Real system restore??

[blah]

Hello people. It seems these days that there is just more crap (in a home
environment) infecting peoples computers. Whether it be spyware, adware,
Trojans or/and viruses its a pain in the arse to disinfect. Traditionally
you go about patching systems , real time scanning, host editing and user
education as a first line of defence. I have found that if you give a home
customer a limited user account they will ring you every time they want to
install something new. If you tell them to only log in as admin to install
stuff they just end up using the admin account all the time. Then comes
removing the infection. As every body know this can be time-consuming often
taking longer than it would take to backup then format the system.

What I was thinking (which is nothing new), is having two partitions on one
hdd. Part 1 = windows Part 2= hidden. You have all the settings and
individual data (psts, ie6 favourites, my documents) stored and accessed
from part 2 . When the customer uses the computer it seems like a normal
windows xp installation. When there is an infection you just re-image
partition 1 ( in 1 step?) with the pre configured image. None of the
settings will be lost because the xp installation will still look for
settings and psts, ie6 favourites, my document on part 2 ? Does anyone know
of any software that can help me do this???

[smerf]

Search for Acronis True-Image.

"blah" <stfuhellworld@yah00.c0m.4u> wrote in message
news:45266551$0$8376$5a62ac22@per-qv1-newsreader-01.iinet.net.au...
> Hello people. It seems these days that there is just more crap (in a home
> environment) infecting peoples computers. Whether it be spyware, adware,
> Trojans or/and viruses its a pain in the arse to disinfect. Traditionally
> you go about patching systems , real time scanning, host editing and user
> education as a first line of defence. I have found that if you give a home
> customer a limited user account they will ring you every time they want to
> install something new. If you tell them to only log in as admin to install
> stuff they just end up using the admin account all the time. Then comes
> removing the infection. As every body know this can be time-consuming
> often taking longer than it would take to backup then format the system.
>
> What I was thinking (which is nothing new), is having two partitions on
> one hdd. Part 1 = windows Part 2= hidden. You have all the settings and
> individual data (psts, ie6 favourites, my documents) stored and accessed
> from part 2 . When the customer uses the computer it seems like a normal
> windows xp installation. When there is an infection you just re-image
> partition 1 ( in 1 step?) with the pre configured image. None of the
> settings will be lost because the xp installation will still look for
> settings and psts, ie6 favourites, my document on part 2 ? Does anyone
> know of any software that can help me do this???
>

[David H. Lipman]

From: "blah" <stfuhellworld@yah00.c0m.4u>

| Hello people. It seems these days that there is just more crap (in a home
| environment) infecting peoples computers. Whether it be spyware, adware,
| Trojans or/and viruses its a pain in the arse to disinfect. Traditionally
| you go about patching systems , real time scanning, host editing and user
| education as a first line of defence. I have found that if you give a home
| customer a limited user account they will ring you every time they want to
| install something new. If you tell them to only log in as admin to install
| stuff they just end up using the admin account all the time. Then comes
| removing the infection. As every body know this can be time-consuming often
| taking longer than it would take to backup then format the system.
|
| What I was thinking (which is nothing new), is having two partitions on one
| hdd. Part 1 = windows Part 2= hidden. You have all the settings and
| individual data (psts, ie6 favourites, my documents) stored and accessed
| from part 2 . When the customer uses the computer it seems like a normal
| windows xp installation. When there is an infection you just re-image
| partition 1 ( in 1 step?) with the pre configured image. None of the
| settings will be lost because the xp installation will still look for
| settings and psts, ie6 favourites, my document on part 2 ? Does anyone know
| of any software that can help me do this???
|

When it comes to malware, this is NOT a good scheme. The second partition data can/will be
affected by malware.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

[Moe Trin]

On Sat, 7 Oct 2006, in the Usenet newsgroup alt.computer.security, in article
<45266551$0$8376$5a62ac22@per-qv1-newsreader-01.iinet.net.au>, blah wrote:

>It seems these days that there is just more crap (in a home environment)
>infecting peoples computers. Whether it be spyware, adware, Trojans or/and
>viruses its a pain in the arse to disinfect.

Yes, it's amazing the crap that users install, and then blame the Mal-ware
Fairy for sneaking in during the night, waving the magic wand, and installing
viruses, spyware and the like.

>Traditionally you go about patching systems , real time scanning, host
>editing and user education as a first line of defence.

We've found that patching and user education is all that is needed. The
problem is nearly all users have no desire to learn anything and as a
result are at or beyond their skill level just trying to turn on the
computer.

>I have found that if you give a home customer a limited user account they
>will ring you every time they want to install something new.

Yes, they don't get the connection of "installing something" (that they
have absolutely no idea what it might be) and all that mal-ware.

>Then comes removing the infection. As every body know this can be
>time-consuming often taking longer than it would take to backup then
>format the system.

Yes, I miss the good old days of really destructive viruses that trashed
the hard disk, and having the _user_ have to find the floppies that had
the last good backup (yeah, right) or the original applications. Some
users actually learned after the fifth or sixth incident that blindly
installing crap might not be the best idea.

>What I was thinking (which is nothing new)

What, you thinking, or the concept below? ;-)

>is having two partitions on one hdd. Part 1 = windows Part 2= hidden.
>You have all the settings and individual data (psts, ie6 favourites, my
>documents) stored and accessed from part 2 .

How do you plan to keep the data from being corrupted when our hero
installs the latest malware de heure, yet still allow the user to save
my documents, or what-ever?

Old guy

[Stuart Miller]

"blah" <stfuhellworld@yah00.c0m.4u> wrote in message
news:45266551$0$8376$5a62ac22@per-qv1-newsreader-01.iinet.net.au...
> Hello people. It seems these days that there is just more crap (in a home
> environment) infecting peoples computers. Whether it be spyware, adware,
> Trojans or/and viruses its a pain in the arse to disinfect. Traditionally
> you go about patching systems , real time scanning, host editing and user
> education as a first line of defence. I have found that if you give a home
> customer a limited user account they will ring you every time they want to
> install something new. If you tell them to only log in as admin to install
> stuff they just end up using the admin account all the time. Then comes
> removing the infection. As every body know this can be time-consuming
> often taking longer than it would take to backup then format the system.
>
> What I was thinking (which is nothing new), is having two partitions on
> one hdd. Part 1 = windows Part 2= hidden. You have all the settings and
> individual data (psts, ie6 favourites, my documents) stored and accessed
> from part 2 . When the customer uses the computer it seems like a normal
> windows xp installation. When there is an infection you just re-image
> partition 1 ( in 1 step?) with the pre configured image. None of the
> settings will be lost because the xp installation will still look for
> settings and psts, ie6 favourites, my document on part 2 ? Does anyone
> know of any software that can help me do this???
>
You are looking for a technology solution to a human failing.
If a customer refuses to educate themselves, and decides on
convenience rather than security there is nothing you can do about it.
Perhaps just enjoy the extra work and income which the stupidity will
generate for you.

If they choose the convenience of web surfing with an admin account,
you can not protect them from their own stupidity. Same as leaving
a wallet or computer on the front seat of an unlocked car.

It's also about our warped notion of a bargain - we shop for cars by
'glitz' and low cost. It would only cost about $100 per car to make it
totally
theft proof, but the public does not place value on that.

The whole computer security problem will go away as soon as those
responsible for computer purchases insist on having security built in, and
the expense of 'neat features', instead of added on by extra costs programs
and patches.

Stuart

[colin.mckinnon@gmail.com]

blah wrote:
> Hello people. It seems these days that there is just more crap (in a home
> environment) infecting peoples computers.
<snip>
>
> What I was thinking (which is nothing new), is having two partitions on one
> hdd. Part 1 = windows Part 2= hidden.
<snip>

Unless you fundamentally change the way the content is stored there is
no advantage to doing this - that means either encrypting the backup or
writing it in such a way that the malware has great difficulty in
reading it.

AIR, Norton Ghost allows you to encrypt the backup and you can boot up
a slim Ghost environment from floppy disks.

The way I've done it before is to have Linux and the backup residing on
a Reiser or ext3 filesystem along side the backup and using 'dd' to
image the drive. Its not the most robust solution for recovery but it
gives great isolation at very low cost. If you set Linux as the
default, you can get it to restore in the middle of the night. I never
found an easy way of rebotting to Windowds afterwards though.

C.