Malware and a 'hidden' partition?

Discussion in 'NZ Computing' started by ~misfit~, Dec 30, 2009.

  1. ~misfit~

    ~misfit~ Guest

    Eeek! What a lot of posts! Seems like a couple people here could use RL
    friends.

    Anyway, yesterday and today I've been re-installing XP on the neighbours
    laptop AGAIN as the teenager girl to whom it belongs can't seem to use it
    for a day without getting infected. 74 infections this time. Both last month
    and this month I've just wiped it ("are my songs and stuff still there?"
    Ha!) and reinstalled.

    Last month I installed MS Security Essentials (previous to that I'd put AVG
    free on it). When I got it bak yesterday they'd put a trial version of
    Antivir that would point out infections but not remove them. It was
    literally impossible to do anything without a warning popping up.

    So I've reinstalled XP again, using a bunch of my bandwidth to update it...
    I've also installed MS-SE, AVG Free and Malwarebyte's Anti-Malware but I
    fear that it's all going to be pointless. (I could have done what I"ve tried
    before, pout th HDD in an external enclosure and scan it from a
    'sacrificial' computer, then repair XP but frankly I'm sick of this. I don't
    get paid, I get little gifts now and then, a tray of eggs the other week, a
    flower arrangement at Xmas...)

    So to the question: I've used Acronis to image the HDD and have set a 7GB
    partition after the OS partition and put the image file of the clean install
    there. (Then uninstalled Acronis. They didn't pay for it...) I've then
    removed the drive letter in computer management so that it doesn't show up
    and the only way to access it again in Windows is to assign it a letter
    again.

    What are the chances of it staying un-infected? I'm pretty sure that I'm
    going to get this machine back again in the not-too-distant-future and it
    would be nice to be able to boot from an Acronis CD and simply restore it.

    Thanks for any input. (I'm keeping a copy of the image myself anyway but I
    find that I have images of most people's computers that I've 'fixed up' and
    I don't even know which ones I need to keep anymore... (It's not like I'm
    going to invite 'work' by asking folks if they still own the computer in
    question.)

    Again, TIA...
    --
    Cheers,
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 30, 2009
    #1
    1. Advertising

  2. ~misfit~

    Simon Guest

    On Dec 30, 1:43 pm, "~misfit~" <>
    wrote:

    > Thanks for any input. (I'm keeping a copy of the image myself anyway but I
    > find that I have images of most people's computers that I've 'fixed up' and
    > I don't even know which ones I need to keep anymore... (It's not like I'm
    > going to invite 'work' by asking folks if they still own the computer in
    > question.)


    Given what you've outlined above, I'd say the chances are extremely
    high that she'll re-infect the machine.

    IMO there's not easy technical solution, aside from addressing the
    layer-8 cause. Are you able to work out what sites she's visiting
    regularly that are causing the infection? Or perhaps she's downloading
    software?

    From a personal perspective, I have been known to become ultra-
    paranoid and start using a VM to browse the net, reverting back to a
    saved image when closed. I don't know how useful or appropriate that
    would be in the current situation though.
    Simon, Dec 30, 2009
    #2
    1. Advertising

  3. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs Simon wrote:
    > On Dec 30, 1:43 pm, "~misfit~" <>
    > wrote:
    >
    >> Thanks for any input. (I'm keeping a copy of the image myself anyway
    >> but I find that I have images of most people's computers that I've
    >> 'fixed up' and I don't even know which ones I need to keep
    >> anymore... (It's not like I'm going to invite 'work' by asking folks
    >> if they still own the computer in question.)

    >
    > Given what you've outlined above, I'd say the chances are extremely
    > high that she'll re-infect the machine.


    Yeah, I agree. Even with AVG's 'linkscanner' (that I usually disable on my
    own machines) I think she'll reinfect it. Hell, it only took three weeks to
    go from pristine to unusable last time.

    When I took it back today her father put his hand in his pocket and asked
    what he owed. I told him nothing this time (I'm on an invalid's benefit
    anyway) but if it happens again it'll cost, not him but his daughter. He
    said thanks muchly and that she doesn't have a source of money other than
    him anyway (she's at school).

    > IMO there's not easy technical solution, aside from addressing the
    > layer-8 cause. Are you able to work out what sites she's visiting
    > regularly that are causing the infection? Or perhaps she's downloading
    > software?


    I couldn't tell. It was unusable with the trail of Antivir throwing up
    warning windows on top of warning wondows every time I moved the mouse.

    > From a personal perspective, I have been known to become ultra-
    > paranoid and start using a VM to browse the net, reverting back to a
    > saved image when closed. I don't know how useful or appropriate that
    > would be in the current situation though.


    Not very really. Hopefully the image on the 'hidden' partition stays clean
    and I'll just give them an Acronis boot CD if I get asked again and tell
    them how to do it.
    --
    Cheers,
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 30, 2009
    #3
  4. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs whoisthis wrote:
    > In article <hhe7ng$lbl$-september.org>,
    > "~misfit~" <> wrote:

    [snip]
    >> What are the chances of it staying un-infected? I'm pretty sure that
    >> I'm going to get this machine back again in the
    >> not-too-distant-future and it would be nice to be able to boot from
    >> an Acronis CD and simply restore it.
    >>
    >> Thanks for any input. (I'm keeping a copy of the image myself anyway
    >> but I find that I have images of most people's computers that I've
    >> 'fixed up' and I don't even know which ones I need to keep
    >> anymore... (It's not like I'm going to invite 'work' by asking folks
    >> if they still own the computer in question.)
    >>
    >> Again, TIA...

    >
    > What about setting the DNS to OpenDNS or some such so that the malware
    > sites will simply be harder to get to...


    Honestly, that's above my pay-grade. (Read: I'm not that smart. <g>) I'm
    hoping that AVG linkscanner will shut her down from bad sites. I didn't
    install it last time, just MS-SE.

    > Does she have Admin rights...?


    Yeah. That was a mistake, I know. I didn't think about it until after
    dropping it off. I just naturally install XP like that on my own machines. I
    suppose that if it comes back soon I can restore and change that? It's
    something I've never tried. Would it make much difference do you think? I
    might go and change it anyway if you think it would. However, wouldn't that
    stop her installing stuff on her own machine?
    --
    Cheers,
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 30, 2009
    #4
  5. ~misfit~

    peterwn Guest

    On Dec 30, 1:43 pm, "~misfit~" <>
    wrote:

    >
    > So to the question: I've used Acronis to image the HDD and have set a 7GB
    > partition after the OS partition and put the image file of the clean install
    > there. (Then uninstalled Acronis. They didn't pay for it...) I've then
    > removed the drive letter in computer management so that it doesn't show up
    > and the only way to access it again in Windows is to assign it a letter
    > again.
    >
    > What are the chances of it staying un-infected?


    Dunno, but there is a way to keep it uninfected. Use partimage on the
    System Rescue CD to save and restore the Windows partition. Format
    the 7GB partition as a Linux ext3 partition. Windows will leave it
    alone (unless special drivers are installed).
    peterwn, Dec 30, 2009
    #5
  6. In article <hhe7ng$lbl$-september.org>,
    says...
    > So I've reinstalled XP again, using a bunch of my bandwidth to update it...
    > I've also installed MS-SE, AVG Free and Malwarebyte's Anti-Malware but I
    > fear that it's all going to be pointless. (I could have done what I"ve tried
    > before, pout th HDD in an external enclosure and scan it from a
    > 'sacrificial' computer, then repair XP but frankly I'm sick of this. I don't
    > get paid, I get little gifts now and then, a tray of eggs the other week, a
    > flower arrangement at Xmas...)


    Hey Shaun, I am currently running the combo of avast! on access scanner
    and Sunbelt/Kerio firewall, and that makes for one tough security combo.

    Nothing gets installed without my giving approval explicitly, and at
    times even that is not enough .... I actually had to turn both firewall
    and avast! off in order to get a certain game to patch correctly earlier
    this month, the patch simply could not get access to registry nor touch
    services ;-)

    Of course, who knows what that kid does when nobody is watching. If she
    opens any attachment her mates send her and downloads malware executable
    files and runs them and god knows what -- I'm sure you know the old
    chestnut about making things 'foolproof'. There's so much social
    engineering going on that I can just see a 14 year old girl falling for.

    Anyway, wishing you a happy new year and all that ;) -P.
    Peter Huebner, Dec 30, 2009
    #6
  7. ~misfit~

    Mary Hanna Guest

    On Thu, 31 Dec 2009 01:04:07 +1300, Peter Huebner <> wrote:

    >In article <hhe7ng$lbl$-september.org>,
    > says...
    >> So I've reinstalled XP again, using a bunch of my bandwidth to update it...
    >> I've also installed MS-SE, AVG Free and Malwarebyte's Anti-Malware but I
    >> fear that it's all going to be pointless. (I could have done what I"ve tried
    >> before, pout th HDD in an external enclosure and scan it from a
    >> 'sacrificial' computer, then repair XP but frankly I'm sick of this. I don't
    >> get paid, I get little gifts now and then, a tray of eggs the other week, a
    >> flower arrangement at Xmas...)

    >
    >Hey Shaun, I am currently running the combo of avast! on access scanner
    >and Sunbelt/Kerio firewall, and that makes for one tough security combo.
    >
    >Nothing gets installed without my giving approval explicitly, and at
    >times even that is not enough .... I actually had to turn both firewall
    >and avast! off in order to get a certain game to patch correctly earlier
    >this month, the patch simply could not get access to registry nor touch
    >services ;-)
    >
    >Of course, who knows what that kid does when nobody is watching. If she
    >opens any attachment her mates send her and downloads malware executable
    >files and runs them and god knows what -- I'm sure you know the old
    >chestnut about making things 'foolproof'. There's so much social
    >engineering going on that I can just see a 14 year old girl falling for.
    >
    >Anyway, wishing you a happy new year and all that ;) -P.




    No one in his right mind would trust in AVG Free and Malwarebyte's
    Anti-Malware..
    Mary Hanna, Dec 30, 2009
    #7
  8. ~misfit~

    bugalugs Guest

    Mary Hanna wrote:
    > On Thu, 31 Dec 2009 01:04:07 +1300, Peter Huebner <> wrote:
    >
    >> In article <hhe7ng$lbl$-september.org>,
    >> says...
    >>> So I've reinstalled XP again, using a bunch of my bandwidth to update it...
    >>> I've also installed MS-SE, AVG Free and Malwarebyte's Anti-Malware but I
    >>> fear that it's all going to be pointless. (I could have done what I"ve tried
    >>> before, pout th HDD in an external enclosure and scan it from a
    >>> 'sacrificial' computer, then repair XP but frankly I'm sick of this. I don't
    >>> get paid, I get little gifts now and then, a tray of eggs the other week, a
    >>> flower arrangement at Xmas...)

    >> Hey Shaun, I am currently running the combo of avast! on access scanner
    >> and Sunbelt/Kerio firewall, and that makes for one tough security combo.
    >>
    >> Nothing gets installed without my giving approval explicitly, and at
    >> times even that is not enough .... I actually had to turn both firewall
    >> and avast! off in order to get a certain game to patch correctly earlier
    >> this month, the patch simply could not get access to registry nor touch
    >> services ;-)
    >>
    >> Of course, who knows what that kid does when nobody is watching. If she
    >> opens any attachment her mates send her and downloads malware executable
    >> files and runs them and god knows what -- I'm sure you know the old
    >> chestnut about making things 'foolproof'. There's so much social
    >> engineering going on that I can just see a 14 year old girl falling for.
    >>
    >> Anyway, wishing you a happy new year and all that ;) -P.

    >
    >
    >
    > No one in his right mind would trust in AVG Free and Malwarebyte's
    > Anti-Malware..
    >


    And why would that be ??
    bugalugs, Dec 31, 2009
    #8
  9. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs peterwn wrote:
    > On Dec 30, 1:43 pm, "~misfit~" <>
    > wrote:
    >
    >>
    >> So to the question: I've used Acronis to image the HDD and have set
    >> a 7GB partition after the OS partition and put the image file of the
    >> clean install there. (Then uninstalled Acronis. They didn't pay for
    >> it...) I've then removed the drive letter in computer management so
    >> that it doesn't show up and the only way to access it again in
    >> Windows is to assign it a letter again.
    >>
    >> What are the chances of it staying un-infected?

    >
    > Dunno, but there is a way to keep it uninfected. Use partimage on the
    > System Rescue CD to save and restore the Windows partition. Format
    > the 7GB partition as a Linux ext3 partition. Windows will leave it
    > alone (unless special drivers are installed).


    Interesting, thanks Peter.
    --
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 31, 2009
    #9
  10. ~misfit~

    Nighthawk Guest

    On Wed, 30 Dec 2009 13:43:24 +1300, "~misfit~"
    <> wrote:

    >Eeek! What a lot of posts! Seems like a couple people here could use RL
    >friends.
    >
    >Anyway, yesterday and today I've been re-installing XP on the neighbours
    >laptop AGAIN as the teenager girl to whom it belongs can't seem to use it
    >for a day without getting infected. 74 infections this time. Both last month
    >and this month I've just wiped it ("are my songs and stuff still there?"
    >Ha!) and reinstalled.
    >
    >Last month I installed MS Security Essentials (previous to that I'd put AVG
    >free on it). When I got it bak yesterday they'd put a trial version of
    >Antivir that would point out infections but not remove them. It was
    >literally impossible to do anything without a warning popping up.
    >
    >So I've reinstalled XP again, using a bunch of my bandwidth to update it...
    >I've also installed MS-SE, AVG Free and Malwarebyte's Anti-Malware but I
    >fear that it's all going to be pointless. (I could have done what I"ve tried
    >before, pout th HDD in an external enclosure and scan it from a
    >'sacrificial' computer, then repair XP but frankly I'm sick of this. I don't
    >get paid, I get little gifts now and then, a tray of eggs the other week, a
    >flower arrangement at Xmas...)
    >
    >So to the question: I've used Acronis to image the HDD and have set a 7GB
    >partition after the OS partition and put the image file of the clean install
    >there. (Then uninstalled Acronis. They didn't pay for it...) I've then
    >removed the drive letter in computer management so that it doesn't show up
    >and the only way to access it again in Windows is to assign it a letter
    >again.
    >
    >What are the chances of it staying un-infected? I'm pretty sure that I'm
    >going to get this machine back again in the not-too-distant-future and it
    >would be nice to be able to boot from an Acronis CD and simply restore it.
    >
    >Thanks for any input. (I'm keeping a copy of the image myself anyway but I
    >find that I have images of most people's computers that I've 'fixed up' and
    >I don't even know which ones I need to keep anymore... (It's not like I'm
    >going to invite 'work' by asking folks if they still own the computer in
    >question.)
    >
    >Again, TIA...


    I have an older version of Acronis True Image here. In it, under
    Tools, there is Manage True Image Secure Zone, which creates a
    partition which only True Image can access. No other programme can
    access this partition except True Image. True Image can put all
    backups in that partition which can be accessed (and created) by the
    bootable version of True Image.

    http://www.acronis.com/resource/solutions/backup/2005/secure-zone.html
    Nighthawk, Dec 31, 2009
    #10
  11. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs Peter Huebner wrote:
    > In article <hhe7ng$lbl$-september.org>,
    > says...
    >> So I've reinstalled XP again, using a bunch of my bandwidth to
    >> update it... I've also installed MS-SE, AVG Free and Malwarebyte's
    >> Anti-Malware but I fear that it's all going to be pointless. (I
    >> could have done what I"ve tried before, pout th HDD in an external
    >> enclosure and scan it from a 'sacrificial' computer, then repair XP
    >> but frankly I'm sick of this. I don't get paid, I get little gifts
    >> now and then, a tray of eggs the other week, a flower arrangement at
    >> Xmas...)

    >
    > Hey Shaun, I am currently running the combo of avast! on access
    > scanner and Sunbelt/Kerio firewall, and that makes for one tough
    > security combo.
    >
    > Nothing gets installed without my giving approval explicitly, and at
    > times even that is not enough .... I actually had to turn both
    > firewall and avast! off in order to get a certain game to patch
    > correctly earlier this month, the patch simply could not get access
    > to registry nor touch services ;-)
    >
    > Of course, who knows what that kid does when nobody is watching. If
    > she opens any attachment her mates send her and downloads malware
    > executable files and runs them and god knows what -- I'm sure you
    > know the old chestnut about making things 'foolproof'. There's so
    > much social engineering going on that I can just see a 14 year old
    > girl falling for.


    Exactly. And there's no way I'm going to (attempt to) teach her how to use
    teh intarwebs. I've already tried giving her guidelines but I see her eyes
    glaze over pretty quickly. If her parents weren't such good neighbours....

    > Anyway, wishing you a happy new year and all that ;) -P.


    Thank you Peter, the same to you mate. :)
    --
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 31, 2009
    #11
  12. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs Collector_NZ wrote:
    > ~misfit~ wrote:
    >> Somewhere on teh intarwebs whoisthis wrote:
    >>> In article <hhe7ng$lbl$-september.org>,
    >>> "~misfit~" <> wrote:

    >> [snip]
    >>>> What are the chances of it staying un-infected? I'm pretty sure
    >>>> that I'm going to get this machine back again in the
    >>>> not-too-distant-future and it would be nice to be able to boot from
    >>>> an Acronis CD and simply restore it.
    >>>>
    >>>> Thanks for any input. (I'm keeping a copy of the image myself
    >>>> anyway but I find that I have images of most people's computers
    >>>> that I've 'fixed up' and I don't even know which ones I need to
    >>>> keep anymore... (It's not like I'm going to invite 'work' by
    >>>> asking folks if they still own the computer in question.)
    >>>>
    >>>> Again, TIA...
    >>> What about setting the DNS to OpenDNS or some such so that the
    >>> malware sites will simply be harder to get to...

    >>
    >> Honestly, that's above my pay-grade. (Read: I'm not that smart. <g>)
    >> I'm hoping that AVG linkscanner will shut her down from bad sites. I
    >> didn't install it last time, just MS-SE.
    >>
    >>> Does she have Admin rights...?

    >>
    >> Yeah. That was a mistake, I know. I didn't think about it until after
    >> dropping it off. I just naturally install XP like that on my own
    >> machines. I suppose that if it comes back soon I can restore and
    >> change that? It's something I've never tried. Would it make much
    >> difference do you think? I might go and change it anyway if you
    >> think it would. However, wouldn't that stop her installing stuff on
    >> her own machine?

    >
    >
    > Yep all software that has to change system settings but not
    > everything. Should stop registry invasions though.
    >
    > As to not installing on her own machine tough titties, I would already
    > have given her the boxes and said pack it up and return it your too
    > stupid to own a computer


    Yeah... I know. However her parents are excellent neighbours and having good
    neighbours is very valuable in an area like this one.
    --
    Cheers, and Happy New Year.
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 31, 2009
    #12
  13. ~misfit~

    Nighthawk Guest

    On Thu, 31 Dec 2009 13:50:52 +1300, Nighthawk <>
    wrote:

    >On Wed, 30 Dec 2009 13:43:24 +1300, "~misfit~"
    ><> wrote:
    >
    >>Eeek! What a lot of posts! Seems like a couple people here could use RL
    >>friends.
    >>
    >>Anyway, yesterday and today I've been re-installing XP on the neighbours
    >>laptop AGAIN as the teenager girl to whom it belongs can't seem to use it
    >>for a day without getting infected. 74 infections this time. Both last month
    >>and this month I've just wiped it ("are my songs and stuff still there?"
    >>Ha!) and reinstalled.
    >>
    >>Last month I installed MS Security Essentials (previous to that I'd put AVG
    >>free on it). When I got it bak yesterday they'd put a trial version of
    >>Antivir that would point out infections but not remove them. It was
    >>literally impossible to do anything without a warning popping up.
    >>
    >>So I've reinstalled XP again, using a bunch of my bandwidth to update it...
    >>I've also installed MS-SE, AVG Free and Malwarebyte's Anti-Malware but I
    >>fear that it's all going to be pointless. (I could have done what I"ve tried
    >>before, pout th HDD in an external enclosure and scan it from a
    >>'sacrificial' computer, then repair XP but frankly I'm sick of this. I don't
    >>get paid, I get little gifts now and then, a tray of eggs the other week, a
    >>flower arrangement at Xmas...)
    >>
    >>So to the question: I've used Acronis to image the HDD and have set a 7GB
    >>partition after the OS partition and put the image file of the clean install
    >>there. (Then uninstalled Acronis. They didn't pay for it...) I've then
    >>removed the drive letter in computer management so that it doesn't show up
    >>and the only way to access it again in Windows is to assign it a letter
    >>again.
    >>
    >>What are the chances of it staying un-infected? I'm pretty sure that I'm
    >>going to get this machine back again in the not-too-distant-future and it
    >>would be nice to be able to boot from an Acronis CD and simply restore it.
    >>
    >>Thanks for any input. (I'm keeping a copy of the image myself anyway but I
    >>find that I have images of most people's computers that I've 'fixed up' and
    >>I don't even know which ones I need to keep anymore... (It's not like I'm
    >>going to invite 'work' by asking folks if they still own the computer in
    >>question.)
    >>
    >>Again, TIA...

    >
    >I have an older version of Acronis True Image here. In it, under
    >Tools, there is Manage True Image Secure Zone, which creates a
    >partition which only True Image can access. No other programme can
    >access this partition except True Image. True Image can put all
    >backups in that partition which can be accessed (and created) by the
    >bootable version of True Image.
    >
    >http://www.acronis.com/resource/solutions/backup/2005/secure-zone.html

    also http://www.acronis.com/homecomputing/products/trueimage/tour/5/
    Nighthawk, Dec 31, 2009
    #13
  14. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs Nighthawk wrote:
    > On Thu, 31 Dec 2009 13:50:52 +1300, Nighthawk <>
    > wrote:

    [snip]
    >> I have an older version of Acronis True Image here. In it, under
    >> Tools, there is Manage True Image Secure Zone, which creates a
    >> partition which only True Image can access. No other programme can
    >> access this partition except True Image. True Image can put all
    >> backups in that partition which can be accessed (and created) by the
    >> bootable version of True Image.
    >>
    >> http://www.acronis.com/resource/solutions/backup/2005/secure-zone.html

    > also http://www.acronis.com/homecomputing/products/trueimage/tour/5/


    Thanks Nighthawk. I know about that as I use Acronis T.I myself. However,
    two things. a) They're barely computer literate and I'd rather not have to
    tutor people who frankly aren't interested. (They just want it to work, like
    a TV or stereo.) b) I'm pretty sure they wouldn't stump up with the price of
    Acronis (well, they might if I told them that it was essential, which takes
    us back to a).

    While I'm not as pure as the driven snow myself when it comes to only using
    software that I've paid for (being on an invalid's benefit will do that to
    you. It truthfully makes me feel bad if/when I 'pirate' software that I
    think is worth the money [some stuff is outrageously priced but other
    stuff...]). I feel that 'pirating' (I hate that term) something, usually an
    older unsupported version for myself is one thing but to distribute it is
    another thing entirely. Actually I got this old version of Acronis when they
    did a one-day giveaway a while back, hoping that folks would love it and
    upgrade to the latest version.

    I put T.I on that thing (incidently an Alienware M5500 Area51, quite good in
    it's time, it cost them over $5K, bought it for her as a reward for passing
    exams a few years back) only long enough to image the drive, then
    uninstalled it. Actually, in retrospect I think that I may have been able to
    image it from the bootable CD without even having to install it.

    Anyway, with cheap storage and my USB / SATA docks and 2.5TB of drive space
    (about 1TB free) left over from when I was a desktop man it's not a huge
    deal to keep the image and a folder with the laptop-specific drivers that
    took me an age to find in the first instance.

    Still, it'd be nice to know if that partition is essentially untouchable.
    That way I could just 'lend' them an Acronis boot CD and show them how to
    restore it themselves (kinda like a Compaq, Lenovo or HP except the image
    they have is updated to last week. LOL, an XP sp3 install disk wouldn't work
    with their COA number so I had to use an sp2 disk. Even after applying sp3,
    ..NET 3.5 and IE8 from my files Windows update found 118 patches. Wow! That
    and the Alienware drivers cost me a fortune in bandwidth, hence the image).

    Actually, to be honest I don't know if I'll see it again. The father is a
    really nice guy (kept trying to pay me this last time even though I refused)
    but told me that if she can't learn to 'keep it clean' he'll put the fucking
    hammer through it (his words).

    I hope that I haven't put him off asking me again to be honest. Now I have
    it imaged it's only 20 minutes work to restore it. He was just a bit freaked
    when I told him that I spent somewhere between eight and 10 hours on the
    thing the first time. They have no restore / Windows media and, as it was
    about the last Alienware machine that was produced before Dell bought the
    brand, drivers are a real bitch to find. In fact it took several attempts to
    find the right one for some devices. The later machines that are essentially
    tarted-up Dells are well supported.

    Anyway, this Lindauer is bloody good. We don't know how lucky we are. ;-)
    (I'm normally a red wine / scotch whisky man but I get evil hangovers and
    I'm hoping that white wine, with one dram of Single Malt at midnight will
    leave me at least partly functional tomorrow.

    Cheers mate, all the best for 2010.
    --
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 31, 2009
    #14
  15. ~misfit~

    Nighthawk Guest

    On Thu, 31 Dec 2009 21:52:54 +1300, "~misfit~"
    <> wrote:

    >Anyway, this Lindauer is bloody good. We don't know how lucky we are. ;-)
    >(I'm normally a red wine / scotch whisky man but I get evil hangovers and
    >I'm hoping that white wine, with one dram of Single Malt at midnight will
    >leave me at least partly functional tomorrow.
    >
    >Cheers mate, all the best for 2010.


    I'm normally a red wine man, quite happy with cheap Shiraz reds,
    preferably Banrock Station, but I like the Lindauer Special Reserve
    Curvee Riche. Their sparkling Sav Blanc is good in the cheaper price
    range too.

    Cheersh to you too, all the best for '10!
    Nighthawk, Dec 31, 2009
    #15
  16. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs whoisthis wrote:
    > In article <hhgskb$kop$-september.org>,
    > "~misfit~" <> wrote:
    >
    >> Somewhere on teh intarwebs Peter Huebner wrote:
    >>> In article <hhe7ng$lbl$-september.org>,
    >>> says...
    >>>> So I've reinstalled XP again, using a bunch of my bandwidth to
    >>>> update it... I've also installed MS-SE, AVG Free and Malwarebyte's
    >>>> Anti-Malware but I fear that it's all going to be pointless. (I
    >>>> could have done what I"ve tried before, pout th HDD in an external
    >>>> enclosure and scan it from a 'sacrificial' computer, then repair XP
    >>>> but frankly I'm sick of this. I don't get paid, I get little gifts
    >>>> now and then, a tray of eggs the other week, a flower arrangement
    >>>> at Xmas...)
    >>>
    >>> Hey Shaun, I am currently running the combo of avast! on access
    >>> scanner and Sunbelt/Kerio firewall, and that makes for one tough
    >>> security combo.
    >>>
    >>> Nothing gets installed without my giving approval explicitly, and at
    >>> times even that is not enough .... I actually had to turn both
    >>> firewall and avast! off in order to get a certain game to patch
    >>> correctly earlier this month, the patch simply could not get access
    >>> to registry nor touch services ;-)
    >>>
    >>> Of course, who knows what that kid does when nobody is watching. If
    >>> she opens any attachment her mates send her and downloads malware
    >>> executable files and runs them and god knows what -- I'm sure you
    >>> know the old chestnut about making things 'foolproof'. There's so
    >>> much social engineering going on that I can just see a 14 year old
    >>> girl falling for.

    >>
    >> Exactly. And there's no way I'm going to (attempt to) teach her how
    >> to use teh intarwebs. I've already tried giving her guidelines but I
    >> see her eyes glaze over pretty quickly. If her parents weren't such
    >> good neighbours....
    >>
    >>> Anyway, wishing you a happy new year and all that ;) -P.

    >>
    >> Thank you Peter, the same to you mate. :)

    >
    > Yep, I have the same problem with the sister-in-law.... my solution is
    > to give them an old eMac for doing all the crap on the web, it has
    > thus proved to be an easy solution and has cut down my support time
    > by about 100%.... they still have the PC for games etc but the
    > internet no longer seems to work on it... that last virus must have
    > killed it...Oh no, woe is me...lol.


    If only I had that much control. This is neighbour helping neighbour. I
    can't tell them what to do (especially in this neighbourhood), I'm just
    trying to make it as easy on myself as possible
    --
    Cheers,
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 31, 2009
    #16
  17. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs Nighthawk wrote:
    > On Thu, 31 Dec 2009 21:52:54 +1300, "~misfit~"
    > <> wrote:
    >
    >> Anyway, this Lindauer is bloody good. We don't know how lucky we
    >> are. ;-) (I'm normally a red wine / scotch whisky man but I get evil
    >> hangovers and I'm hoping that white wine, with one dram of Single
    >> Malt at midnight will leave me at least partly functional tomorrow.
    >>
    >> Cheers mate, all the best for 2010.

    >
    > I'm normally a red wine man, quite happy with cheap Shiraz reds,
    > preferably Banrock Station,


    Shit mate, I'm an Aussie big Shiraz man too most of the time. (It makes my
    head hurt.)

    > but I like the Lindauer Special Reserve
    > Curvee Riche. Their sparkling Sav Blanc is good in the cheaper price
    > range too.


    I seriously find it hard to understand how they can sell their bottle
    fermanted wines as cheaply as they do. It's a freakin' mystery.

    > Cheersh to you too, all the best for '10!


    Thanks. 3:23am and probably time I switched offf the PC and went to bed.
    --
    Cheers,
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Dec 31, 2009
    #17
  18. ~misfit~

    Squiggle Guest

    ~misfit~ threw some characters down the intarwebs:
    > Eeek! What a lot of posts! Seems like a couple people here could use RL
    > friends.
    >
    > Anyway, yesterday and today I've been re-installing XP on the neighbours
    > laptop AGAIN as the teenager girl to whom it belongs can't seem to use it
    > for a day without getting infected. 74 infections this time. Both last month
    > and this month I've just wiped it ("are my songs and stuff still there?"
    > Ha!) and reinstalled.
    >
    > Last month I installed MS Security Essentials (previous to that I'd put AVG
    > free on it). When I got it bak yesterday they'd put a trial version of
    > Antivir that would point out infections but not remove them. It was
    > literally impossible to do anything without a warning popping up.
    >
    > So I've reinstalled XP again, using a bunch of my bandwidth to update it...
    > I've also installed MS-SE, AVG Free and Malwarebyte's Anti-Malware but I
    > fear that it's all going to be pointless. (I could have done what I"ve tried
    > before, pout th HDD in an external enclosure and scan it from a
    > 'sacrificial' computer, then repair XP but frankly I'm sick of this. I don't
    > get paid, I get little gifts now and then, a tray of eggs the other week, a
    > flower arrangement at Xmas...)
    >
    > So to the question: I've used Acronis to image the HDD and have set a 7GB
    > partition after the OS partition and put the image file of the clean install
    > there. (Then uninstalled Acronis. They didn't pay for it...) I've then
    > removed the drive letter in computer management so that it doesn't show up
    > and the only way to access it again in Windows is to assign it a letter
    > again.
    >
    > What are the chances of it staying un-infected? I'm pretty sure that I'm
    > going to get this machine back again in the not-too-distant-future and it
    > would be nice to be able to boot from an Acronis CD and simply restore it.
    >
    > Thanks for any input. (I'm keeping a copy of the image myself anyway but I
    > find that I have images of most people's computers that I've 'fixed up' and
    > I don't even know which ones I need to keep anymore... (It's not like I'm
    > going to invite 'work' by asking folks if they still own the computer in
    > question.)
    >
    > Again, TIA...
    >

    Is she doing anything that particularly requires windows?

    Could she get along with a linux distro?
    If its typical teenage girl stuff, shes doing a bit of web browsing
    (facebook/youtube etc.),
    the occasional school project in an office package, listening
    to/downloading music and videos,
    and some sort of instant messaging client (AIM/MSN etc.)

    All of that can be done in Ubuntu, and will solve 100% of the malware
    issues.
    The only thing that would be a problem would be any games, and if she is
    using
    something in windows that has no suitable alternative in linux.


    Installing Ubuntu is a painless process these days, and most common
    hardware is supported.
    Return PC with ubuntu installed, and her windows media, then tell her if
    she wants windows back
    she can google how to reinstall it :)
    Squiggle, Dec 31, 2009
    #18
  19. ~misfit~

    ~misfit~ Guest

    Somewhere on teh intarwebs Squiggle wrote:
    > ~misfit~ threw some characters down the intarwebs:
    >> Eeek! What a lot of posts! Seems like a couple people here could use
    >> RL friends.
    >>
    >> Anyway, yesterday and today I've been re-installing XP on the
    >> neighbours laptop AGAIN as the teenager girl to whom it belongs
    >> can't seem to use it for a day without getting infected. 74
    >> infections this time. Both last month and this month I've just wiped
    >> it ("are my songs and stuff still there?" Ha!) and reinstalled.
    >>
    >> Last month I installed MS Security Essentials (previous to that I'd
    >> put AVG free on it). When I got it bak yesterday they'd put a trial
    >> version of Antivir that would point out infections but not remove
    >> them. It was literally impossible to do anything without a warning
    >> popping up. So I've reinstalled XP again, using a bunch of my bandwidth
    >> to
    >> update it... I've also installed MS-SE, AVG Free and Malwarebyte's
    >> Anti-Malware but I fear that it's all going to be pointless. (I
    >> could have done what I"ve tried before, pout th HDD in an external
    >> enclosure and scan it from a 'sacrificial' computer, then repair XP
    >> but frankly I'm sick of this. I don't get paid, I get little gifts
    >> now and then, a tray of eggs the other week, a flower arrangement at
    >> Xmas...) So to the question: I've used Acronis to image the HDD and have
    >> set
    >> a 7GB partition after the OS partition and put the image file of the
    >> clean install there. (Then uninstalled Acronis. They didn't pay for
    >> it...) I've then removed the drive letter in computer management so
    >> that it doesn't show up and the only way to access it again in
    >> Windows is to assign it a letter again.
    >>
    >> What are the chances of it staying un-infected? I'm pretty sure that
    >> I'm going to get this machine back again in the
    >> not-too-distant-future and it would be nice to be able to boot from
    >> an Acronis CD and simply restore it. Thanks for any input. (I'm keeping a
    >> copy of the image myself anyway
    >> but I find that I have images of most people's computers that I've
    >> 'fixed up' and I don't even know which ones I need to keep
    >> anymore... (It's not like I'm going to invite 'work' by asking folks
    >> if they still own the computer in question.)
    >>
    >> Again, TIA...
    >>

    > Is she doing anything that particularly requires windows?
    >
    > Could she get along with a linux distro?
    > If its typical teenage girl stuff, shes doing a bit of web browsing
    > (facebook/youtube etc.),
    > the occasional school project in an office package, listening
    > to/downloading music and videos,
    > and some sort of instant messaging client (AIM/MSN etc.)
    >
    > All of that can be done in Ubuntu, and will solve 100% of the malware
    > issues.
    > The only thing that would be a problem would be any games, and if she
    > is using
    > something in windows that has no suitable alternative in linux.
    >
    >
    > Installing Ubuntu is a painless process these days, and most common
    > hardware is supported.
    > Return PC with ubuntu installed, and her windows media, then tell her
    > if she wants windows back
    > she can google how to reinstall it :)


    Heh! A novel (but not unexpeced) approach. I know Jack about Linux myself
    and am not really sure what she uses the computer for. It's an Alienware
    with dual graphics switchable with a front-mounted switch. It either has
    Intel integrated graphics or an upgradeable graphics card. Hers is a nVidia
    Go6600 I believe. Safe to assume that she plays a few games.

    Oh, they don't have any reinstall media, said that none came with it. It had
    a restore partition originally but, when I replaced the seriously dead HDD a
    while ago I saw that it had already been replaced and asked. It had been
    done under warranty (which is now run out). It was an IDE 7200rpm Seagate as
    per the original spec but as two had already failed I replaced it with a
    5400rpm drive, hoping that it'll last longer.

    Oh, my point... When I got it with the dying drive it really was dying.
    Windows wouldn't boot normally but would into safe mode and I managed to do
    a checkdisk but it was finding bad sectors everywhere and didn't complete. I
    tried copying off the restore partition (with the HDD in a USB enclosure)
    but to no avail.
    --
    Cheers,
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
    ~misfit~, Jan 1, 2010
    #19
  20. I've been using SystemRescueCD, but I've recently had a scare with it
    that I haven't resolved yet - either that or something else I've done
    recently has re-enabled Windows AutoPlay (on XP SP3 with a presumed
    authentic and relevant disable-AutoPlay patch), which should not have
    happened. I was doing some unusual things... Also I'm at a computer
    that has Malwarebytes, which I don't at home, and it isn't letting me
    visit SRCD's web site.

    Leaving that aside - other Linux distributions are available - my
    preference is to put Windows XP onto a 15 gigabytes partition plus
    space for a hibernation file but NOT page file which is 4000 megabytes
    on the /next/ partition because it might as well be, /disable/
    hibernation, and use "partimage" to back up XP into around 650 MB
    split archive files - and put those files onto CD or DVD. I reckon 15
    gigabytes compressed is about one DVD full, and /that's/ where I store
    this recovery snapshot. Could take an hour or three to create.

    Vista, now... do you have Blu-ray? ;-)

    Restoring the machine normally from there should just be a matter of
    using the same tools to restore only the MBR and the 15 gigabytes XP
    partition, and you could just about train a teenager to perform the
    backup or the restore exercise ;-)

    I assume that the viruses come with bootlegged software, or music, or
    videos... or AutoPlay devices...

    I also haven't managed to make SystemRescueCD work from a USB stick
    although it can be done, but it also has a mode that copies its CD
    into RAM and allows you to use the optical drive for backup or restore
    - at its boot prompt you type "rescuecd docache" quickly before it
    goes ahead without you. Several other Linux CDs have a copy-Linux-to--
    USB-stick option. So does SRCD but it didn't work for me... partly,
    I've found, because I tried it several times on a USB device that
    actually won't boot. And partly just because computers hate me. They
    hate me because they fear me.
    Robert Carnegie: Fnord: cc talk-origins@moderators, Jan 1, 2010
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Chris the unwise

    Compaq hidden partition

    Chris the unwise, Nov 2, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    885
  2. Chris the unwise

    Compaq hidden partition

    Chris the unwise, Nov 2, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    443
    Jim Berwick
    Nov 2, 2004
  3. Imhotep
    Replies:
    27
    Views:
    848
    Jim Watt
    Sep 6, 2005
  4. Beck

    how to access hidden partition?

    Beck, Apr 25, 2006, in forum: Computer Support
    Replies:
    7
    Views:
    7,619
    pig500
    Jul 30, 2008
  5. Boppy
    Replies:
    10
    Views:
    1,083
    Sweetpea
    Jan 23, 2010
Loading...

Share This Page