Welcome to the Linux Foundation Forum!

Wich distro ready to access hidden folders and/or win10 hibernated files?

leonnardsleonnards Posts: 1
edited September 2016 in New to Linux

Hello world, first entry here so there'll be lots of etiquette mistakes and grammar errors (not native speaker). Apologies first and foremost. 

I use linux as a tool to do things Windows (the enviroment I have to use in my work) don't do easily like clean garbage files that's counted as "system", delete programs that's otherwise cannot be deleted at first like pre installed norton, mcafee or the like. 

One good example and the reason I'm here asking is the Windows 10 (and even 8)'s folders "windows.old" and "windows.~bt" or something. I want to be able to access some newly restored notebook (part of my work here, fix shit that the users did) with a distro that enables me to see, access with read/write privileges and finally delete with no sweat, no need to change attributes manually. Pehaps only check the "show hidden files" and thats about it. 

I'd prefer with graphical interface, but no one in particular; I'm just not fan to console-only. And already all the machines in my sector (more than a hundred) were above Core 2 Duo, so 64 bits would not be a problem at all. 

Since there were lots of specialized distros for forensic purposes and such, can someone shed a light on one of those that made easy to go into those files and folders and rip them off so I can say that the installation is clean? 

I really don't want to have a "recovery" for old system when the system is already the original the notebook already were installed. 

Thanks for the time and sorry for the long post. I'll figure out an analogue of a potato to show here once I grew more knowleageble. 

Comments

  • saqman2060saqman2060 Posts: 777
    edited October 2016

    I will try my best to assist you, but I will be asking for more clarity on your request. What do you mean this statement, "can someone shed a light on one of those that made easy to go into those files and folders and rip them off so I can say that the installation is clean? " ?. Not sure what you mean by "rip off". 

    You can use any Linux distro to view an NTFS partition and access files, provided that the files are not encrypted. If so, you will need to know what program was used to encypt the windows files and the decryption passphrase. From there, located a decryption program that can decrypted the files.

    I have not used any forensic Linux distros or use encryption on my system. Yet, decrypting a file using anything other then the original encryption source and no passphrase is going to be a lot of work.

    Have a look as this article.

    https://heasarc.gsfc.nasa.gov/ark/rps/help/gpg.html

Sign In or Register to comment.