5 different virusscanners into one. <br>
Only one of them is actually included on the TRK cd (Clamav), the others are downloaded from their website upon usage.</p>
<p>When running virusscan, it is highly recommended that your computer
has a decent internet connection so you can get the latest virus
signatures.</p>
<h2>Scan engines</h2>
<p style="margin-bottom: 0in;">Currently, 5 AV engines and md5 file checksumming are implemented.</p>
<h3>-ClamAV</h3>
<p>This is the basic engine provided and is already preinstalled on
TRK. It is very effective on mailservers but is quite slow and tends to
crash when used as a commandline scanner. It also focuses more on
mailworms and, from experience, has less effectiveness for local viri.
Clamav is the only GPL licensed AV engine implemented. All others have
some sort of free-for-non-commercial-use license and are closed source.
The pros of Clamav are: <br>
* very quick on new virus outbreaks <br>
* included in TRK <br>
* GPL licensed, so free for everyone <br>
The cons: <br>
* slow and very CPU and memory intensive <br>
* detects the least viri of the 5 scanners in virusscan. <br>
<br>
Because it's in fact a mailserver scanner, it will focus more on worms
than on filth that comes from malicious websites and such. <br>
* cannot disinfect inside files on its own. What is done in this case
is quarantine the infected files into a tar.gz archive in
&lt;scandestination&gt;/TRK-INFECTED/. Should a file be accidentally
deleted, you can recover it afterwards and rescan it with another
antivirustool</p>
<h3>-F-Prot</h3>
<p>This antivirus tool and all the others are not included in TRK but
get downloaded from the Internet as soon as you call upon them. They
disappear after a reboot of TRK. If you want them to be available after
a reboot, you have to run updatetrk. This will be explained later in
this documentation. The pros of F-prot: <br>
* lightweight, not a big download <br>
* pretty fast, low cpu usage <br>
* good disinfection method <br>
The cons: <br>
* does not detect everything <br>
* their website sometimes fails and download of f-prot is aborted</p>
<h3>-BitDefender Scanner</h3>
<p>It has a good average between filesize, cpu/memory load and
virusdetection. It can detect many different types of malware. From
what has been experienced so far, it may detect other viri and malware
than the other 4. It's recommended to sweep with this after another one
has already run. <br>
Pros of BitDefender Scanner: <br>
* detects quite some viri <br>
* pretty fast <br>
* detects alternate malware <br>
Cons: <br>
* sometimes doesn't detect very common viri <br>
* slow update process</p>
<h3>-Vexira</h3>
<p>This AV engine hasn't been tested so much, but it looks like a good average AV engine.</p>
<h3>-Avast</h3>
<p>Avast is the latest addition to virusscan (and replaces Grisoft AVG
because AVG lacks cleaning support in its new version). Avast is a
great AV on Windows, very lightweight, but has not been tested in depth
yet on Linux/TRK. <br>
For this particular AV engine you need a registered, free license key which is sent to you by mail. <br>
Get it at <a href="http://www.avast.com/registration-free-antivirus.php">http://www.avast.com/registration-free-antivirus.php</a> <br>
If you want to avoid entering the license key each time, it's recommened to run updatetrk</p>
<h3>-MD5</h3>
<p>This is not an antivirus engine but just reads all of your files and
makes md5sums of it. It writes the result to a logfile in the same way
like it does for an AV engine. The logfile format is: modification
seconds since 1-1-1970 &lt;space&gt; md5sum &lt;space&gt; filepath.</p>
<p>&nbsp;</p>
<p>To get complete and up to date info, please check out the online version of the manpage for virusscan: <a href="http://trinityhome.org/manpages/man8/virusscan.8.html">http://trinityhome.org/manpages/man8/virusscan.8.html</a></p>
<p><br>
&nbsp;</p>
<p>&nbsp;</p><br><a name="HW79FF1ZME1FBEY6DVXDG60JAJVNKK6T64SB9I0MMSSPW" &nbsp;="" id="HW79FF1ZME1FBEY6DVXDG60JAJVNKK6T64SB9I0MMSSPW"></a><h1>2.2 Winpass and regedit</h1><p>


 	<style type="text/css">
	<!--
		@page { margin: 0.79in }
		P { margin-bottom: 0.08in }
		H2 { margin-bottom: 0.08in }
		A:link { so-language: zxx }
	-->
	</style>

</p>
<p style="margin-bottom: 0in;">Winpass is a bash wrapper script for <strong>chntpw </strong>supplied with Trinity Rescue Kit that resets MS Windows NT based local passwords.</p>
<p>By default winpass without any arguments will reset the builtin
administrator account of a locally installed Windows, but you can
specify other accounts as well at the commandline. In fact, you can add
any parameter from chntpw which will be parsed to the commandline. So
winpass -l will list all usernames found in the SAM (=Windows user and
password database). Should you have troubles that metacharacters are
present in the username (such as the Ø or something), you can still
use the HEX reference to the username listed next to it. Be sure to
prepend that with a '0x'…