marmite

Another one! Thanks hazelnut

Just in case you're tempted to pass ... there's loads of partition management functionality in this

Yeah, well that's that way it goes sometimes. Unfortunately, 'everyone else' is on the wrong end of an internet connection. I still doubt the original image is useless - see what they make of it on the Reflect forum if you need to get it back.

More general info ... http://www.theregister.co.uk/2010/02/11/go...vacy/page2.html

Now narrowed down to one particular patch ... http://www.theregister.co.uk/2010/02/11/ms..._update_glitch/

If I understand you correctly, you've used the manufacturer's recovery disk to start agaain? If that's the case, once you've got past the format you'll probably find the Reflect image now restores? That idea (to format) was mentioned in, I think, that first of those posts? I'm not too familiar with the low-level goings on in disks, but it may be the MBR that needed to be recreated. It would be interesting to find out ... I suspect you were very close.

NTFS I've just googled your error message ... have a look at these posts from the Macrium forums ... http://support.macrium.com/topic.asp?TOPIC_ID=155 and http://support.macrium.com/topic.asp?TOPIC_ID=717

Okay - now you need to use GPartEd to create a new partition for Reflect to use. I'm assuming the old one wasn't in a fit state because of what DBAN had done to it.

Fascinating, as Spock would say. Stands to reason though. Bit like looking into space; you can see the closer stars and you just know there's a lot more out there. But you can't see it or comprehend just how vast it is. Must admit I'd not heard that expression before.

LOL, good grief I remember that ... the bad ol' days!

As two steps: GPartEd will let you sort out your partitions, so you boot up with that disk to do that. Then you can boot up again with your Reflect recovery disk to finish off.

0.5Mg I can get better speeds on my 3G dongle !!

Doh! ... And there I was looking under 'Settings' ... far too sensible ETA: just read the article ... typical ... thanks for the heads-up.

So the partitions are still there? According to the documentation DBAN erases the partition table. Maybe they're corrupted in some way - which would hardly be surprising. Reflect will need a partition to restore back into. If you don't have a vanilla Windows installation disk then something like GPartEdLive should be able to sort your partitions out from a bootable CD. You need to download the iso disk image to a hard drive and burn it to a CD. If you don't have a burner for iso images then ImageBurn is a straightforward free one. [Think of an iso image as a like a Reflect image but for an optical disk - it's a complete disk copy held in one iso file.] Question though. Since I'm assuming the image has come from this machine (and hence disk) in the first place, are you sure that whatever you wanted to nuke isn't on this image. I.e. are you just going to restore this 'bad' content?

Take iso images ... you can make as many as you like then Assuming you have access to another writer of course

Yep, just checking ... that was my interpretation and the bit I was unsure about in my earlier post in terms of existing functionality ... though you've since confirmed that Reflect can't do it ... yet. Like you I'm perfectly happy with Reflect's existing hot back up and verify.

Dennis what do you mean by 'Cold Imaging' here ... taking a back up using the boot CD?

Absolutely right ... it's good to know you've been through the ERUNT restore and that it works! In my opinion yes, because the system is performing that key merge. I think such a small merge is a fairly risk free but replacing all of the registry would carry a greater risk. Though I would say that manual edits must be riskier still. You also have to consider that you potentially have a much smaller window to guarantee a low-impact restore of the whole registry. As soon as you start making changes, installing software, removing software, then that back up becomes more and more obsolete. You would need to identify any problems caused by key removal very quickly to ensure that you had a good chance of putting the old one back with minimum fuss. The restoration of a few keys has a much lower impact on your system; so if you don't notice an issue for some time you have a bit more leeway. As you say if you put it into the context of the problem then it does provide a circumvention, but personally I'd rather get the reg merges working. There's also the other angle that there may be other requirements for merging keys; a tweak or problem resolution for example. At the end of the day though it's not my PC; you may have pointed out a method that the OP is willing to adopt.

Interesting comments and links about the MSRT. I guess the 'time taken' gripe is actually the tool running, rather than literally installing. Since it's targeting specific malware it's much quicker than a full AV scan but it's still going to take a while. It's another one of those things which, as hazelnut says, is worth the short hit.

Yep I'm sure it's something that's frequently overlooked. Good article.

Well it's been five years since I've installed an OS from scratch, so I would suggest you take min with a pinch of salt and read around, but here's my view: ? Like Lucky10 I'm not sure on the low-level format. Why do this on a new disk. ? If I remember correctly, you can specify the size of (at least) your system volume early on. Do that if you can - you can add the other partitions later. ? Install Windows. ? Make sure your Windows firewall is on, even if you're going to turn it off and install something else later. ? Get Windows updates. ? Install the recovery console if you want to. ? Install your back up software and take a back up. This is your base OS build. If it all goes pear-shaped later you can go back to this. ? Install your security software and get the updates for it. If this includes a firewall, turn the Windows one off and make sure the new one is on. ? Now install the rest of your software stack. ? Run AV and malware checks. ? Create any additional partitions. ? Take another back-up. This is your base software build. Any problems here on in and you have a solid stack to return to. ? Personally I wouldn't defrag for a while - I'm sure you'll be shuffling things around and adding things for the first few weeks at least. This is just a rough off the top of my head list which really isn't too dissimilar to your original one. At the end of the day everyone does these things slightly differently. There are many ways to cut it and if you'd followed your nose with your list you'd still have got pretty much the same end result. There may well be better ways of doing it but the important thing is to learn as you're going along Just take the plunge and enjoy the ride

Without booting into the OS? You can certainly do cold restore. And you can do a hot back up including the system volume. I'm on the move and don't have a boot CD to check whether you can do cold back ups but I don't see why not. Re rescue discs, Reflect allows you to create a Linux or a BartPE based CD. I also endorse everything that's being said about Reflect. They have their own forum if you want to ask anything there.

True, though it's using an atom bomb to kill a canary if all you're backing up is one registry key But you're absolutely right BigD in that it should circumvent Nic's problem. The only comment I'd make is that I'm assuming that a full restore has to run at reboot? Which would make it a bit of a pain if you had a dozen keys and you were trying to find the one that was causing you grief. And the full restore process itself must inherently carry more risk than importing a few keys.

Quite But my point is that as far as a test like ShieldsUp is concerned, they should show as stealthed, not closed. Stealthed means no response - not even recognition that a PC is there. Closed means, okay it's closed - but I know there's a computer there. The stealthing bit is where the firewall comes in. For anyone wanting to read about the differences between open, colsed and stealthed ... https://www.grc.com/su/portstatusinfo.htm. It's an old site so beware of some out of date software recommendations, but the principles stand.

I 'found' this a couple of weeks ago whilst looking into a problem with bad Skype connectivity. I used it to successfully identify drivers that were contributing to my problem ... great little widget