Metspitzer said:
Sorry, I don't have the names of any of the infected files. I should
have taken screenshots.
After doing a system restore, I am getting no reports of infection.
What I wanted to do was back up the image I was storing on a separate
disk, but I didn't find an option to do that. If I find out that
there is still a problem, I plan to search for "image restore" and try
that.
Thanks
You can make a System Image. And store that on a separate drive.
That's what I do for my laptop.
If you can't find the control panel to do that, try things like this.
The first one should bring up a control panel. The second one
is for selecting where to store the image. Something like that.
sdclt /configure
sdclt /configure /target
System Restore points, do record some things, but System Restore
is not the same thing as a System Image. A System Image captures
the entire C: and SYSTEM RESERVED partitions for you, if you set it
up that way.
And Macrium Reflect Free does much the same thing. Both methods
use VSS to record the partitions.
In both cases, you need to boot the computer with separate media,
during the restoration step. So if I was restoring from Macrium Reflect
Free, I'd boot the Macrium recovery CD. If restoring from System Image,
I boot the Windows installer DVD (or, boot the recovery CD which you
can make in the same control panel as the "Making a System Image" thing).
I've used the System Image on my Windows 7 laptop, to successfully rescue
me a couple times. Once, the system wouldn't boot, and the automatic
repair tried three times to fix it and it couldn't. I booted the
CD I'd made (which gets you to a point where you can access the
System Image for recovery), and that overwrites the contents of
C: and SYSTEM RESERVED partitions.
Just make sure, when you set up the backup operation, to back up
whatever is needed to boot the computer. If you have a single
partition install (C: only), then that's all you need. If you
have a two partition install, like my Acer laptop came with
(C: and SYSTEM RESERVED), then you include both of those in
your System Image. My C: is 26GB, and my SYSTEM RESERVED is 0.1GB.
The SYSTEM RESERVED just contains a few boot files.
If you look in the backup folder, you should find two .vhd files,
which are images of the partitions. In an emergency, those images
can even be mounted on another computer, as if they were disk
drives. So they're complete partition copies. In fact, I use
those backup files from the laptop, in Virtual PC, as data disks,
when I want to look at the contents of my laptop for reference
purposes.
*******
In addition to MalwareBytes, you can download this CD and use it
to scan your Windows 7 computer. This is termed an "offline" scan,
as the boot CD is actually a Linux CD with a Windows AV scanner
loaded in it. I consider it to be pretty thorough, as it looks
inside any archive files it can find. (It can't open
password-protected archives.) The last time I looked, the
download was around 237MB. In the interface, you tick the tick
boxes of the partitions you want tested. For the C: on my
current computer (about 40GB of files), a run takes around
2 hours. The CD has a web browser, so you can web browse
while the AV scan on C: is running.
http://support.kaspersky.com/8092
HTH,
Paul
