What is the best way to restore your computer?

EINREB

Member
Last week it happened to me again - a hacker blocked my computer and put in a ransom demand in exchange for a decryption code to unlock my system. This was the third time they did it to me, fortunately, I have nothing sensitive on it, but it took me hours to restore everything and put it back in a working order.
That brings me to the question, is there an other way than backing up your whole computer to get it back in working order? In my case, the computer would not boot up any more. Could I regain control again if I had made previously a copy of the boot tracks of the HD and reloaded it back in using Acronis or Windows Backup?
In general, does anyone knows which files control the system of the OS, and thus by copying them and restoring them after a disaster strikes you can get your system to work again in a shorter time than a Full Backup? The Windows Backup Program gives you two other choices; a System Image or a System Repair Disk.
Would either one be a quicker way to restore the OS to a working order in my case?
Any suggestions or comments?
 

Darren

Moderator
Staff member
If you made a system image yes that would probably be easier. System restore can sometimes work as well. How are they locking you out? If it's a SysKey lockout, which I usually see on these kinds of infections you can get around those pretty easily.

Look like this?
syskey.png


If so

 

EINREB

Member
Darren,
Thanks for your reply. No, it is not like your sample. I got a popup telling me that the Microsoft Technical Service had detected problems in my system and I had to call a number to get help correcting these problems. Needless to say, I never did, so I don't know what I was supposed to do. ( I also do not want them to know that I got their warning and gave them my telephone number as a potential sucker for other scams.) But other previous ones spelled out the demand and I had no reasons to believe that this one was any different. The result was the same, I could not boot up the computer, and the message would keep on popping up; hence my posting.
 

Darren

Moderator
Staff member
Oh in that case you just need to clean the system with a virus removal program. They can't really do much of anything without you calling them because then they'll remote in and that's when you get the lock like I mentioned above.
 

EINREB

Member
Oh in that case you just need to clean the system with a virus removal program. .........


Sorry, that will not work. Like I said, the computer is completely blocked, and only the message of the hacker will be displayed. (Otherwise I could use just the simple restore function.)
I had to use the System Restore Function, where you use either System Restore Disks which came with your computer, or a part of you main HD that contains the same information. Either method takes hours to use, what I am trying to avoid.
 

johnb35

Administrator
Staff member
Usually if you can boot to safe mode, you can remove malware such as that. Otherwise, reinstall windows and create a system image so that you can restore within minutes in case disaster strikes. Get all your software and games installed first before creating the image. And I would definitely buy paid software to do this, don't rely on microsoft's program as there has been issues with it in the past.
 

beers

Moderator
Staff member
Usually that's more 'downloading malware from suspicious websites' than a 'hacker infiltrated your computer'.

Next time you do a full Windows reinstallation, once you get all of the settings and patches done then make a 1:1 backup image of your drive. Then if you ever need to reinstall just clone the image to your drive.
 

Agent Smith

Well-Known Member
Go to the Sandboxie website and read about it, join their forum and use it! Aside from that, try an Adblocker as that's a vector for this crap. What browser are you using?
 
Top