Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Backup with Viruses


  • Please log in to reply
9 replies to this topic

#1 SpiraRoam

SpiraRoam

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:53 AM

Posted 02 December 2017 - 07:32 PM

Hi, I think I've got malware or some sort of system issue. I'm hoping to backup my laptop with all of my current files that I don't want to lose onto an external hard drive but I'm worried that the viruses will transfer to the hard drive as well?


Edited by hamluis, 03 December 2017 - 04:53 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 ranchhand_

ranchhand_

  • Members
  • 1,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:01:53 AM

Posted 02 December 2017 - 10:43 PM

Go ahead and back up, viruses and all. The important thing that is you have saved what is valuable along with the garbage. Then pop over to the "Am I Infected" forum and clean up your OS.

From here on, it depends on what program you are using for your backups. If you can access the backup image file and open it in real time, you can merely pull your data off of it and into the appropriate folders. For example, Macrium Reflect is a bullet-proof backup utility and the individual data files can be accessed directly from the image. Just drag & drop them onto your (now clean) running system and you are home free.

If your backup utility does NOT have real time data access to the images, then you would have to re-image your infected system onto an extra drive, access your data and pull it off that way, then wipe the drive so you can use it virus-free.


Edited by ranchhand_, 02 December 2017 - 10:44 PM.

Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.


#3 SpiraRoam

SpiraRoam
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:53 AM

Posted 03 December 2017 - 07:46 AM

I don't use any particular program to back up. I just plug in the external hard drive and then use the windows system backup feature. When I plug in my external hard drive and 'view files' I have a powerISO image and mediaID. I don't wanna click on 'restore files' from the 620GB mediaID because it may start to re-install it all straight away.

 

Would installing macrium help me to open in real time? I could see whether there's much of a difference between the hard drives and what files I want to keep that way.

 

Regarding the malware, I quarantined 4 out of 5 of the infected files, which I think were in my internet history / cookies using malwarebytes. My system isn't running too slow now - but I'd still rather just go back to a healthier state.


Edited by SpiraRoam, 03 December 2017 - 08:04 AM.


#4 ranchhand_

ranchhand_

  • Members
  • 1,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:01:53 AM

Posted 03 December 2017 - 09:00 AM

 

Would installing macrium help me to open in real time?

Yes, you could install Macrium Reflect on your drive and use it to to create a backup image. However.....Reflect will not read an image created by another program such as the Windows backup utility. My suggestion is still what I first posted: create a Reflect image and save to your backup drive, then I strongly suggest that you let one of the experts here review your operating system. You could still have adware, spyware and possibly a rootkit running on your system. But...that is your decision. When you want to review your files, start Windows normally with your backup drive connected. In Explore you will see the drive with a letter assigned to it and the Reflect image file will be there; double-click on that file and Reflect will launch its viewer and your drive with its tree structure will appear for you to review. Find your data files, copy & paste or drag & drop them directly on to your open Windows desktop (or where-ever you wish).


Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.


#5 SpiraRoam

SpiraRoam
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:53 AM

Posted 03 December 2017 - 12:14 PM

How do I have an expert review my operating system? 



#6 xrobwx

xrobwx

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Panama City Beach, FL USA
  • Local time:01:53 AM

Posted 03 December 2017 - 12:57 PM

It's been moved to the proper section by a Moderator.

 

Read the pinned topic especially this one: https://www.bleepingcomputer.com/forums/t/182397/am-i-infected-what-do-i-do-how-do-i-get-help-who-is-helping-me/


Edited by xrobwx, 03 December 2017 - 01:00 PM.

7581204627.png


#7 SpiraRoam

SpiraRoam
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:53 AM

Posted 03 December 2017 - 10:00 PM

My browser says that the macrium download file from the website has viruses...d'you think it's worth downloading it?



#8 ranchhand_

ranchhand_

  • Members
  • 1,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:01:53 AM

Posted 03 December 2017 - 11:06 PM

If you are downloading it from the link I gave you, it has no viruses. I don't know what browser you are using, but it is giving you a false positive. I download from this website never got any viruses of any kind.

For peace of mind, you can download it from Filehippo Here. 


Edited by ranchhand_, 03 December 2017 - 11:10 PM.

Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.


#9 SpiraRoam

SpiraRoam
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:53 AM

Posted 04 December 2017 - 09:32 AM

Okay so just to clarify. The plan is to get a virus free hard drive / operating system. The way I plan to do this is to complete a system restore to the last point on my system where I had no problems. 

 

Backing up my current system onto my external hard drive should enable me to reinstall all the uninfected files using the macrium software, once I've restored to an earlier system point first?

 

I just feel weird about having malware on my external hard drive...it probably won't do anything right? Also, I'm not sure whether I've gained many more files compared to the last restore point. Are you saying that creating an image with reflect will let me compare the two? The 'backup drive' is just my external hard drive, right? 

 

I've got another external hard drive which I want to browse, on my current system, to lookup previously saved files. Are you saying that creating the backup image, with macrium, will let me browse these files on my current operating system? I'm probably going to wait until night time to do any of this because I imagine it will take a long time? I still need to use my laptop today for work so I'd rather leave any processes on overnight. 

 

Thanks



#10 ranchhand_

ranchhand_

  • Members
  • 1,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:01:53 AM

Posted 05 December 2017 - 08:46 AM

Let's take this point by point:

 

The plan is to get a virus free hard drive / operating system. The way I plan to do this is to complete a system restore

System Restore is not, I repeat NOT, going to get rid of any virus infection on your computer. There is only one of two options you have to do this:

1. wipe your drive totally, including nuking the main partition. Reinstall Windows. Result: You have removed all viruses; and you will lose all data and programs, and start from scratch again.

2. go through the cleaning procedure as directed by one of the malware experts on this forum. Result is that you regain your clean OS, and all your programs and data are intact. This is the best choice.

You have no other choices. Again, you have no other choices.

Possibly the terms here are confusing you:
System Restore is a tool which is part of the Windows operating system. It will not replace Windows itself, only certain key components.
System Reinstallation deletes your current Windows installation including all programs and data, and reinstalls Windows fresh.

 

 

Backing up my current system onto my external hard drive should enable me to reinstall all the uninfected files using the macrium software, once I've restored to an earlier system point first?

No. Again, as pointed out above, System Restore will not remove any viruses, malware, adware or spyware on your computer. System Restore only restores selected corrupt, missing or damaged key system files in the event of a major system crash; it will not remove viruses.

My Post #2 hinges on getting your system cleaned of infection while still keeping your data and programs safe. I suggested making a backup first as a safety-net in case anything goes wrong; if, in the cleaning process, data is damaged or deleted, you can go back into the backup and transfer that data back on to your system. Usually data does not get infected by an infection, only the operating system itself. It is highly unlikely that will happen, the staff here go through a lengthy, in-depth training program and know what they are doing. In order to do this, however, you must have a backup program that will not just make an image, but that image must be accessible in real-time so you can access and retrieve individual files & folders. Not all backup utilities will do that. Macrium will.

 

At this point, my suggestion: go through the cleaning process as directed by one of the staff here. That will solve the entire problem and you will be back up and running. Then make a backup of your clean system, and start a regular schedule of backups weekly.


Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users