An Important Step Further

Hi,
I have just been reading through the Malware removal guide and in particular the "Read Me" in which it quite properly states that malware removal may not be 100% effective and also may have adverse affects on the system. It is therefore advised that data is backed up before clean up is commenced.
I would suggest a slightly different approach and one which is going to be effective in ridding the system of all infections and that is the use of disk imaging. If you keep a disk image of your system when it was clean stored on an external hard drive or second PC then in case of problems that image can be easily and quickly put on to restore the PC to it's former clean state.
The trick is to ensure that the image is clean and that it is recent. In my case I did a clean install of Windows 7 and added my programs by running executables from legal and trusted sources (these exe files were stored on the external) and the only web page I visited was Windows updates and I also allowed updates to my security programs. When I had configured everything just as I wanted I then made Image number one with the free program Macrium Reflect (there are others).
My system is about 22Gb and Macrium makes a compressed image of about 11Gb which I store on an external drive but could be on a second PC or even a flash stick. You cannot store it on the partition you are imaging as that partition will be reformatted at restore. Of course if you have more than one partition on your PC drive then you could store it there but I feel happier with it in a totally independent location.
The second trick is to ensure that you always have a very recent image to fall back on. What I do, after I have made image no 1, is to use the PC as I wish but any changes I make are noted on a notepad stored on the external. I also keep any executables for programs I may add. After a week I put image no 1 on, bring it up to date regarding updates to Windows and my programs, follow my notes to make the changes I have made that week and then make another clean image , in this case image no 2. Of course the interval between images is up to you but I like to keep it short and sweet.
At the end of the next week I put image no 2 on and repeat the process. Making a restore from a disk image takes about half an hour for me, making a new image about ten minutes and bringing all up to date about ten minutes so the whole process takes less than an hour with the PC only being unusable for the half hour it takes to put the image back on, due to Macrium taking a system snap shot you are able to work on the PC whilst the image is being created.
I still run antivirus (Avast) and antimalware (IOBit Malware Fighter) and I run occasional on demand scans but if I find anything more than a tracking cookie or if my PC malfunctions in an unexplained way I will quickly decide to put on my last image rather than spend time on what could be complex, time consuming and ultimately uncertain clean ups. Of course the interval between images is entirely flexible but I keep it short and sweet .
When I was first introduced to the idea of disk imaging I thought it would be complex but in fact once you have used the program it is very easy and with external hard drives so cheap it should be available to most.
If any one sees the sense in this approach but is a little hesitant in trying it then give me a shout and I will help as much as I can.
For me I would say time spent cleaning up is wasted time.It's good to know I have a reliable clean image to turn to in case of problems.

Regards Alex.

 

Hi chasling,
In reply to your answer to my post I would say that you make some valid points but I would take some issue with others. You say that some people do not know if they are infected or not so my approach would not help these people. I put my backup image on once a week and so if I have an unknown infection it is eliminated at that point. In any case people who do not realise they have an infection are unlikely to seek the help of this forum and so will carry on with an infected machine which could be carrying out unknown malicious activity.
Secondly you mention that some people are already making disk images and they are not the ones coming to this forum.That is precisely why I posted here, to inform and offer to help those who have never thought of or even know about disk imaging . It was on a forum that I was introduced to the idea, being very much a PC novice who hadn't a clue what a disk image was. With the help of another site visitor I was guided through the process and despite what you say it wasn't that difficult. In any case some of the malware removal techniques are quite involved and time consuming and the end result is so much more uncertain. With help, which I did offer, most people would quickly become proficient at imaging and restoring. It could take up less time and be less involved than malware removal which is ,I think you would agree , an uncertain art.
The next point is the cost. To buy a cheap external is not prohibitive for most people but, as my post admitted , it may be for some. In that case you can use free software to make a partition on your PC to store an image or more.
Also as I mentioned in my post, the internet work should, if possible , be done prior to the restore. If not then you have to use only reputable sources to source any drivers or you back them up also, again with free software. Funnily I have never had to source a single driver . When I updated from Vista to Win 7 as a clean install everything worked with no issues but I was using a manufacturers upgrade.
It is true that if you go for a new Windows install then that is a lot of work but it is a once only deal. After that it is a quick and easy process to restore and reimage.
You say that people do not want to hear me talking about disk image and restore and that is an old idea not a new one. Well I never claimed it was a new idea but it is one that a lot of people are unaware of and I really think you should not make presumptions about how others may respond. My post was meant to be a helpful suggestion with a friendly offer to assist if required. Please do not imply that it should not have been made.It was never meant to be confrontational or unhelpful.
I disagree with your last statement as it WILL be an option for some people with a difficult to shift infection that may or may not be curable or where they are just not sure that the infection is indeed cured. In any case I think that for those people who do get back to a clean state the safety net of a disk image at that stage may be something they could look at.
In conclusion I would say that my post was made in the spirit of mutual sharing of knowledge and mutual benefit. It was not meant to rubbish yours or anyone else's hard work and input.It was a suggestion to those who could be in a position to utilise it and was meant to try and present a method of future proofing their machines,
In human medicine prevention is better than cure and I believe that to hold true for our machines too.

Regards Alex