Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

twex.exe & others - Malware Storm - Please Help


  • This topic is locked This topic is locked
3 replies to this topic

#1 pygmalion7

pygmalion7

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 04 February 2009 - 06:36 PM

I've struggled for three days now to try and remove a variety of viruses, trojans, worms and malware from my pc and have finally realised I need assistance. I hope if I can get help to clean my pc here, this might be useful to someone in a similar fix.

The particular problems I am facing seem extreme to say the least, and someone may have some insight as to what is actually happening with my computer system and my immediate ISP network.

About me:
I have worked in IT for years, and whenever my system was slow I had no problem backing up my data and doing a full system rebuild and data restore. Recently, just before christmas I built and imaged 10 pc's from bare metal with xp pro and various apps / drivers etc. I thought I'd seen a lot in IT, but - Fighting virus infestation that persists even after a hard drive format is new to me!

THIS CASE started three days ago. I was innocently looking for movie previews of the new movie Valkyrie when I came across a site that seemed to have it. I needed to download a codec named tubes.exe or something for this to run or so it claimed. I was initiallty dubious, but allowed stupidity to get the better of me and downloaded it. After double clicking my worst fears were realised - no movie preview and after a couple of minutes, loads of Fake-Alerts telling me to buy a malware-2009 package.

"What an idiot!", I thought "but not the end of the world!", - I then downloaded the following tools to try and sort this out:
Malwarebytes' Anti-Malware 1.33 / Spybot S&D v1.6.2 / Spyware Blaster v4.1 / SDFix v1.240 / Avira / & Combofix
To start with - the initial problem was sorted, but the tools were telling me I had more and more problems with each scan.
Finally I decided to format the hard drive and start from scratch. I used a usb pen and spare sata drive to hold the data, then scanned them to make sure they were clean.
I then did an Xp pro (sp3) Op/System- cd reboot, and deleted the hard drive partition - created a new (single full disk) partition and did a (FULL) not a (QUICK) format. I Used my "clean" usb pen to install the chipset - video - audio and nic drivers. Everything seemed ok! Just to make sure, I used Avira to create a bootable cd and even ran a boot sector check. All clear - (NOT)

With a clean build of XP pro (SP3) on the system I connected the network cable to the pc.
I ran Internet explorer. After about three seconds it blinked and closed down. Thinking this was just a silly glitch, I ran it again. Same thing. IE - closed after about three seconds. Then, my whole desktop blinked and the taskbar turned from blue to pitch black, and all open windows surrounds turned black making the window controls invisible.
Surely It could not already be infected! - It seemed so. (see attachment for taskbar appearance)

With the last three consecutive (bare metal) rebuilds; malwware infection occurs within seconds of connecting the ethernet cable to my ADSL router. There have been many infections, but the first one always seems to be - "twex.exe".
I have sat through hours of Spybot S&D scans, and Malwarebytes' Anti-Malware scans. Each time discovering new threats reappearing after the next reboot. SDFix seemed promising and Combofix seemed to have cleaned things up despite me having to reset winsock to restore network. But all tools repeatedly report infections that seem to be constantly changing.

An example from Malwarebytes' Anti-Malware 1.33 - reports ..
Files Infected:
C:\WINDOWS\temp\msb.dll (Trojan.Opachki) -> Delete on reboot.
C:\WINDOWS\system32\autochk.dll (Trojan.Opachki) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\protect.dll (Trojan.Opachki) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\protect.dll (Trojan.Opachki) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\twex.exe (Backdoor.Bot) -> Delete on reboot.

I just want to run a scan with any of my malware tools and have a clean machine. The full rebuild with all apps will take hours so without a "clean" system to start from there is no point until this gets sorted.

Does anyone have experience of repeated infections to freshly built (bare metal) systems within seconds of connecting to the internet? and what is my best approach now to sort this out?

It was as if my pc were under some kind of vigilant malware attack. I even tried a nic card to change the mac address but no change. I have spoken to my ISP about this and they are willing to refer me to the network abuse dept, but I'm still not convinced this is the result of a "rogue" malware server out there.

Many thanks - If someone out there could shed some light on a way out of this mess, I could sure do with a hand :-)
the attach.txt file and a snapshot of the "black" taskbar are included. PS - the black taskbar goes away after a reboot, but as it occurs as the start of all infections to a clean machine, it may jog someone's memory.

@@@@@@@@@@@@@@@@@
DDS REPORT
@@@@@@@@@@@@@@@@@

DDS (Ver_09-02-01.01) - NTFSx86
Run by Admin at 22:03:06.60 on 04/02/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3319.2856 [GMT 0:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\NETGEAR GA311 Adapter\GA311.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
svchost.exe C:\WINDOWS\TEMP\VRT1.tmp
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kontiki\KService.exe
svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Admin\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uInternet Connection Wizard,ShellNext = hxxp://bontrafic.org/s/in.cgi?5&key=pin+debit+card
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\documents and settings\admin\wucg.exe \s,c:\windows\system32\twex.exe,
uRun: [kdx] c:\program files\KHost.exe -all
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ga311s~1.lnk - c:\program files\netgear ga311 adapter\GA311.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admin\applic~1\mozilla\firefox\profiles\aejqz69u.default\

============= SERVICES / DRIVERS ===============

R0 qnnascmj;qnnascmj;c:\windows\system32\drivers\qnnascmj.sys [2009-2-4 33920]
R2 LANPkt;Realtek LANPkt Protocol;c:\windows\system32\drivers\LANPkt.sys [2003-9-17 8440]
R3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [2003-8-15 11237]
S1 ethgelpf;ethgelpf;c:\windows\system32\drivers\ethgelpf.sys [2009-2-4 138016]

=============== Created Last 30 ================

2009-02-04 20:01 33,920 a------- c:\windows\system32\drivers\qnnascmj.sys
2009-02-04 19:55 <DIR> --d----- c:\program files\Kontiki
2009-02-04 19:55 <DIR> --d----- C:\logs3
2009-02-04 19:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kontiki
2009-02-04 19:55 <DIR> --d----- c:\windows\Downloaded Installations
2009-02-04 19:54 410,984 a------- c:\windows\system32\deploytk.dll
2009-02-04 19:54 73,728 a------- c:\windows\system32\javacpl.cpl
2009-02-04 19:31 32,768 a---h--- c:\documents and settings\admin\wucg.exe
2009-02-04 19:24 32,768 a---h--- c:\documents and settings\admin\cxydh.exe
2009-02-04 19:23 32,768 a---h--- c:\documents and settings\admin\mmtts.exe
2009-02-04 19:23 66,560 ----h--- c:\windows\system32\secupdat.dat
2009-02-04 19:23 138,016 a------- c:\windows\system32\drivers\ethgelpf.sys
2009-02-04 18:25 <DIR> --d----- c:\docume~1\admin\applic~1\Malwarebytes
2009-02-04 18:25 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-02-04 18:25 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-04 18:25 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-02-04 18:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-02-04 18:11 <DIR> a-dshr-- C:\cmdcons
2009-02-04 18:02 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2009-02-04 17:45 179,712 a------- c:\windows\SWREG.exe
2009-02-04 17:45 116,224 a------- c:\windows\sed.exe
2009-02-04 17:44 172,032 a------- c:\windows\system32\igfxres.dll
2009-02-04 17:42 <DIR> --d----- c:\program files\NETGEAR GA311 Adapter
2009-02-04 17:41 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{B7A015B7-4802-4678-8CEC-700380BA9AFD}
2009-02-04 17:39 553 a------- c:\windows\USetup.iss
2009-02-04 17:38 <DIR> --d----- c:\program files\Realtek
2009-02-04 17:37 <DIR> --d----- c:\windows\system32\ReinstallBackups
2009-02-04 17:37 53,248 a------- c:\windows\system32\CSVer.dll
2009-02-04 17:37 <DIR> --d----- C:\Intel
2009-02-04 17:35 <DIR> --d----- C:\Data
2009-02-04 17:34 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys
2009-02-04 17:33 <DIR> --d----- c:\documents and settings\Admin
2009-02-04 17:33 <DIR> --ds---- c:\windows\system32\Microsoft
2009-02-04 17:33 8,192 a------- c:\windows\REGLOCS.OLD
2009-02-04 17:30 1,158,818 ac------ c:\windows\system32\dllcache\korwbrkr.lex
2009-02-04 17:29 184,435 ac------ c:\windows\system32\dllcache\fp4amsft.dll
2009-02-04 17:28 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-02-04 17:28 488 a---hr-- c:\windows\system32\WindowsLogon.manifest
2009-02-04 17:28 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-02-04 17:27 <DIR> --d----- c:\program files\common files\MSSoap
2009-02-04 17:26 <DIR> --d----- c:\program files\Online Services
2009-02-04 17:26 <DIR> --d----- c:\program files\Messenger
2009-02-04 17:26 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-02-04 17:25 <DIR> --d----- c:\program files\Windows NT
2009-02-04 17:19 <DIR> --d----- c:\program files\common files\ODBC
2009-02-04 17:19 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-02-04 17:19 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-02-04 17:38 335,872 a------- c:\windows\HideWin.exe
2009-02-04 17:29 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-02-04 17:26 21,640 a------- c:\windows\system32\emptyregdb.dat

============= FINISH: 22:04:01.75 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:12:20 PM

Posted 11 February 2009 - 06:40 AM

Please download Malwarebytes' Anti-Malware from HERE or HERE

Note: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.




NEXT


Please download RSIT by random/random and save it to your Desktop.
  • Double click on RSIT.exe to run RSIT
  • Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.



NEXT


Please download GMER and unzip it to your Desktop.
  • Open the program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.


Post me these logs in your next reply.. Post each log in separate post..

1. Malwarebytes'
2. RSIT log.txt
3. RSIT info.txt
4. Attach GMER result..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 pygmalion7

pygmalion7
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 15 February 2009 - 01:23 PM

9TYPHON9

I resolved this problem by rebuilding my PC. Thank you for responding to my call for help.
I have attached a more readable pdf file of this information.

This information was first drafted on Monday 16th February 2009.
Tired of repeated Malware Infections? Create a "PC (Backup & Recovery) RIG", and return your machine to a Pristine 'Clean' State in less than 1 hour
This is incomplete and miscellaneous information about how to rebuild your PC from scratch, and be able to revert to this ‘clean’ build state, whenever you want to. The author has written down most of this experience here.

Following a mistake, his PC was infected with Malware similar to "XP Antispyware 2009". In a few hours it was almost unusable, with PC Protection packages reporting multiple infections. Over the next few days he tried repeatedly to rebuild it from scratch, but it kept getting infected.

The author finally managed to rebuild it to a clean fully functional state. Having achieved this, he backed it up using a “Full PC Backup Imaging Solution”. He now uses 4 different PC protection applications. Now if it gets another infection; he can recover it to a ‘clean backup image’ in less than 1 hour. It is hard to overstate the benefit of this in a climate where Spyware, Malware, Trojans and Virus problems seem to be on the increase.

This information is for anyone who wants to read about rebuilding their PC, and recovering it from a clean backup image.

The process of creating a means to recover your PC to a ‘clean backup image’ in less than 1 hour, involves at least a two day preparation.
Create a PC Backup & Recovery ‘RIG’ [1 day]
Create a clean build of your PC (Ideally in 4 stages) [1 day]
While creating the clean PC Build in 4 stages, backup each stage as you go, using the PC Backup & Recovery ‘RIG

You should only attempt this process if you have the necessary resources, and have successfully rebuilt a PC from scratch before. WARNING !!! - The information contained here is incomplete, but should hopefully be completed in time; from reader contributions. This is a lot of reading material and there is a lot of information and ideas to absorb. Anyone wanting to create their own PC Backup and Recovery solution, using this information in whole or in part; should read all this text from beginning to end.
A strategy based approach to preparing your pc from scratch, in response to repeated, chronic, and overwhelming malware infection.
At the time of writing this, the idea of completely rebuilding a PC due to a chronic malware or virus infection may be considered extreme. Having said this, Trojans and viruses are becoming increasingly sophisticated in their propagation strategies, and harder to completely eradicate.

In an environment where threats to the security and proper function of your PC are increasing in number, stealth, and sophistication; changing your protection strategy to one that relies on reverting your PC to a ‘clean’ and ‘known’ state; may not be a bad idea.
!!!! WARNING - WARNING - WARNING - WARNING - WARNING !!!!
Rebuilding your pc from scratch requires more knowledge and work than is detailed here or (probably) any other single place. DONT WIPE YOUR PC IN PREPARATIOPN FOR A REBUILD UNLESS YOU KNOW EXACTLY WHAT YOU ARE DOING.
It is your responsibility to decide whether to use information here or look elsewhere to resolve your issue(s).

The information in this guide will suit people who are comfortable wiping a pc and re-installing the operating system and applications from scratch. Due to the backup steps recommended through this guide, it is advised you don't attempt this unless you have two computers. One of them needs to be 'clean' and have a live internet connection. The other one is your 'dirty' system in need of a complete clean rebuild! You also need a 'quality' USB flash drive (preferably over 2GB capacity), and a switch or hub to connect the two PC units at a transfer rate of 100Mb/s or above. You should also have a CD-DVD burner unit that is less than three years old, with preferably dual layer ability, and a few blank CD-R/RW and DVD-R/RW discs.

If you are not sufficiently experienced; rebuilding your PC using guidance from information here might involve a steep learning curve; and potentially lead to a broken and inoperable PC.

Whether you are confident about your skill level or not, please make sure you read through all this material and have made ALL necessary preparations BEFORE you begin. Only proceed when you are confident of completing all the stages. As stated at the beginning, this guide is missing some key technical information, which will hopefully be added in time.

This is for anyone who is prepared to take the drastic step of wiping their PC hard disk and rebuilding it from scratch. If your pc has suffered overwhelming malware infestation and your efforts with a range of tools has not prevented further infection, then doing a fresh 'virgin' build, using good methods is not a bad approach to making a Fresh Clean Start.

Since following the actions detailed below...
~The author is temporarily using an additional data hard drive in his pc chassis.
~This was running as an emergency (large capacity) - 'piggy backed' data storage hard drive in the infected PC for several days.
~This hard drive acted as a 'life raft', to preserve precious data while the primary operating system hard drive became more and more infected.
~The secondary data 'rescue' hard drive subsequently became infected, but it's 32Gigs of data are irreplaceable for now.
~For a few hours, any new virus outbreaks on the fresh 'virgin' PC originated from this 'dirty' data backup hard drive.
~All measures he took to clean up the virus outbreaks from this drive resulted in 100% clean reports, but he felt something on the drive wasn't 'clean'.
~He noted some outbreaks originated from the drive's 'System Volume Information' folder. None of the tools were able to clean this.
~He finally sorted this by booting up the machine using BARTPE on a bootable USB drive and using the File Management Utility to delete it. (Further details about BARTPE can be found later on, in this material.)
~He knows living with 'the enemy' is not desirable, but for a time at least it is necessary, and he is now confident the second hard drive is finally 'clean'.
~The one benefit of potentially dirty data being on a separate hard drive is, it can be 'disconnected' while he restores the system back to its pristine state.
00: 00: STRATEGY: (Do NOT deviate from this!)
At the end of this section you will have considered an approach to preparing the 'Re Build' of your PC from scratch

If you’re re-built computer is coming under malware attack as soon as you connect to the internet,
there is a good chance, one or more of the resources you used to "re-build" your pc has been
compromised and is either infected or 'modified' in some way.

The best defence against this is three fold...

1 - Obtain all pc preparation media from original sources whenever possible i.e. - original Microsoft XP pro - media pack CD
2 - Where it is necessary to download utilities, applications and service packs etc, always download directly from original solution provider websites.
Sometimes original solution provider websites, use third party sites to host their downloads.
If any of the featured download links in this material do not work, obtain fresh download locations from the original solution provider websites.
3 - Use a 'clean' pc to do all preparation and download work on.
'Clean', means a pc that reports a 100% clean status from several PC Protection Applications.

Feel free to use your own trusted set of protection utilities. The important point here is to use several tools for confirming a 'CLEAN' state.

At the time of completing this guide (16th February 2009), the author has used and can recommend these free applications...

CC Cleaner - Version 2.16.830
http://www.filehippo.com/download_ccleaner/

Malwarebytes' Anti-Malware - Version: 1.33
http://www.malwarebytes.org/mbam.php

Spybot - Search & Destroy - Version 1.6.2
http://www.safer-networking.org/en/download/index.html

AVG Anti-Virus Free Edition - Version 8.0.233
http://www.download.com/AVG-Anti-Virus-Fre...4-10320142.html


If you deviate even slightly from this (or an equivalent) scheme; you run the risk of tainting your fresh build with an 'undesirable’ agent.
If you’re fresh built PC gets tainted during the preparation stages:-
There is a good chance it will be overwhelmed with malware infections within hours of re-connecting to the internet.

This three fold - 'New PC Build' protection strategy is painstaking, but saves valuable time in the long run.

!!!! WARNING - WARNING - WARNING - WARNING - WARNING !!!!
The four PC Protection applications listed above ‘seemed’ to be effective at the time they were used. As the strategies and methods used by Malware constantly change and evolve, it is important to regularly review and amend your choice of 'trusted' protection applications.
'DIRTY' BUILD: (if you only have access to a 'tainted' machine)
Ideally you should do all your preparation work on a pc that is reported clean by CC Cleaner, AVG & Spybot & MalwareBytes AntiMalware, scans & fixes. There is the slightest chance you might get away with doing all the necessary prep work on an infected machine. If an infected machine is all you have available to you, at least try to clean it up first using the 4 Free Apps listed above. If you are doing all your work with only 1 machine available, you will need to do all your preparation work in advance, and change or abandon tasks like the Full PC Image Backup.
01: 00: Completely Wipe Your PC Hard Drive
At the end of this section you will have completely erased your PC's hard drive of all its data, partitions and boot sector.

Resources: 1 clean pc with a CD burner unit / Nero burning ROM (any CD burning package is fine) / 1 rewritable CD-R/RW disc media. Nero Burning Rom. If you don’t have an old copy of Nero, you may prefer to use a different package to do your disc burning.

Nero version 9 is available as a 'trial' download for which you need to provide your e-mail address to receive a 'trial' key
http://www.nero.com/eng/downloads-nero9-trial.php

For Nero9 to work, you also need Microsoft .NET Framework v3.0
http://www.microsoft.com/downloads/details...;displaylang=en

It is recommended you low level format your PC's hard drive before Re-Installing the operating system. You should only use a utility for this that has been provided directly from the Hard Drive Manufacturer's website.

WARNING - A hard drive utility can render your hard drive useless. Please use with extreme caution!
@@@@@ ***Don’t use a hard drive utility not provided by the manufacturer of your hard drive.*** @@@@@

As a rule of thumb - crack your pc case and identify your hard drive manufacturer and model number and type. Use the internet and locate an appropriate utility that is specific for your hard drive. This might be in the form of an 'ISO' file download. ISO files require a utility like Nero Burning ROM, to create a CD disc. Sometimes the manufacturer will provide the utility download in the form of an exe file with its own CD-R/RW burning ability. The resulting CD disc can then be used to boot your PC. You may need to make a change to your PC's BIOS settings if your PC fails to boot from the utility CD.

The author's PC has an 80GB Seagate Barracuda hard drive.
He downloaded a hard drive utility called SeaTools for DOS, which is an ISO CD image, from the Seagate website.
About "SeaTools" for DOS (website excerpt)
SeaTools for DOS has replaced SeaTools Desktop and PowerMax. SeaTools for DOS can test Seagate or Maxtor Parallel ATA (PATA and IDE) and Serial ATA (SATA) interface disc drives. Because the software boots to its own operating system you can test your drive regardless of the OS installed on it. You can even test a new or completely blank drive. SeaTools for DOS will instruct the drive to run its built in Drive Self Test (DST) and give either a pass or fail status. If you are troubleshooting your disc drive and the DST passes, then you have a good drive!"
Seagate Seatools: http://www.seagate.com/www/en-us/support/downloads/seatools
Download Registration Form: http://download.seagate.com/seatools/regis...sf/eula/desktop
Download Page: http://www.seagate.com/www/en-us/support/d...ols/seatooldreg
To get this utility, the author provided Seagate's download webpage with (his e-mail address) & (operating system selection - DOS) only!!
Don't be put off by the desktop version information at the top of the registration information form page!
Go to the 'Download Page' link first if you can. If this does not work,
Go through their registration using the - 'Download Reg Form Page' link.

When you get to the download page select the suitable link from the table...
SeaTools for DOS Version - v2.13b (Graphical) - ISO CD-ROM Image - English - EN
The resulting download file should be called - "SeaToolsDOS213bEURO.ISO"

He used Nero Burning Rom to create the bootable CD-R/RW CD Disc from the downloaded ISO file.

!!!! WARNING - WARNING - WARNING - WARNING - WARNING !!!!
Incorrect use of a hard drive utility tool can render your hard drive useless.
Be completely sure about what you are doing before doing anything with it.

He rebooted the pc with the prepared CD Disc. He then used the utility to low-level format the hard drive.
This removed all data, partition, and boot sector information!

If you have got this far; CONGRATULATIONS - your hard drive is now blank.
02: 00: Preparing Your SP3 SlipStreamed O/S CD
At the end of this section you will have (hopefully) been able to slipstream your Standard XP Professional Operating System CD to Service Pack 3.

Why SP3 and Why slipstream it? Simply to save time. Installing an operating system to a blank hard drive manually, is tedious enough; to then have to sit through a service pack installation, is adding insult to injury. Solution: Service Pack3 your XP installation in advance (this is called SlipStreaming), then burn it to a bootable CD-R/RW Disc. Install your Operating system and it's already service packed to SP3. Result!

Resources:
1 'clean' operational PC with a CD burner unit
1 Nero burning ROM (any CD burning package is fine, but the instructions use this)
1 rewritable CD-R/RW disc media
1 Media Pack CD for Microsoft Windows XP Professional
(Base edition, SP1 or SP2 versions of the XP Media Pack CD are fine)

If you don't have an original Microsoft Media CD for XP Professional SP3, you can create your own.
If you have an early XP Pro Media CD and not a 'new' SP3 Media CD for XP Pro - you can prepare yourself one at near zero cost.

Don't use a PC manufacturer provided operating system CD such as offered by Dell or HP. These are no good for SlipStreaming!!

Obtain Microsoft Windows XP - Service Pack3 from the Microsoft website.
http://www.microsoft.com/downloads/details...;displaylang=en

Slip stream the service pack with the media CD and create your pre-service packed XP Pro CD.

This website has a brilliant instruction set on how to do this. The author followed it and was successful at the first attempt.
TITLE: Slipstreaming Windows XP Service Pack 3 and Create Bootable CD
http://www.helpwithwindows.com/WindowsXP/S...ice_Pack_3.html
(if you find the link is broken, contact the author for the information)

If you have got this far CONGRATULATIONS - you are now ready to install your operating system.
03: 00: New 'Fully Operational' PC Build - Stage1
At the end of this section, you will have a working, clean PC with just the operating system and hardware drivers installed.

This stage assumes you are comfortable installing an operating system onto a blank hard drive.
Resources:
1 XP Professional-SP3 'Slip Streamed' CD Disc
1 full set of (recently downloaded) hardware drivers for your PC from the original manufacturer website (chipset / graphics / audio card / network card etc)

This is where having a PC made by a major manufacturer really pays dividends. The author downloaded all PC drivers speedily from the HP website. They were all available and easy to find, even though his PC is now over 24 months old. Some of the drivers had been updated as late as December 2008. It is worth while paying more at the outset with a 'brand name' unit because of the enhanced hardware driver support that is usually available after purchase. If your PC manufacturer does not have their own website with all necessary drivers on it, you should not be doing this! Prior to creating a 'New Build' for your PC, always obtain the latest available hardware drivers from your PC Manufacturers website. Make sure the drivers are for the Operating System you are installing. For example, It is quite easy to download Vista Drivers instead of XP ones. Never Never pay for your Hardware Driver downloads!

!!!! WARNING - WARNING - WARNING - WARNING - WARNING !!!!
It is not unknown for Operating System Service Pack, and (or) Software Updates to experience problems with certain hardware, whether it's your chipset, network card, graphics card, audio card or anything else. If you go ahead with a New Build without manufacturer (Hardware Driver Update), support, you may find something stops working. The worst case scenario is the BSOD 'Blue Screen Of Death', when XP crashes on start-up, due to a hardware driver conflict. This warning may sound extreme, but NEVER assume your operating system, software, or even hardware, that worked before; will continue to work after you have done a rebuild! Resolving problems like this are not covered here.

So far, your time investment in preparing your 'New Build' Fully operational PC is around 1 hour. The strategy of this exercise is to 'snapshot image' or 'fully back up', your PC's 'New Build' at four key stages. You are starting Phase 1. Let's call this phase your 'Stage1 Build'. For an explanation of completing your PC Build in 4 stages, see section - "6.03 - The 4 PC Build Stages", later on in this material.

It is worth thinking about your Hard Drive Partitioning Scheme.

Systems with more than one hard drive:
If your system has more than one hard drive, you could consider whether you really need the second hard drive at this stage. If you have organised your hard drives as a RAID pair, then this is your preference, but if not, it is easy to disconnect your secondary hard drive and reconnect it when you have completed all four stages of your build, and you are completely happy with the end result.

Systems with one hard drive:
This guide assumes your hard drive is 80 GB or larger. If your hard drive is smaller than 80 GB, this is an ideal point to upgrade it. Hard drives are fairly inexpensive. IDE drives might still be available, but SATA drives are now dominant. After a quick check online - 80 GB drives are under £30 and 500 GB drives are under £60. If your PC chassis has capacity for a second hard drive, you could consider making preparation for running a second hard drive in case of an emergency. The author managed to 'rescue' all his data before his PC was overwhelmed, by deploying a second hard drive into the PC chassis.
If you do this; bear in mind you may need to purchase a power splitter/extender, and a SATA lead. An available SATA data port and your PC's power supply rating should also be considered. It is not a bad idea to keep a large capacity hard drive on standby in your pc chassis, for data backup purposes; given that people's valued data-sets can easily exceed 100 GB these days.

This guide assumes you know what to do if your hard drive is connected to a Controller card to provide SAS / SCSI / SATA and (or) RAID.

Assuming your hard drive capacity is 80 GB or over, the following partitioning scheme is recommended:
Partition 1 - 20 GB (system) / Partition 2 - (the remaining available capacity) (data)

If your hard drive is over 80 GB, you can be more generous with partition 1, but 20 GB should be plenty.
A wiped hard drive should have no partitions on it at all. Ensure your partitions are numbered 1 and 2 as above.
If you mess things up, delete them and start again with no partitions, setting them up again as above.

After the Operating System is on; install your hardware drivers. Recommended order is as follows:
(Chipset / graphics / audio card / network) Reboot, and then install any other drivers you may need.

After all drivers are installed, confirm everything is working as expected by checking device manager has not flagged anything as unrecognized.

If you have got this far; CONGRATULATIONS - you have completed Stage 1 of your new PC Build and are now ready to check your 'base' system is 'clean'.
04 : 00: Base operating system 'clean' check
At the end of this section, your clean base 'Stage1 Build' will have been scanned for any viruses or malware, including a low level boot sector scan.

It can be worth the effort to ensure your work to prepare a ‘clean’ PC Build is not compromised along the way by missing anything out. This includes doing a check on it immediately after installing the Operating System. There are plenty of virus and malware scanning tools out there, but there don't seem to be many that do a DOS like (system) boot sector check outside of the Operating System. There is just the chance your slip streamed Operating System build CD had an infected file when you made it. This section ensures there is nothing lurking among your hard drive system files, or on your hard drive's boot sector.

Resources:
1 'clean' operational PC with CD burner unit
1 rewritable CD-RW disc media (you should use a factory fresh blank or quick/full erased CD-RW Disc!)
1 Nero burning ROM (any CD burning package is fine) (only needed if you are preparing an Anti Virus / Scan - boot CD from the ISO image version)

This FREE! Linux (DOS-like) tool, boots off a CD and allows you to do a boot sector and/or complete system virus scan/repair. Although especially useful if your infected and subsequently broken machine won't boot; this is nifty for checking your system is really 'clean' (i.e. - boot sector check) straight after a fresh install.

Please note - at the time of writing, this tool was available as a 'raw' ISO file download, requiring Nero burning ROM (or any similar software), to make the bootable CD. It was also available as an exe file download, with the CD-R/RW writing software built in. Both download links are listed below. It's not clear why they have done this, and the resultant CD’s seemed similar (though this has not been fully checked). The exe is probably the one to go for, despite the fact you can only see its definition update version when you actually Boot Up with the CD it prepares. Again, a puzzling anomaly. There is some other cool free stuff, so those links are listed tool!

Cool Free stuff - http://www.free-av.com/en/products/index.html

Avira AntiVir Rescue System - (exe) - http://www.free-av.com/en/tools/12/avira_a...cue_system.html
(The version date of this utility does not appear on the download page - but you do see it when you boot with it - Odd!)

Click the 'Avira AntiVir Rescue System' link on the page. The version date of this utility (usefully) appears on the page.
Avira AntiVir Rescue System - (ISO) - http://www.avira.com/en/support/support_downloads.html

On booting your system with the created CD-RW Disc, you select English (flag icon). You can then set up the scan for boot sector / smart / or full system. Don't know what the smart option does, but the full scan is good!

A clean result here should give you the confidence that your base Operating System only PC is 'clean' at the outset.

If you have got this far, CONGRATULATIONS. Your base system PC is clean and you are ready to back it up as a restorable image.
05: 00: Full PC Backup Imaging Applications
At the end of this section you will (hopefully) know more about Full PC Backup Imaging, and be in a position to choose a product solution that suits you.

You might be wandering, "What is PC Backup Imaging?" This is a procedure whereby the entire contents of your PC hard drive are copied and deposited into an 'image' file as a 'backup'. This backup can then be 'restored' in the event of a system crash, virus infestation, or simply because you want to.

The technology to create a Full PC Backup Image has been around for more than 12 years. It was once the preserve of IT departments who used the power of this solution to 'clone' PC systems for duplication across, multiple (sometimes hundreds of), PC systems. The efficiency of this approach has led to several PC cloning technology innovations. In environments where there are a range of PC systems with different specifications, different hardware components, and different hard disk sizes; the task of creating PC builds that are generally applicable, can become a complex one. There is also the issue of providing PC Builds with different software application sets on them for different department specialities. This may in part explain why the Full PC Backup Image application is not yet as commonplace as the Anti Virus application. Even with compression set to maximum, a Fully Operational PC Backup Image file, with all its application software onboard, can easily exceed 5 GB. The logistics of handling file-sets of this size require large capacity hard drives. Though Full PC Backup Imaging, can be used to clone one hard drive partition, and deposit the image file onto a different partition, on the same hard drive; a typical scenario involves depositing this image onto a different physical hard drive. If this different hard drive is on another PC altogether, this involves some preparation in advance and some form of network. Transfer of 5 GB PC Backup Image files makes it necessary to use faster network cards and switches of at least 100Mb/s. With these various factors in mind, it is perhaps not surprising that Full PC Backup Imaging Software is still generally the preserve of 'Techies'.

Full PC Backup Imaging Software is available today at reasonable cost. There is information on five applications below. This is from an article on PC Magazine's website, titled - "Drive-Imaging: Beyond Backup", dated 12th Feb 2008. Some of the vendor application versions have since been upgraded.

Header article "Drive-Imaging: Beyond Backup"
http://www.pcmag.com/article2/0,2817,2259200,00.asp

Acronis True Image 11
Review: http://www.pcmag.com/article2/0,2817,2257164,00.asp
Vendor: http://www.acronisstore.com/?gclid=CISJtv2...CFQFhQgodVT5Ncw

DriveImage XML
Review: http://www.pcmag.com/article2/0,2817,2259194,00.asp
Vendor: http://www.runtime.org/driveimage-xml.htm

Norton Ghost 14.0
Review: http://www.pcmag.com/article2/0,2817,2257958,00.asp
Vendor: http://symantec-norton.com/Norton_Ghost_14...CFQyjQwodlXAxbQ

Paragon Drive Backup 8.5 Personal Edition
Review: http://www.pcmag.com/article2/0,2817,2256989,00.asp
Vendor: http://www.paragon-software.com/home/db-personal/

ShadowProtect Desktop 3.1
Review: http://www.pcmag.com/article2/0,2817,2254465,00.asp
Vendor: http://store.storagecraft.com/acb/stores/1...n-32-P55C8.aspx

The idea behind these applications is to provide you a 'relatively' straight forward means to carry out a Full Image Backup of your PC System.

The author has produced a solution 'kit' from a variety of online resources. It works for him, and until a product arrives on the market that is better (in his opinion anyway), he is going to stick with it. He genuinely can not provide full details of this solution because he did not document what he did at the time. He has looked for the critical information links and can not find them. If you contact him, he can provide you with a copy of this fully operational 'kit', and instructions on how to use it. Eventually and hopefully; all the necessary links and resources to create a working 'kit' of your own from scratch will be compiled here from helpful contributors!
06: 00: Components of a "BARTPE / GHOST - PC (Backup & Recovery) RIG"
If your asking - What is a "BARTPE / GHOST - PC (Backup & Recovery) RIG” at the end of this section, you will have read a discussion of what a "BARTPE / GHOST - PC (Backup & Recovery) RIG" consists of.

A "full PC Backup Imaging Application" is not a "BARTPE / GHOST - PC (Backup & Recovery) RIG". It is a component of a "BARTPE / GHOST - PC (Backup & Recovery) RIG". If your PC is broken or you are not happy with it for any reason; a "BARTPE / GHOST - PC (Backup & Recovery) RIG" provides you the means to return your PC to the 'Fully operational' exact condition it was in when you created a 'Snapshot Backup' image of it immediately after setting it up from scratch. The whole point of this is the ability to do this with minimal effort and in less than an hour. An operational "BARTPE / GHOST - PC (Backup & Recovery) RIG", has some common components.

(1) STORAGE: A means to store at least one, but preferably several, 'Snapshot Backup Images' of the PC you want to recover.
e.g. : [Usually a SATA hard drive in the "BARTPE / GHOST - PC (Backup & Recovery) RIG".]

(2) BOOTUP O/S : An operating system to boot up the PC being recovered or imaged, making it possible to either - create a 'Snapshot Backup Image' of it, or restore a 'Snapshot Backup Image' to it.
e.g.: [BARTPE - Bart's Preinstalled Environment.]

(3) NETWORK: A means to connect the PC being recovered or backed up, with the "BARTPE / GHOST - PC (Backup & Recovery) RIG"
e.g.: [This can simply be 2 RJ45 leads and a 4 port router.]

(4) BACKUP IMAGE ENCODING: A method of encoding the entire contents of a PC hard drive into one 'Snapshot Backup Image file (-set)', in order to back it up.
e.g.: [Ghost or any other Full PC Backup Imaging Software - see section "05 - Full PC Backup Imaging Applications" above.]

(5) BACKUP IMAGE DECODING: A method of decoding a PC's 'Snapshot Backup Image file (-set)', in order to restore it.
e.g.: [Ghost or any other Full PC Backup Imaging Software - see section "05 - Full PC Backup Imaging Applications" above.]

(6) BOOTUP MEDIA PREPARATION: A means to prepare Bootup Media to successfully connect a PC to be recovered, with a "BARTPE / GHOST - PC (Backup & Recovery) RIG".
e.g.: [A BARTPE Media Preparation 'RIG' used to prepare a Bootable CD-R/RW Disc or a Bootable USB Flash Drive.]

(7) NETWORK DRIVERS: Network drivers for the PC being restored or backed up
e.g.: [Windows XP network card driver files, e.g. - for HP DC7600 SFF - b57w2k.sys + b57win32.cat + b57win32.inf + b57xp32.sys.]

(8) BOOTUP MEDIA: A means to allow the recovery/backup PC to boot up, usually through a CD or USB Flash Drive
e.g.: [A BARTPE Media Preparation 'RIG' prepared CD-R/RW disc or USB Flash Drive.]

The "BARTPE / GHOST - PC (Backup & Recovery) RIG", is one of those IT tools that you hope you don't need, but are glad you've got, when your PC system needs a rebuild, and you know you can have it back up and running in an hour rather than a whole day.

A "BARTPE / GHOST - PC (Backup & Recovery) RIG", can incorporate any Full PC Backup Imaging Application. The author's "BARTPE / GHOST - PC (Backup & Recovery) RIG", incorporates BARTPE and Ghost technology. Below; section 6.01 - covers BARTPE technology, and section 6.02 covers how a "BARTPE / GHOST - PC (Backup & Recovery) RIG", works in practice.
06: 01: BARTPE Technology
At the end of this section you will understand what role BARTPE technology is able to play in a "BARTPE / GHOST - PC (Backup & Recovery) RIG"

A "BARTPE / GHOST - PC (Backup & Recovery) RIG", that deploys BARTPE technology and network support, needs to operate in three stages.

Stage one involves 'compiling' a BARTPE Bootable Media 'RIG' with the correct network card drivers for the PC to be Recovered or Backed up.
Stage two involves preparing the bootable media whether this is a bootable USB Flash Drive or a bootable CD-R/RW disc.
Stage three involves using the (now) BARTPE bootable media, to connect the PC to be backed up or recovered, to the "BARTPE / GHOST - PC (Backup & Recovery) RIG".

So, the BACKUP_RIG PC is set and ready to receive a backup image of your freshly built PC. The freshly built PC needs to be started in a way that will allow its entire hard disk to be imaged, and for this image to be transferred to the BACKUP_RIG PC. There are several ways to do this start-up, but booting into XP on the PC to be backed up is not 'yet' one of them. Many techies will be aware of several disk imaging technologies. One of the oldest around is Ghost, now owned by Symantec. One of the problems of using this method used to be obtaining suitable ndis 'DOS' drivers for the network card of the PC you wanted to Image or Recover. If you were lucky enough to obtain a suitable driver, it invariably would not work, and required 'horribly' technical 'under-the-hood' tweaking of various TCP/IP service files. It was sometimes necessary to install a 'special' network card to resurrect this DOS. based TCP/IP network connection. Luckily, a developer called Bart Lagerweij modified a technology from Microsoft and created a clever solution. This is some website information...

"Hi, my name is Bart Lagerweij. I've been creating DOS based boot disks and bootable CD-ROMs from Dos 3.x (not sure what year) until 2002. I have created the: Corporate Modboot, Network bootdisk, CD-Rom bootdisk, a hardware independent Dos CD-Rom driver eltorito.sys and lots of other tools needed to boot a PC the way I want it to. As you can read above I've stopped doing that in 2002. Why? I saw a Windows PE (WinPE) bootable CD-Rom (from Microsoft) in action and I got very, very curious. I knew then as I know now, that in time PE-based solutions will be every PC technician’s best friend. Goodbye to all the good and bad dos-based NTFS utilities! Now we can boot from a CD-Rom ("or USB Flash Disk"), and have full read/write access to NTFS volumes! Here are a few things that are possible with PE and are not possible with any type of dos-based boot disk, even when using network support and ntfsdos:
* Accessing very large (>2TB) NTFS volumes or accessing volumes that are not seen by the BIOS, like some fibre channel disks.
* Very reliable scanning and cleaning of viruses on NTFS volumes using a "clean boot".
* Active Directory support.
* Have remote control over other machines, using vnc or remote desktop."

There is a great deal of information about this technology here - http://www.nu2.nu/pebuilder/#intro

OK - so this link also has other links on how to create a Bootable USB Flash Drive.

Why would you want to do this instead of using a CD-R/RW boot disk?
Well - once you have set up your BARTPE Create USB Flash Drive 'RIG', you can make almost any USB Flash Drive; Bootable in about 5 minutes.
This beats taking a CD-R/RW disc, wiping it, then burning it with a suitable boot image which even if you are good takes 20 minutes or more.
The USB flash disk method is more versatile too. You can use it to inject 'broken' system files into a stricken PC or even hold a complete backup image.

So having established Bootable USB Flash Drives are the way to go, how do you create one?
The site has another link to PEBuilder downloads - http://www.nu2.nu/pebuilder/#download

The information on exactly how this is done is out there on the internet. About 9 months ago, the author spent a few days gathering this all up and set up his own RIG to make USB Flash Drives Bootable. He found it hard work, but managed to do it. Unfortunately, He did not document where he got all the bits and pieces from. Since then the key information on how to do this might be more accessible, but he can't find it. If you locate good instructions on how this is done, please post them here for others. In the meantime should you find it useful, you can contact the author for a copy of the working "BARTPE / GHOST - PC (Backup & Recovery) RIG", Kit, that can be set up by copying a file-set from a CD-R disc.

The ghost imaging process takes around 3 minutes per gigabyte. When complete, your Fresh build PC is backed up, and for as long as you maintain your "BARTPE / GHOST - PC (Backup & Recovery) RIG", and the backed up image file(s), you won't need to load XP on it manually again!
06: 02: How a "BARTPE / GHOST - PC (Backup & Recovery) RIG" works
At the end of this section you will appreciate how a "BARTPE / GHOST - PC (Backup & Recovery) RIG", works. Reading through this will be wearisome, but there are good ideas here about how to manage your own operational "BARTPE / GHOST - PC (Backup & Recovery) RIG". The procedures seem convoluted, but when you've got your 'RIG' up and running, and are used to it, it's pretty easy to operate.

Below is a hypothetical account of YOU the reader, using an operational "BARTPE / GHOST - PC (Backup & Recovery) RIG" to recover YOUR PC.

Some months ago, YOU completed and backed up; a Fully Operational 4Stage Build of your Primary PC.
Now you are unhappy with your PC and would like to recover it using the Stage4 Backup that you created some months ago.

$$ Your "BARTPE / GHOST - PC (Backup & Recovery) RIG" is connected to your 4 port router as normal. It is called "BACKUP_RIG".
$$ Contained on its hard drive are a series of 4 Full PC Image Backup File Sets, which were created at 4 stages while you installed the O/S and APPS on your PC.
$$ You placed these Backup Sets into 4 directories on your D: drive. They are called - PriPC-Stage1 to 4.
$$ You use Windows Explorer to navigate to the "PriPC-Stage4" folder, and check it contains 3 files of roughly 2 GB each.
$$ These 3 files are called PriPC-Stage4_0.GHO + PriPC-Stage4_1.GHS + PriPC-Stage4_2.GHS.
$$ You notice the time-date stamps on these files indicate the XX_1.GHS file is older than the XX_2.GHS file which is older than the XX_GHO file.
$$ You remember that when you last imaged your PC, three months ago; that GHOST created file XX_0.GHO first, then during the backup; you were prompted for the names of 2 more 'Image Spanning' files, which it created with .GHS filename extensions (S stands for image 'spanning'). At the end of the backup imaging process, GHOST asked you to browse to the first XX_0.GHO file. You realise this is probably why this appears to be the youngest of the files in the Image Backup set.
$$ You are satisfied; the Full Backup Image File set for your PC is complete.
$$ You notice the 4 backup image set folders are themselves contained in a Directory folder tree - D:\ IMAGES \ PC_HP_DC6700_SFF \ 2009 02 08
$$ You remember organizing these folder names to make it easy to locate the Backup Image File Sets for your PC, because you have also been backing up some friends PC's for them as well.
$$ You look into the folder D:\ IMAGES \ PC_HP_DC6700_SFF \ 2009 02 08.
$$ In this folder you see four folders called Stage1 to Stage4, and a text file called info.txt. You open the info.txt file using notepad and read this text -
info.txt
------------------------------------------------------------------------------------------------------------------------------------------------
Date - 2009 02 08
This folder contains 4 Full PC Backup Image file sets created during the full preparation of the
Hewlett Packard DC7600 Small Form Factor PC.
Each set is in its own folder containing from 1 to three files; and can be used to recover the PC to any one of 4 stages.
Stage1 is the operating system only backup
Stage2 and 3 backups both work and have progressively more installed on them
Stage4 is the fully operational PC backup
------------------------------------------------------------------------------------------------------------------------------------------------
$$ You remember you created this text file to remind you what the different folders at this level, and their contents, were for.
$$ You look into the folder D:\ IMAGES \ PC_HP_DC6700_SFF and notice two folders and one file there. Folder "2009 02 08" has been mentioned already. There is also a folder called "NIC_HPDC6700_BC". You look into this folder and see several files there. They are - b57w2k.sys + b57win32.cat + b57win32.inf + b57xp32.sys + info.txt.
$$ You open the info.txt file using notepad and read this text -
info.txt
------------------------------------------------------------------------------------------------------------------------------------------------
Date - 2009 02 08
PC - Hewlett Packard DC7600 Small Form Factor PC
Owner - Author
Description - Windows XP network card driver file set
Purpose - BARTPE boot network card driver file set for GHOST Image Backups
Description - Broadcom Net Extreme Gigabit Network Card Driver Files for Windows XP (32bit)
------------------------------------------------------------------------------------------------------------------------------------------------
$$ You remember you created this text file to remind you what the network files were for.
$$ You decide to prepare your Bootable Flash USB Drive with Network Support
$$ Your USB Flash Drive is a 4.6GB Corsair Flash Voyager unit
$$ You locate the BARTPE MEDIA Builder 'RIG' folder on the PC and copy the network driver folder "NIC_HPDC6700_BC", mentioned earlier into the BARTPE "NET" folder.
$$ You then 'compile' the BARTPE MEDIA Builder 'RIG' so it incorporates the correct network card drivers for the PC you want to recover.
$$ You then insert the USB Flash Drive into the PC and run the BARTPE MEDIA USB Drive Builder command.
$$ After about 5 minutes, the command has completed, and the USB Flash Drive is now Bootable with the correct Network Support.
$$ You check you have copied all the important data files off the PC you are about to recover. You have also made sure you have backed up all your IE-favourites and Firefox-favourites.
$$ You make sure the IMAGES folder on the "BARTPE / GHOST - PC (Backup & Recovery) RIG" PC is shared out with the sharename IMAGES.
$$ You turn off the PC to be recovered and ensure it is connected to the same router (hub/switch) as "BACKUP_RIG".
$$ You insert the (now) BARTPE Bootable USB Flash Drive into the PC to be recovered and switch on.
$$ The BARTPE start-up screen appears and you are prompted whether you want to load network support or not. Select YES.
$$ Network support loads and a dialogue window opens indicating the network card driver mentioned earlier. Select the DHCP profile.
$$ Select 'Share Folder' and enter credentials - \\BACKUP_RIG\IMAGES for the drive letter 'G:'
$$ After confirming the network share, a network drive is mapped to the "BARTPE / GHOST - PC (Backup & Recovery) RIG"
$$ You start the BARTPE File Management Utility from the GO button and navigate to the "BARTPE / GHOST - PC (Backup & Recovery) RIG", share drive 'G:'
$$ You can see a folder on the G: Drive called PC_HP_DC6700_SFF and a file called GHOST32.exe.
$$ You double click the "GHOST32.exe" file and the ghost "Full PC Backup Imaging Application" starts.
$$ You select Drive > From Image, then navigate to the "PC_HP_DC6700_SFF \ 2009 02 08 \ PriPC-Stage4 \ PriPC-Stage4_0.GHO" file,
$$ Ghost confirms this image will overwrite the hard drive of the PC being recovered - select Yes, and Backup Image 'Decoding' starts.
$$ After about 20 minutes, the imaging recovery will have completed and you can shut down the PC from the BARTPE - GO menu.
$$ Remove the (now) BARTPE Bootable USB Flash Drive from the PC that has been recovered
$$ Turn on the recovered PC and enjoy the Fully Operational Stage4 Build of your Primary PC, exactly as you had completed it Three months previously.
$$ If you feel you would like to change some major applications on this, then simply repeat the process and repeat using the Stage3 or Stage2 Build Backup Image File Sets instead.

The key to managing your "BARTPE / GHOST - PC (Backup & Recovery) RIG", is storing your PC Backup images and network drivers into an organized folder structure where you can quickly find what you need. Burning the backup images to CD-R/RW media offers further protection. You may find it useful to get a Dual Layer CD Burner and media; allowing 8 GB of storage per CD media disc.
06: 03: The 4 PC Build Stages
At the end of this section you will be familiar with ideas behind splitting your build up into stages.

End to end, the process of installing the operating system, updates, components and applications on your PC can easily take 5 hours. Splitting this process up and carrying out a full PC backup at each stage will ensure you can recover to the last completed stage if you encounter a problem without having to start all over again.

The likelihood of encountering a problem is quite high. The reason for this lies in the many changes that can occur within the applications and (or) updates you are installing. Just because a particular installation sequence worked flawlessly the first time round, that doesn't mean it will work the second time round, if one or more of the components have been 'updated'. A staged approach gives you the best chance of developing a Full PC Build that is Pristine and Fully Functional.

The 4 Stages break down as follows:
It is important to stress, you are free to use your own 'set' of install stage applications that suits your own way of working.

STAGE1 (1 hour)
Operating System +
Hardware Drivers.

STAGE2 (2 hours)
(Stage1) - plus
java Version 6 Update 12 +
Adobe Flash Player version 10.0.12.36 +
BBC iPlayer Download Manager +
Firefox 3.0.6 +
Windows Internet Explorer 7 for Windows XP (sp 2 or 3 only) (reboot) +
All Windows Updates +
CCleaner
PC protection application - Malwarebytes' Anti-Malware - Version: 1.33 +
PC protection application - Spybot - Search & Destroy - Version 1.6.2 +
PC protection application - AVG Anti-Virus Free Edition - Version 8.0.233.

STAGE3 (2 hours)
(Stage1 + Stage2) - Plus
Windows Media Player 11+
VLC +
Gom player +
Media Player Classic +
Power DVD +
MS Office Professional 2003 sp3 +
Adobe reader +
Corel Paintshop Pro Photo X2 +
Mavis Beacon +
Printer driver +
PDF 995 +
Nero Burning Rom +
7-zip +
Belarc Advisor +
BG Info.

STAGE4 (?? hours)
(Stage1 + Stage2 + Stage3) - Plus
Any other applications you require

Stage 4 is very useful for installing applications you may just want to try out. Perhaps a Trial version of some Desktop Publishing Software. When the trial period expires, you can revert to your Stage3 build.

Now you are aware of the benefits of splitting your PC Build into 4 Stages, you are ready (hopefully) to back up your Stage1 Build.
07: 00: Stage1 PC Build - Image Backup
By the end of this section you will have completed your first Full PC Image Backup.

By now you have set up your "BARTPE / GHOST - PC (Backup & Recovery) RIG", and have also completed Stage1 of your new PC Build. You are ready to carry out the Stage1 PC Build Image Backup.

So far, your time investment in preparing your 'New Build' Fully operational PC is around 1 hour. The strategy of this exercise is to 'snapshot image' or 'fully back up', your 'New Build' at four key stages. You have now completed Stage 1 of the PC New OS Build, and should now 'fully back up' or 'snapshot image' your system. Let's call this phase your 'Stage1 Build'.

There are benefits to backing up your 'Stage1 Build'.
1 - The 'Stage1 Build' cost you a minimum of 40 minutes to prepare, excluding wiping your hard drive. Preserving this time makes sense.
2 - The shelf life of your 'Stage1 Build' is probably as long as the base operating system with your selected Streamlined Service Pack.
3 - Recovery of your 'Stage1 Build' will only cost you 10 minutes.
4 - 'Stage2 Build' difficulties and errors can be ironed out. You can then start your 'Stage2 Build' again from a clean Stage1 point

During the Stage2 Build phase, you may find that you need to load applications in a particular order to create a Fully Operational PC build. You may have had to uninstall and re-install one or more applications, and this in itself 'slightly' spoils the integrity of the end result. When you have established and noted down the best order to get everything installed in Stage 2, it is simple enough to revert back to the Stage1 build, using the "BARTPE / GHOST - PC (Backup & Recovery) RIG", to restore the Stage1 Image. From this 'clean' point you can then install the Stage2 applications 'cleanly'.

This guide assumes you are using a "BARTPE / GHOST - PC (Backup & Recovery) RIG", to Backup a Hewlett Packard DC7600 Small Form Factor PC.
Modify the directory and filenames you use, to suit the name and model of the unit you are actually backing up.

$$ Your "BARTPE / GHOST - PC (Backup & Recovery) RIG" is connected to your 4 port router as normal. It is called "BACKUP_RIG".
$$ Using Windows explorer, navigate to the "D:\ IMAGES \ PC_HP_DC6700_SFF" folder
$$ Create a two tier folder structure at this level using the date - i.e. - "2009 02 10 \ STAGE1" to create - "D:\IMAGES\PC_HP_DC6700_SFF\2009 02 10\STAGE1"
$$ If it is not already prepared - refer to section 6.02 on "How a "BARTPE / GHOST - PC (Backup & Recovery) RIG" works" for preparing your Bootable Flash USB Drive with Network Support.
$$ Make sure the IMAGES folder on the "BARTPE / GHOST - PC (Backup & Recovery) RIG", is shared out with the sharename IMAGES.
$$ Turn off the PC to be recovered and ensure it is connected to the same router (hub/switch) as "BACKUP_RIG".
$$ Insert the (now) BARTPE Bootable USB Flash Drive into the PC to be backed up and switch on.
$$ The BARTPE start-up screen appears and you are prompted whether you want to load network support or not. Select YES.
$$ Network support loads and a dialogue window opens indicating the network card driver mentioned earlier. select the DHCP profile.
$$ Select 'Share Folder' and enter credentials - \\BACKUP_RIG\IMAGES for the drive letter 'G:'
$$ After confirming the network share, a network drive "G:"; is mapped to the "BARTPE / GHOST - PC (Backup & Recovery) RIG".
$$ You start the BARTPE File Management Utility from the GO button and navigate to the "BARTPE / GHOST - PC (Backup & Recovery) RIG" share drive 'G:'
$$ You can see a folder on the G: Drive called PC_HP_DC6700_SFF and a file called GHOST32.exe.
$$ You double click the "GHOST32.exe" file and the GHOST "Full PC Backup Imaging Application" starts.
$$ You select Drive > To Image; then navigate to the directory - "\\ BACKUP_RIG \ IMAGES \ PC_HP_DC6700_SFF \ 2009 02 10"
$$ Define a file name for the Backup Image File, something like - PriPC-Stage1_0. The "GHO" extension will automatically be appended; OK
$$ For compression level select HIGH. Your Stage1, PC backup, should now begin.
$$ When this image file reaches 2 GB in size, GHOST will pause and ask you to define or browse to another "spanning" file.
$$ Simply ensure you are set in the same subdirectory as the first file and enter the filename - PriPC-Stage1_1. The "GHS" extension will automatically be appended; OK
$$ If you are prompted to define a third spanning file name, simply repeat the process, changing the number of the image file accordingly (as above)
$$ When the Backup Imaging process completes you are prompted to either Reboot or Continue.
$$ Select 'Continue', and then exit GHOST.
$$ From the BARTPE 'GO' menu select 'SHUTDOWN'.
$$ When the PC has powered off, remove the Bootable Flash USB Drive with Network Support, and restart.
$$ For all subsequent stage backups, follow the same procedure changing the STAGE number part of the file and directory names.

CONGRATULATIONS!! - you have completed your Stage1 Backup.
08: 00: New 'Fully Operational' PC Build - Stage2
At the end of this section you will have installed your Stage2 applications and updates and be ready to back up Stage2 of your New PC Build.

Stage1 is built, tested and backed up. The effort and time it takes to install your operating system and hardware drivers is now harnessed.
You are now ready to install a series of Operating System components, Updates, and Applications that make up Stage2 of the Build.

You may have your own list and preferences, but the author's list of installs for Stage2 is as follows...

STAGE2 (2 hours)
(Stage1) Plus
Java Version 6 Update 12 +
http://java.com/en/download/index.jsp

Adobe Flash Player version 10.0.12.36 +
http://get.adobe.com/flashplayer/

BBC iPlayer Download Manager +
http://www.bbc.co.uk/iplayer/install?return=b00hkblr

Firefox 3.0.6 +
http://www.mozilla-europe.org/en/firefox/

Windows Internet Explorer 7 for Windows XP (sp 2 or 3 only) (reboot) +
http://www.microsoft.com/downloads/details...;DisplayLang=en

All Windows Updates +
http://www.update.microsoft.com/windowsupd...t.aspx?ln=en-us

PC protection application - CC Cleaner - Version 2.16.830
http://www.filehippo.com/download_ccleaner/

PC protection application - Malwarebytes' Anti-Malware - Version 1.33 +
http://www.malwarebytes.org/mbam.php

PC protection application - Spybot - Search & Destroy - Version 1.6.2 +
http://www.safer-networking.org/en/download/index.html

PC protection application - AVG Anti-Virus Free Edition - Version 8.0.233 +
http://www.download.com/AVG-Anti-Virus-Fre...4-10320142.html.

The Stage2 Build includes going to the Microsoft Windows Update website and installing all available updates. Sometimes these can fail. If you are unable to get beyond an update failing to re-install, recover back to the Stage1 Build, and start again. These various installs with reboots can take 1.5 hours or longer.
Once all the items are installed and updated, and your Stage2 build boots cleanly, with no problems reported in event viewer; run each of the 4 PC protection applications and confirm a 'clean' status from each one in turn, starting with CC Cleaner. As long as all scans report either a 'clean' status, or are able to completely clean up anything the PC has picked up (usually tracking cookies); you are clear to proceed to backing up your Stage2 Build.

CONGRATULATIONS !! - you have completed your Stage2 Build.
09: 00: Stage2 PC Build - Image Backup
By now you have completed Stage2 of your new PC Build. You are ready to carry out the Stage2 PC Build Image Backup. By the end of this section you will have completed your second Full PC Image Backup.

So far, your time investment in preparing your 'New Build' fully operational PC is around 3 hours for Stage1 & Stage2 combined. Backing up your 'Stage2 Build' will preserve this effort.

For guidance on backing up your Stage2 Build, refer to section "7- Stage1 PC Build - Image Backup".

CONGRATULATIONS!! - you have Backed up your Stage2 Build.
10: 00: New 'Fully Operational' PC Build - Stage3
At the end of this section you will have installed your Stage3 applications and be ready to Backup Stage3 of your New PC Build.

Stage2is built, tested and backed up. The effort and time it takes to install your operating system and hardware drivers is now harnessed.
You are now ready to install a series of Applications that make up Stage3 of the Build.

You may have your own list and preferences, but the author's list of installs for Stage3 is as follows...

STAGE3 (2 hours)
(Stage1 + Stage2) - Plus
Windows Media Player 11+
VLC +
Gom player +
Media Player Classic +
Power DVD +
MS Office Professional 2003 sp3 +
Adobe reader +
Corel Paintshop Pro Photo X2 +
Mavis Beacon +
Printer driver +
PDF 995 +
Nero Burning Rom +
7-zip +
Belarc Advisor +
BG Info.

CONGRATULATIONS!! - you have completed your Stage3 Build.
11: 00: Stage3 PC Build - Image Backup
By now you have completed Stage3 of your new PC Build. You are ready to carry out the Stage3 PC Build Image Backup. By the end of this section you will have completed your third Full PC Image Backup.

So far, your time investment in preparing your 'New Build' fully operational PC is around 5 hours for Stage1, 2 & 3, combined. Backing up your 'Stage3 Build' will preserve this effort.

For guidance on backing up your Stage3 Build, refer to section "7- Stage1 PC Build - Image Backup".

CONGRATULATIONS!! You have backed up your Stage3 Build.
12: 00: New 'Fully Operational' PC Build - Stage4
At the end of this section you will have installed your Stage4 applications and be ready to back up Stage3 of your New PC Build.

Stage3 is built, tested and backed up. The effort and time it takes to install your operating system and hardware drivers is now harnessed.
You are now ready to install Application(s) that make up Stage4 of the Build.

You may have your own list and preferences, but the author's list of installs for Stage4 is as follows...

STAGE4 (?? hours)
(Stage1 + Stage2 + Stage3) - Plus??

To complete your own Stage4Build; - install any further applications you require.

CONGRATULATIONS!! - you have completed your Stage4 Build.

13: 00: Stage4 PC Build - Image Backup
By now you have completed Stage4 of your new PC Build. You are ready to carry out the Stage4 PC Build Image Backup. By the end of this section you will have completed your fourth Full PC Image Backup.

So far, your time investment in preparing your 'New Build' fully operational PC, is around 5+ hours for Stage1, 2, 3 & 4, combined. Backing up your 'Stage4 Build' will preserve this effort.

For guidance on completing this section, refer to section 7: Stage1 PC Build - Image Backup

CONGRATULATIONS!! - you have backed up your Stage4 Build.
14: 00: Wrapping up
The "BARTPE / GHOST - PC (Backup & Recovery) RIG", is one of those IT tools that you hope you won't need, but are so glad you've, got when your system needs a rebuild, and you know you can have your PC up and running in an hour rather than a whole day.

Hopefully, helpful contributors will offer information that is unfortunately missing from this guide, and all the required technical points to create your own - "BARTPE / GHOST - PC (Backup & Recovery) RIG" will be available in their entirety.
One tool that was invaluable in ensuring each Backup Image was as 'clean' as possible was: CC Cleaner - Version 2.16.830.
http://www.filehippo.com/download_ccleaner/

Running this utility to clean up the registry, all temp files and browsing history and cookies, really puts a polish on each of your System Build Stages, prior to backup.
Although, mentioned earlier; thanks to the developers for providing such a great (free) tool.

Thanks (partly) to the free applications available, even if you are on a limited budget, you can create your own resilient Fully Functional PC Build, and preserve the effort it took to create; using your very own "BARTPE / GHOST - PC (Backup & Recovery) RIG".

If you have any information on steps to create a BARTPE Bootable USB Flash Drive and (or) CD-R/RW Disc, please post them so this guide can be completed.
In the meantime, should you require a working - "BARTPE / GHOST - PC (Backup & Recovery) RIG" KIT and a guide on how to set it up, you can contact the author.

<>

If this is not already the case, in part or in whole; we may be approaching a time where all and any activity conducted on a PC is no longer private.

We should perhaps increasingly question any assumptions we may harbour about a technology we are increasingly incapable of understanding.

Assumptions for instance; that measures we take to protect our PCs, are not agents that compromise the very privacy we are trying to protect.
END.
Please do post constructive suggestions that either correct this material or extend its application. Many Thanks!




Addendum.
@@@
Has your PC ever been repeatedly infected with Viruses, Trojans and Malware after you have cleaned it up?
Have you ever tried rebuilding your PC and found it re-infected as soon as you connected to the internet?
Are you tired of fighting off repeated malware attacks on your PC, and waiting for the one that eventually ruins it?
Ever wondered what it would take to be able to recover your PC to a Pristine 'just built' state in under an hour whenever you wanted?
@@@
If your answer is yes to any of the above, you may find this document helpful.
Please don't post any negative or sarcastic comments.
You don't have to read this and every effort has been made to offer helpful, and as complete as possible, information.
@@@
This is more discussions (in third person), than direct technical 'how to' instructions.
Please don't be frustrated by all the 'talk' in this and none of the information is intended to patronise experienced "Techies".
There are critical gaps in some technical details. This was unavoidable and is NOT intentional!
Unless you can already do this yourself, you MUST fill these gaps or contact me if you want to set up your own "BARTPE / GHOST - PC (Backup & Recovery) RIG".
Hopefully the gaps can be filled by helpful contributors.
As the reader of this material, YOU ALONE are responsible for the consequences of using any of this information, if you so choose.
This material includes a commentary on operating a fully functional "BARTPE / GHOST - PC (Backup & Recovery) RIG",
@@@
After downloading a rogue (supposedly codec) file from a website, the author's computer became infected with a malware program similar to "XP Antispyware 2009". It generated popups that looked like authentic windows security alerts. He realised this was a problem and looked for help among online forums like "BleepingComputer.com".
<>
He found good information and gathered a range of PC protection tools that all reported infections. They all removed some problems, but none removed all of them. Some caused minor issues with his pc, but these were documented and soon resolved. When he thought he was on top of the problem, the PC protection programs started to report unfixable issues. Malware Trojans and viruses started to attack his PC's critical system files. They were making more registry changes too. Despite running three PC protection programs and scanning for; then 'fixing' virus and malware outbreaks every couple of hours; his computer was becoming overwhelmed. At one point the CPU went to 100%, with over 80 processes running, and he was not running anything, not even a malware scan.
<>
Over the past five years he had suffered about three virus attacks bad enough to prompt him to rebuild his pc. This fourth serious attack was the worst he had ever suffered. He decided to get his 32 Gb of data onto a spare hard drive and rebuild the pc. For most people, this would not be an option. Because he has worked in IT, and was comfortable with rebuilding his PC from scratch, he was confident of getting his PC fully operational and expected this to take him about five hours. He was worried about his data being infected, but accepted if he did not take this action; it would soon be corrupted beyond recovery anyway.
<>
So he rebuilt the PC and connected it to the internet. He was stunned to find the PC was getting infected the instant it was connected to the internet. Over the next few days, he repeated the cycle of rebuilding the PC, fighting instant malware attacks, and re-rebuilding it; until he finally got to a point where the PC was no longer suffering attacks, and he could get his precious data cleaned up. He now gets 100% clean results from three PC protection applications. His preparation work means he is now able to resurrect the PC if it gets infected again, from a ruined state to fully operational, in under 1 hour instead of five hours or more.
<>
The ability to recover your broken PC, or simply return the PC to a 'pristine' clean state in minutes, requires some work. Though there are several ways to do this, the method the author used involved a staging PC and his primary infected PC. It also required several hours of preparation. He needed to download drivers, service packs, utilities and applications. He also needed to burn cd-rw discs and prepare a bootable USB flash drive with network support.
<>
With all this preparation work done in an organized way, he has developed a working "BARTPE / GHOST - PC (Backup & Recovery) RIG", that can now be used any time it is needed.
<>
He is glad he has have done all the work it took to make this happen. Thanks to sites like "BleepingComputer.com", he has learnt good information along the way. He is now confident that whatever infection his PC gets, he can reach for his "BARTPE / GHOST - PC (Backup & Recovery) RIG", and get his PC system back to fully operational in less than 1 hour.
<>
There was so much effort involved in doing this; he decided it would be a waste to keep this to himself. There are many gaps and holes in his knowledge that he could do with some help on. So he decided to share this information on this forum, and hope that various 'experts' will offer helpful suggestions to improve this guide's accuracy and application for the benefit of many other 'techies' out there who know about this stuff, but just have not found the time to pull it all together at once. All the topics covered are available online, but he has never found them all in one place like this before, so he hopes this can be useful.
<>
If the emphasis changes from removing contracted infections, to preventing infections in the first place, PC 'snapshot' imaging and backup technology may mature and become more accessible. At present, this solution is mostly the reserve of 'techies' who can set up their own "(Backup & Recovery) RIGS".
<>
The INTRO title of this guide is all about why the author did this in the first place. He hopes that anyone who finds themselves in the same situation can come across this and find it helpful for what they need.
@@@
FOOTNOTES:
As a further fore note, he would like to thank the many developers and businesses who are providing free PC protection solutions for us to download and use. There are many products out there with different strengths and weaknesses and donations can help good products like Spybot Search and Destroy, to survive and improve their offering. He has decided to split a yearly subscription payment between Spybot and one of the larger solution providers. All who can afford it, share a moral duty to either purchase or donate some funds at least, to solution developers who have provided tools that we have found; not just helpful; but essential. If those who can afford to donate; selfishly refuse to do so; free PC protection tools may become increasingly unavailable to the people who need them most.

While the core principals and strategies this material contains, may be useful for a period; the rapid rate of change of technology, hardware, software; and the malware that disrupts our PCs; means the recommendations and techniques detailed here should be reviewed and re-evaluated in light of prevailing opportunities and threats. Before deploying any information you find here, you should ensure you have read all the material, and determined which components are still relevant or not, to the circumstances you are facing. Any action you take based on the information here is entirely your own responsibility.

To provide an example of this -

@@ AVG antivirus at the time of writing, is available for free, and appears to provide updates on an almost daily basis. Installation was trouble free, as were immediate definition updates. The author noted it installs - Microsoft Visual C++ 2005 Redistributable. He doesn't know anything about this, but is a bit anxious this application seems to rely in some way on technology that 'looks' dated. Despite this slight doubt, AVG has an easy to use modular interface and seems to be effective in identifying and cleaning known threats. He was able to download it from a website that indicated it's version at the time was circa 29th January 2009, and reported a download count of 162,828,661. Taking into account its apparent widespread use, and his own (limited and non-expert) experience; he is happy to recommend it. In contrast:
@@ SpywareGuard by Javacool has many online accolades. The author downloaded it (free) from their website and installed it. Straight away a problem occurred with installation. Its installation routine complained of a missing a file - "MSCOMCTL.OCX". The missing file was found at "ascentive.com" that strangely; also seem to provide anti-malware solutions. The install finally completed ok. On running an update he was not happy to see the last update for this product was in 2004. He read a variety of opinions on this, and was almost persuaded to leave it on the PC. Then he discovered it would only run from a task bar icon. The desktop and program menu icon links to it, would not work. This was worrying, so he decided to uninstall it. This again proved a bit tricky, but he was glad to have it off the PC. He could have discovered its 'ancient' version update before downloading it in the first place, but understandably, this negative fact is unlikely to be advertised on the site offering this as a download. Javacool's website still offers this on their product list, and though it is free of charge, his experience with it means he can not recommend it at all. He would now be cautious about Javacool's other products. Perhaps this is unfair, and the bugs he discovered in this particular product have solutions?

9TYPHON9

Attached Files



#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:12:20 PM

Posted 16 February 2009 - 01:32 AM

Thank you for notify us.. I will now close this topic.. Please pm any Moderator or HJT Team should you need to re-open this topic..


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users