Adrian Bridgett wrote:
> On Sun, Sep 23, 2007 at 12:46:09 -0400 (-0400), Andy Random wrot:
>> So if i have a corrupt/virus infested M$ Windows machine and I want
>> to recover data from it what do people suggest?
>
> I'd be tempted to suggest BartPE (though I've yet to actually build
> one that works (I only had SP1 to hand). http://www.nu2.nu/pebuilder/
>
> I've also used knoppix and the captive tools to do NTFS-RW to stop
> virus auto-starting. Normally though, I just reboot into safe mode
> and then run shedloads of AV tools (AVG, er another I've swapped to,
> spybot, adaware, autoruns, etc)
>
> Adrian
>
I just use my boiler-plate text (below) when asked by
strangers/acquaintances... Feel free to copy, modify and distribute :-)
It's no use to them though if they haven't backed-up their data. If
they lacked the forethought to backup their data then it shouldn't mean
you have to spend endless hours recovering their data for free. I tell
everyone I like to backup their data ;-).
People that are willing to help themselves are often grateful for the
advice since many infected PCs can't get online.
Simon
Windows Virus Infection Procedures
Once a Windows PC is infected with a virus or trojan software it's
sometimes hard to know when you have cleaned it up. Unfortunately it
seems you've had trouble doing that anyway, probably due to the
infection. This means that things like online banking passwords and
others could be captured and sent on to organised criminals to use and
abuse.
If it were my PC I would carry out the following in order;
1. Disconnect the PC from the Internet.
2. Do a clean fresh install of Windows and all the software using the
restore disks.
3. Install the Norton software.
4. Connect to the Internet and perform a Windows Update and download all
the latest updates to fix as many security holes as possible. You may
need to do this repeatedly after several reboots until it says there are
no more updates.
5. Install any additional software that you need.
6. I would then create a user account in Windows (via control panel-->
users) to use daily and downgrade that account type to a limited, or
normal user. By logging back on as this user you limit some of the
damage that can be done by viruses in the future.
7. Plug in any external disk drives or USB memory sticks and scan them
for viruses.
8. Copy any data back to the PC from the backups.
One other thing:
If you're using a USB type of broadband modem you may want swap to a
ethernet based router/modem and plug the PC into it via a network cable.
This gives an additional layer of security and can help prevent certain
types of attack. It also makes it harder to lose your Internet
connection should something go wrong with your PC. You should expect to
pay around £<CURRENT GOING PRICE> from an online shop such as <PUT
ONLINE RETAILER HERE> although your ISP may have some special offers
available.
<PUT CURRENT BEST ADSL FIREWALL ROUTER HERE>
<PUT PRODUCT URL HERE>
Hope this helps,
