Home »
General Computing
»
Maintenance and Backup
Comments
Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
Leo, since the reader mentioned a virus, wouldn't an image of the hard drive also capture that virus? How would anyone be protected if they're re-instating the virus whenever they restore from backup?
--zigg
Posted by: Ziggie at August 7, 2008 12:16 PMYes, a full system backup would also back up the viruses. However, so would just backing up a single infected file.
The idea here is to make sure that you didn't miss an important file before the wipe-and-reinstall, because after the wipe, you're not going to get anything that you missed.
Once the system is reinstalled, and an up-to-date antivirus and anti-spyware program are installed, they should pick up any infected files that you try to copy back. (In fact, if you back up to a writable media, such as an external HD, you can scan it before restoring anything.)
And, once you have everything that you need restored, and the system is "clean", you can do another full system backup at that point.
Posted by: Ken B at August 7, 2008 1:39 PMI'm confused - why can't a simple antivirus scan solve the problem? - Surely if the virus can be found and healed on the external hard drive back-up(or other media) before re-copying, then surely this can be done on the existing machine - Can someone please explain?
Posted by: Phil at August 8, 2008 2:10 AMWell, some people are of the opinion that "the only way to be sure you got rid of the infection is to reformat and reinstall".
Beyond that, however, is the fact that many infections actively target and disable the antivirus/antispyware/etc. programs. If your system is infected, you many not be able to run the program.
The typical end-user, and many technicians, simply don't have the tools and the experience to remove many of the really nasty programs out there.
Posted by: Ken B at August 8, 2008 8:21 AMZigg: you're absolutely correct, a full backup would also backup the virus infection. Note that I'm not suggesting that the machine be restored completely from that backup. The point is that the backup includes all the files on the machine, and as they're needed they can be extracted from the backup (and presumably virus scanned as well).
Phil: no, a simple anti-virus cannot be trusted to just fix the problem. The very definition of viruses and malware is that they go out of their way to be undetectable. In an absolute sense, once you've been infected by almost anything you've lost total control of your machine. You can run an anti-malware scan, but how do you know, I mean really know, that it caught and cleaned everything? You don't.
The closest any anti-malware scanner can ever get is: "we believe you're clear of everything we know about and everything that we could find". The corollary to that statement is that "you could still be infected by malware we don't know about, or that hid from us too well."
The reason that most people simply rely on anti-malware scanners to do the job is that most, but not all of the time even though there's no guarantee, it's enough. And it's generally impractical and very painful to reformat after every infection.
That's why prevention is so much less painful than the cure.
Thanks Ken B for your comments above as well; right on target.
-Leo
when i try to remove a virus i also go into
the registry and delete it from there, but
this is based on if i know what the virus is.
Leo you are right, as i have encountered trojans
that will change names as fast as i can find it.
Ive even found them in the system32-folder
deleted it from there only to find that it
was buried in the registry so much that even
i couldnt find it.
But like you this is what i do..but i don't
have your knowledge and i could spend days
searching for answers when there are none.
I look forward to your Email solutions.
Hi Leo
Isn't a simpler solution to move the files in question to the D drive and just reformat the C
drive? The files can be left there permanently as they are easily accessed and scanned for viruses with a "clean" anti-malware program.
Regards
Posted by: Colin Clements at August 15, 2008 10:26 AMI may be paranoid, but for a system rebuild I usually do a double back up. There is always a small chance that your backup will fail. [I have seen this a few times.]
[The first time I learned this was when a paper tape punch machine had a broken tooth on a gear resulting in an occasional irregularity in the hole spacing. More recently, I had a DVD burner that caused write errors in the last 10% of discs.]
Posted by: B at August 18, 2008 11:24 AMLeo,
You haven't mentioned the registry in this thread. When a hard drive is rebuilt from scratch, the new registry will be "clean". Why not restore the full image to a new folder, named something like "Restored from backup of Old Drive on MM-DD-YY". With the entire old folder structure under that one new folder, nothing in the registry will be pointing to those restored folders and files.
I then give myself a few months to "remember" what I forgot to restore into the new operational folders. If I haven't needed to recover anything for say, 6 months, I just delete that one folder and get all my disk space back.
By the way, the next time I run a full system scan, it finds the malware files in the "old" area and deletes them at that time.
I have a lot of respect for your thoughts on this Leo. If there is a flaw in my thinking here, please say so.
-Leo
Please help! I have a virus so I'm trying to back up my pc and get rid of the virus and then restore my files. The problem is when I try this I get an error message saying catastrophic failure (0x8000ffff), what should I do!!! HELP!!! Ken
Posted by: Ken at September 4, 2008 7:00 PM
Subscribe to the RSS Feed for comments on this article.
To post a comment on "How should I save files before reformatting my computer?", please return to that article's main page.