Call 0433 566 717 // Mobile Tech Solutions

Category : Data Recovery

Home»Archive by Category "Data Recovery"

Crypto virus handy tools

Just a quick update to motivate me to get back into regular posting.

Due to the issues with Crypto virus travelling around the net lately I recommend that you at least review a bit of the information about how to protect yourself. This can be as simple as having multiple backup drives with one always disconnected from your system.

BitDefender has released a new tool that can help prevent infections which you can get here:

Attached below is an article by Carbonite that has some good tips on how to avoid infection, Carbonite backup products also have a rollback feature that will allow recovery of your files from backup even if they are infected and encrypted.

ransomware-050715

At Jack I.T we are Bit Defender and Carbonite resellers so get in contact with us to help design a protection solution that suits your needs.

0433 566 717
sales@jackit.com.au

carbonite-silver-partner

Home Header - Wolf

40 reason why you don’t need antivirus

With all the work that Jack I.T has been doing lately cleaning virus and spyware infected computers I am always on the lookout for new tools to either make the process easier or to ensure that the machines are as clean as possible. Jack I.T recently started using EMSI Soft Anti-malware as a final check of the system cleanliness before returning it to the client.  Which brings me to the title of the post, EMSI Soft have a blog here with 40 reasons why you don’t need antivirus, this is a good read on why technicians like Jack I.T recommend AV under all circumstances.

While and Antivirus program will not pick up every potential problem they are a great place to start, follow that up with a little knowledge regarding scam emails and paying attention when installing programs for extra programs, usually search bars that increase the likely hood of getting more junk on your computer.

 

Here is the full link if the above doesn’t work

http://blog.emsisoft.com/2014/12/08/40-reasons-why-you-dont-need-an-antivirus/

Crash course in encryption virus’

What a night, I had a client call yesterday saying that he had clicked on a link in an AusPost email for a delivery receipt. This is a great example of paying attention to what is in front of you, he was unable to view the link on his iPhone as it restricted the site so he forwarded the email to his work PC and clicked it there even though if you looked at the link that shows when you hover over the email it was to a site called sleeze .com.  Anyway back to the files, all the photos, documents and zip files on his computer were encrypted and there was a pop-up showing a link to click to pay $600 to get the documents back.  This should have been blocked by the antivirus, but in my research I have found that this variant is less than 3 days old and there are no virus signatures to detect it.

Now that I had determined what it was I needed to work out what to do about it, I was sure that I didn’t want to pay the criminal responsible for recovering his data, the forums on bleepingcomputer.com shed a lot of light to enable me to pin-point the exact infection and devise a strategy first was to look for existing back-ups and recover the data which on first inspection looked like they have been encrypted also, there was another option to pay a trusted third party for a repair which sounded like it was related to the original criminal but was ultimately someone trying to help and needing to cover their costs.  So after sending some requests for help and searching high and low for a solution I went to bed at midnight only to hear my phone buzz as I lay down from the other room.  This presented another paid option to repair but with still no guarantee of success I had another look at the machine only to find an un-encrypted backup that was so large that maybe the file had not been processed.

With a solution now in sight and a new surge of energy I started making backups of everything so that I could go back to the current point if needed, while backups ran I had a short kip to ensure that I was still firing on all cylinders and have now got the system fully running with an up to date backup restored, minor tweaking required to get it to boot, and will return the computer to the client later this morning once I am certain I am able to get it all working.

NOTE: Before clicking any links hover your mouse over them and read the text in the status bar, usually at the bottom of the screen.
Keep an eye on your antivirus program to ensure it is running and update.
Pay for an antimalware scanner separate if your antivirus does not do this task.

Data recovery on a timeline

Jack IT had a productive night with a call at 5pm yesterday from a new client who had managed to delete their entire mailbox archive from Outlook with no backup more recent than March.  We jumped to action and had the machine open with drive removed looking like a patient who was half-way through surgery and the drive in a second computer to allow non-destructive restoration to begin.  To give you an idea of the timeline of a restoration here is the basic run-down.

  • Remove drive and clone disk. (1hr)
  • Start recovery tools on fast check, with restoration of possible files. (1-2hrs)
  • Check recovered files with no luck due to corruption. (30 minutes)
  • Start full scan and recovery. (4 hrs+)
  • Recover all related files and folders (1 hr)
  • Test files. (1 hr, about midnight by here)
  • Convert recovered files to a usable state, this often does result in some loss of data depending on the amount of corruption. (2 hrs)
  • View converted files. (30 minutes)
  • Re-install hard drive and test machine still boots. ( due to the scanning process the boot partitions can be modified and repairs needed on occasion. 15 minutes)
  • Copy restored files to external media. (30 minutes, done the next morning after a 2am finish)
  • Return to client and get them to check data is consistent. (1 hr, this process can be hit and miss, I have recovered gigabytes of data to find that there are no relevant files)
  • Ensure that client has working backup system to ensure that the mistake is not repeated.

This is the closest Jack IT has needed to go to an all-nighter this year to ensure business continuity and we will do anything in our power to ensure you are running in the shortest time possible.

Jack IT recommends a couple of tools to help complete this work:

  • EaseUS Data Recovery Wizard for the initial and deep scans
  • Stellar OST to PST Converter to recover corrupted OST files and extract any usable information.
  • AOMEI Backupper Professional Edition, brilliant fast backup software.  Great for cloning drives and just accessing backed up data.

Jack IT uses paid versions of all this software as part of my toolkit, thought it can add up finding great tools is well worth paying for.