General > Chit-Chat

Recovering your Hard Drive from Disaster. What I now Know.

<< < (2/4) > >>

EdPellesC99:
  I think if your have a history of images over the last several months, you could guess a likely clean image to pick.
I don't have the time to re-build [Edit: NOT that you do], I was thinking I was about to chuck this whole hobby.....
THAT was why I was so excited to find out: there WAS the kind of help I needed (images).

I was hit also a couple years ago, then called "Antivirus 2009", same sort of thing.
In each case it happened while I was streaming a video. Or in the first case it said I needed to install a video player (this was at an official political party in the US). In that case I was able to Restore to a restore point from the day before.

I have read that often it is in a video codec or in the installation that the dwnld takes place, these malicious software downloads (which are much larger than the miniscule virus executables) are a horse of a different color.

This XP Repair also did that to my DeskTop, and StartUP, and my Quick Launch area of the taskbar.
I am really surprised they just don't plant a last program to go off if you don't link to their site and buy ..... and destroy all the files on your computer.

SideNote on recovering an image:

I recounted my recovery. I neglected to add these details:
I of course, putting my computer back together had re-installed Acronis, and just made an image. The image though I did not produce on an aux hard drive, but my primary partition of my primary drive (C:).

To recover, I just opened Acronis, and pointed to the image, Acronis then re-booted and then went into Acronis in the pre-windows state, it took 35 minutes and I guess the only thing that did not get erased and replaced was the Acronis software and the image(?) I really don't remember if the image was still present.... I moved on (deleted it if there) from then on making images to the aux drive.

Images on an external drive are the way to go though...... it amazed me that it could also work with an image on the computer hard drive.

My C: had only about 35 Gb on it at that point, and 35 minutes to recover was a bit fast as I was not slowed by the USB 2.0 connection to an aux drive.

Obviously the bigger the primary partition on your computer you imaged, the longer it would take.

For this reason Acronis advises ONLY software/and settings of course on you primary partition of your computer's hard drive...this in order to keep C:\ as small as possible, so images take up less storage space and are faster to recover from.
So I have Video/images on virtual drive F:, and software files All on  drive D:.

Of course I also have a "My Computer Backup" (=entire drive backup) image I keep updated for each of these virtual drives.

One last point is .....Once you make the initial image which on a 50 Gb of files C: could take 40 minutes, then next day you can do it again to the same image (called an incremental image) ..... so in my case the first image is called "C Drive Image.tib" (could be @ 30 Gb in size), the next day the new file will be "C Drive Image1.tib" it will take one minute to produce and will be small. The next day if I wanted to recover, I would choose the primary image, Acronis will ask if you want to restore to the snapshot taken initially, or to the snapshot taken the second day. If the second day, it will take all differences into account.

Edit:
I just did a fresh Initial Drive Image. Drive size = 16 Gb, size of image = @9.5 Gb, and it took under 10 min to an aux drive with a slow XP SP2 computer.
They say you should not go beyond Initial image and maybe 11 incrementals. So at that point you just redo making a new initial image.

Anyone that wants to play with this, just needs to get Acronis, make an image to an aux drive.
Then replace their primary drive with a brand new hard drive, and Recover your image.

This way you could prove it could be done without danger, and long before you have the panicked situation to deal with (without any experience).

OK I am off my soapbox !

Just know that the more time you invest customizing your computer, and installing all sorts of software with custom settings:
the more there is for a virus to destroy, and the more pain you will be in unless you prepare properly for the disaster.

I was running ZoneAlarm and MacAfee, both up to date, and using MalwareBytes now and then ..... and I was smacked down without a clue.

... Ed (I do suspect that XP is becoming more and more vulnerable, with the billions of new eager users in the last few yrs)

....Ed

Bitbeisser:
McAfee AV is carp, better try AVast! instead, saves you money too.
Getting stung twice by the same scam is tough, but with a little  bit of common sense it takes just a few minutes to get rid off that malware without all those imaging hassle. And it won't do you any good if you ever change any significant part of your hardware, for example a new video card with a different chipset. You will have more hassle to try an get your previous image running than by getting rid of the malware in situ...
But common sense is still the best way to go (I have myself not caught a virus in +20 years that that shyt is around) and when you got hit repeatedly, start using a sandbox (like www.sandboxie.com) when engaging in activities that you think got you the malware...

Ralf

EdPellesC99:
Tx Ralf,

  I may look into Sandboxie....

  I am now using Kaspersky, but in the beginning it was driving me nuts calling programs I wrote Trojan infected and deleting them !  I had to disable many features.

  I may not convince anyone else to backup using Drive Images, but no one will convince me it is not worth doing !  :)
...  Ed

CommonTater:
Yes it is worth doing... But only on a fresh clean install... I wouldn't want to use an image made months after a system goes into regular use, for the simple fear (already stated) that some viruses do lay dormant and may get into an image.

For the problem of programs being tagged as trojans and viruses... Are  you including manefests in your program's resources.  Often that will get you around the windows 7 UAC and many virus scanners.  Simply add the example below (with appropriate edits for program name and version of course)....


--- Code: ---
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity type="win32"
                    name="AutoLogon"
                    version="1.0.0.0"
                    processorArchitecture="X86" />
  <description>
    Auto logon tool
  </description>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32"
                        name="Microsoft.Windows.Common-Controls"
                        version="6.0.0.0"
                        processorArchitecture="X86"
                        publicKeyToken="6595b64144ccf1df"
                        language="*" />
    </dependentAssembly>
  </dependency>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel  level="asInvoker"
                                  uiAccess="false" />
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>

--- End code ---

EdPellesC99:
Thanks much Tater,

  I will have to explore this in a few days,

appreciate it .........Ed

Navigation

[0] Message Index

[#] Next page

[*] Previous page