• 0

Clonezilla - Restore Windows 7 image in a virtual machine


Question

I captured an image from a Windows 7 computer using clonezilla.  The image is stored on an external usb drive.

 

Within the folder that clonezilla created are files:

sda5.vfat-ptcl-img.gz.aa

sda1.vfat-ptcl-img.gz.aa

sda2.info

sda2.ntfs-ptcl-img.gz.aa

sda3.ntfs-ptcl-img.gz.aa

sda3.ntfs-ptcl-img.gz.ab

sda3.ntfs-ptcl-img.gz.ac

sda3.ntfs-ptcl-img.gz.ad

sda3.ntfs-ptcl-img.gz.ae

sda3.ntfs-ptcl-img.gz.af

sda3.ntfs-ptcl-img.gz.ag

sda3.ntfs-ptcl-img.gz.ah

sda3.ntfs-ptcl-img.gz.ai

sda3.ntfs-ptcl-img.gz.aj

sda3.ntfs-ptcl-img.gz.ak

sda3.ntfs-ptcl-img.gz.al

sda3.ntfs-ptcl-img.gz.am

sda3.ntfs-ptcl-img.gz.an

sda3.ntfs-ptcl-img.gz.ao

sda3.ntfs-ptcl-img.gz.ap

 

I want to browse the files that were stored on the laptop from which the clonezilla image was obtained.  I cannot restore the image to a laptop as I do not have identical hardware of the laptop from which the image was obtained.

 

I would like to mount the image in a virtual machine, but do not know how to do this base don't he information I have read.  The closest I get is that I create a windows 7 vm, somehow boot clonezilla in the vm and then restore the image from the external usb hard drive to the vm.  How do I boot clonezilla in the vm and then get clonezilla to restore the image to the vm?

 

Another option I have heard is that I can mount the clonezilla image in OS X as a Samba share.  If I can mount a clonezilla image as a Samba share, will this allow me to browse the files from the laptop (e.g. docx, xlsx, pptx, bmp, mp3, etc.)?  What steps are required to mount the clonezilla in OS X?

 

A third option (if it is eve possible based on my understanding of reading about restoring clonezilla images) is to create a bootable usb drive with the image on it.  From http://clonezilla.org/fine-print-live-doc.php?path=./clonezilla-live/doc/04_Create_Recovery_Clonezilla/09-select-options-then-create.doc, "If you want to create a recovery USB flash drive, choose to create zip file, then follow the same method as creating USB flash drive version of Clonezilla live to put the created zip file on USB flash drive and make it bootable."   The method for creating a usb flash drive version of clonezilla is to use tuxboot and select the clonezilla iso.  The problem I have with this method is that I already created an iso file of the image using clonezilla, but the iso contained the same img.gz.a* files so it didn't get me to a point where I could boot the iso.  Will the zip file create a bootable usb drive where I can browse the files the image captured, or will it just create a bootable usb drive with clonezilla on it where I can then use clonezilla to restore the image to the internal hard drive?

 

TL;DR I have a clonezilla image of a laptop using windows 7, and I want to be able to browse the files of the laptop that are contained in the clonezilla image.  How can I do this?

 

Thank you for your help.

7 answers to this question

Recommended Posts

  • 0

Some more info of the contents/files I have as a result of the clonezilla image process.

 

The image was stored in a folder titled "2016-1025-img".  Within this folder are the following files:

blkdev.list

blkid.list

clonezilla-img

dev-fs.list

disk

ecryptfs.info

Info-dmi.txt

Info-lshw.txt

Info-lspci.txt

Info-packages.txt

Info-saved-by-cmd.txt

parts

sdb-chs.sf

sdb-hidden-data-after-mbr

sdb-mbr

sdb-pt.parted

sdb-pt.parted.compact

sdb-pt.sf

sdb1.vfat-ptcl-img.gz.aa

sdb2.info

sdb2.ntfs-ptcl-img.gz.aa

sdb3.ntfs-ptcl-img.gz.aa

sdb3.ntfs-ptcl-img.gz.ab

sdb3.ntfs-ptcl-img.gz.ac

sdb3.ntfs-ptcl-img.gz.ad

sdb3.ntfs-ptcl-img.gz.ae

sdb3.ntfs-ptcl-img.gz.af

sdb3.ntfs-ptcl-img.gz.ag

sdb3.ntfs-ptcl-img.gz.ah

sdb3.ntfs-ptcl-img.gz.ai

 

I opened "sdb3.ntfs-ptcl-img.gz.aa" in 7-zip and extracted the file "sdb3.ntfs-ptcl-img.gz".  When I try to open this file with 7-zip, "Can not open file 'path\sdb3.ntfs-ptcl-img.gz' as archive.

 

I also have an iso file "2016-1025-img.iso" with the following folders

.disk

boot

EFI

home

live

syslinux

utils

[BOOT]

Clonezilla-Live-Version (this is a file)

GPL (this is a file)

 

Within the home folder a couple folders deep is the same contents of the "2016-1025-img" folder described above.  I don't think the will be helpful, but I already have it if it is needed.

 

So from these files, how would I go about mounting the image?  I can mount it in OS X, VirtualBox running  Linux (you tell me what the best distro is for this scenario), or Windows.

 

  • 0

well you would need to put them into 1 file.. so something like

 

cat <imagename>.gz.a* | gzip -d -c | partclone.restore -W -o <output filepath>

 

The you would end up with say file.img

 

Then mount that image.. Do you have partclone installed, if not apt-get install partclone.  Assuming your part was ntfs, so you prob want ntfs-3g as well..

 

user@ubuntu:~$ partclone.restore --help
partclone.restore v0.2.51 http://partclone.org
Usage: partclone.restore [OPTIONS]
    Efficiently clone to a image, device or standard output.

    -o,  --output FILE      Output FILE
    -O   --overwrite FILE   Output FILE, overwriting if exists
    -W   --restore_raw_file create special raw file for loop device
    -s,  --source FILE      Source FILE
    -L,  --logfile FILE     Log FILE
    -dX, --debug=X          Set the debug level to X = [0|1|2]
    -C,  --no_check         Don't check device size and free space
    -N,  --ncurses          Using Ncurses User Interface
    -I,  --ignore_fschk     Ignore filesystem check
    -i,  --ignore_crc       Ignore crc check error
    -F,  --force            Force progress
    -f,  --UI-fresh         Fresh times of progress
    -m,  --max_block_cache  The used block will be cache until max number
    -q,  --quiet                 Disable progress message
    -B,  --no_block_detail  Show progress message without block detail
    -v,  --version          Display partclone version
    -h,  --help             Display this help
user@ubuntu:~$ ntfs-3g -help

ntfs-3g 2013.1.13AR.1 external FUSE 29 - Third Generation NTFS Driver
                Configuration type 7, XATTRS are on, POSIX ACLS are on

Copyright (C) 2005-2007 Yura Pakhuchiy
Copyright (C) 2006-2009 Szabolcs Szakacsits
Copyright (C) 2007-2012 Jean-Pierre Andre
Copyright (C) 2009 Erik Larsson

Usage:    ntfs-3g [-o option[,...]] <device|image_file> <mount_point>

Options:  ro (read-only mount), windows_names, uid=, gid=,
          umask=, fmask=, dmask=, streams_interface=.
          Please see the details in the manual (type: man ntfs-3g).

Example: ntfs-3g /dev/sda1 /mnt/windows

News, support and information:  http://tuxera.com
user@ubuntu:~$

 

Once you have your image, then could mount it with say

 

ntfs-3g /dir/file.img /mnt/somedir

 

  • 0

Sorry the delayed response.  I just got around to a working Ubuntu 16.04 system to try this.

 

cat <imagename>.gz.a* | gzip -d -c | partclone.restore -W -o <output filepath>

returns the error "gzip: stdin: not in gzip format"

 

When I type file <imagename>.gz.aa in the terminal I get <imagename>.gz.aa: data

 

I don't understand how the gz.a* files are not in gzip format because when I run Clonezilla and try to restore the image, Clonezilla can restore the image.  My problem is that I don't want to restore the image, but simply browse the files so I can select certain files to copy to a new location.

 

I'm hoping you BudMan or someone else has encountered this issue and knows the fix because I have not been successful in finding this same problem duplicated by someone in all the reading of Clonezilla and Ubuntu forums.

 

Thank you.

  • 0

your not using <imagename> are you??  that is a placeholder for your files are actually called.

 

Your files are called sda3.ntfs-ptcl-img.gz right?  This is the image of your sda3 partition.

  • 0

I am not using <imagename>.  I was using that to be consistent with your message.

 

What I typed is "cat sdb3.ntfs-ptcl-img.gz.a* | gzip -d -c | partclone.restore -W -o sdb3.img"

I then get the error message that the file is not in gzip format.

  • 0

well if its not in gzip format why does it have gz in its name.. Did you not compress when you did your clone?

 

Do the commands 1 at a time vs piping them..

This topic is now closed to further replies.
  • Posts

    • Will be available in EventViewer. Suppose they could have also displayed upon next log-on (same as 'didn't shutdown properly' on servers) but seems not.
    • PasteBar 0.7.0 by Razvan Serea PasteBar is a powerful yet free clipboard manager that revolutionizes how you copy, organize, and reuse information. Packed with smart features, it enhances productivity and simplifies your workflow by minimizing repetitive copy-paste tasks—so you can work faster and smarter. PasteBar offers powerful clipboard management with unlimited history, searchable copy records, and note support, making it easy to retrieve past clips. You can save and organize clips into custom collections, tabs, or boards for quick access through intuitive paste menus. Privacy is a priority, with local storage, passcode protection, and PIN-locked collections ensuring your data stays secure. The app also supports custom storage locations, giving you full control over where your clipboard history is saved. Beyond basic clipboard functions, PasteBar includes smart features like support for text, images, files, and code snippets—complete with syntax highlighting and Markdown formatting. A global search function, instant pasting, and dark theme enhance usability, while customization options let you tailor hotkeys, tray behavior, and text filters. Cross-platform compatibility (macOS & Windows) ensures seamless workflow integration, with added tools for web scraping, API data extraction, and multi-language support. Backup and restore capabilities provide extra peace of mind, making PasteBar a versatile productivity tool. PasteBar 0.7.0 changelog: Added backup and restore database and images Added custom data location to store application data in a folder of your choice instead of the default location Added keyboard shortcuts to improve navigation efficiency within the application Added long press on clip to activate clips organize Added "Trim Spaces" option for clips and "Auto Trim Spaces" option for History Capture Added Quick history window user options Added option to disable capturing and storing images from clipboard Implemented clipboard history filtering based on text length limits Added support for setting hotkeys with up to 3-key combinations Fixed update history items in quick paste window after delete operation in main window Added user setting for single-click keyboard focus in history Refactored terminology for history window split to open Updated to React 19 and React Compiler Auto-activate search in quick paste window when typing any letter or number Added single-click copy/paste option in user preferences Added persistent note icons for clips with descriptions Added detect and select language modal on first app run Fixed refresh native menu on history items delete Added history item preview max lines user setting Added protected collection with PIN access Added special copy/paste for history items context menu and settings Added global templates in user preferences for saved clips Press Delete key to delete single or multiple items with confirmation on second press Added customizable tray icon behavior on Windows as user settings Added user preference to copy only menu items to clipboard without auto-pasting Fixed enhance value preview logic to fix text overflow Updated French language translation from Jean-Michel Robert Added deleting menu folders with children by moving submenus up one level Fixed user preferences UI color bug for languages Added settings to preserve pinned and starred items when clearing clipboard history Added option "Show Always on Top" for main window Added support for notes matching in global search Added Turkish language translation by AlijonMurodov Updated Chinese translation by katelya77 Download: PasteBar | Portable | ~30.0 MB (Open Source) Download: PasteBar ARM64 | Portable ARM64 Links: PasteBar Website | Screenshot | MS Store Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Well, it seems version 4.9 doesn't work well at least when trying to make a WinToGo USB. It ends very fast with an error. Had to use 4.8 instead.
    • Hundreds of printer models with weak password algorithms exposed, no firmware patch possible by Usama Jawad Many people don't think or care about it, but printer security is a pretty important avenue when it comes to evaluating your cybersecurity posture. Last month, it was found that the companion software for Procolored printers was distributing malware. Now, it has been revealed that hundreds of printer models all over the globe are susceptible to attacks targeting their admin credentials. Bleeping Computer has reported that CVE-2024-51978 is a one of the eight printer vulnerabilities recently discovered by security researchers. Combined, these allow authenticated and unauthenticated attackers to discover the default admin password, perform remote code execution (RCE), crash the printer, and leak other sensitive information. Severity ratings go from a score of 5.3 (medium) to 9.8 (critical), indicating that these are pretty severe vulnerabilities. The most dangerous vulnerability in there exposes the default admin password, and primarily affects Brother printers. This is because Brother utilizes a rather weak password generation algorithm that is highly dependent upon the device's serial number and a static salt table. Analysis of the code revealed that the first 16 characters of the serial number are appended with eight bytes from a static salt table, with the results being hashed with SHA256 and Base64-encoded. Finally, the first eight characters are then taken and some of them are replaced with special characters to form the password. The static nature of the password generation algorithm means that an attacker can chain various existing vulnerabilities to get access to your serial number and eventually your default admin password. It is important to note that not all printer models are affected by all of these flaws, but the default admin password exposure does affect 695 models. The breakdown for the number of printer model affected by the eight vulnerabilities is as follows: Brother: 689 Fujifilm: 46 Konica Minolta: 6 Ricoh: 5 Toshiba: 2 Brother has informed the security researchers that it cannot fully remediate the password generation vulnerability through a firmware patch. It can only fix the issue in its next printer models by patching the problem during the manufacturing process. This makes it crucial for customers of affected models to change their default admin password as soon as possible, which is good practice anyway.
  • Recent Achievements

    • Week One Done
      suprememobiles earned a badge
      Week One Done
    • Week One Done
      Marites earned a badge
      Week One Done
    • One Year In
      runge100 earned a badge
      One Year In
    • One Month Later
      runge100 earned a badge
      One Month Later
    • One Month Later
      jfam earned a badge
      One Month Later
  • Popular Contributors

    1. 1
      +primortal
      567
    2. 2
      +FloatingFatMan
      177
    3. 3
      ATLien_0
      169
    4. 4
      Michael Scrip
      127
    5. 5
      Xenon
      119
  • Tell a friend

    Love Neowin? Tell a friend!