Login

**EAPTCB** · (This post was last modified: 03-30-2016, 08:10 PM by Britec.)

A new strain of Ransomeware can now make changes to your MBR and stop users form starting their computers.

**Timster** · 03-30-2016, 05:51 PM

nasty one.

***Britec*** · 03-30-2016, 08:11 PM

They are getting worst.

**Partha** · (This post was last modified: 04-15-2016, 11:16 AM by Partha.)

It's therefore better to create an installation media of Windows with either a USB flash drive or a DVD and keep that as a dedicated recovery tool, specifically for such cases

I've created mine with my USB flash drive and have to say that it's a savior. It has helped me fix a lot of issues which couldn't have been fixed in any other way

If the MBR is corrupted, you can at least boot from that flash drive or dvd and select the repair option to access the recovery environment & once there, you can select the command prompt and try the bootrec.exe /fixmbr command

If the issue persists, we still have the option of low level format with the DiskPart clean all command which clears all the sectors including the one where the MBR resides

**EAPTCB** · 04-15-2016, 11:58 AM

(04-15-2016, 07:44 AM)Partha Wrote: It's therefore better to create an installation media of Windows with either a USB flash drive or a DVD and keep that as a dedicated recovery tool, specifically for such cases

I've created mine with my USB flash drive and have to say that it's a savior. It has helped me fix a lot of issues which couldn't have been fixed in any other way

If the MBR is corrupted, you can at least boot from that flash drive or dvd and select the repair option to access the recovery environment & once there, you can select the command prompt and try the bootrec.exe /fixmbr command

If the issue persists, we still have the option of low level format with the DiskPart clean all command which clears all the sectors including the one where the MBR resides

That's a good contingency plan partha.

I personally keep a full system backup with Acronis True Image 2016 on an external drive as well as a full Windows recovery on a partition. I also use Rollback RX Pro, which claims to rescue your system no matter what, including Randsomeware, although I've not needed to test it for that thank God. I have seen some YouTube videos showing how it reverts the system back to a state prior to an Ransomeware infection. Here is a video from the makers of the software. They do a free home edition too.

**Partha** · 04-15-2016, 12:20 PM

(04-15-2016, 11:58 AM)EAPTCB Wrote:
(04-15-2016, 07:44 AM)Partha Wrote: It's therefore better to create an installation media of Windows with either a USB flash drive or a DVD and keep that as a dedicated recovery tool, specifically for such cases

I've created mine with my USB flash drive and have to say that it's a savior. It has helped me fix a lot of issues which couldn't have been fixed in any other way

If the MBR is corrupted, you can at least boot from that flash drive or dvd and select the repair option to access the recovery environment & once there, you can select the command prompt and try the bootrec.exe /fixmbr command

If the issue persists, we still have the option of low level format with the DiskPart clean all command which clears all the sectors including the one where the MBR resides

That's a good contingency plan partha.

I personally keep a full system backup with Acronis True Image 2016 on an external drive as well as a full Windows recovery on a partition. I also use Rollback RX Pro, which claims to rescue your system no matter what, including Randsomeware, although I've not needed to test it for that thank God. I have seen some YouTube videos showing how it reverts the system back to a state prior to an Ransomeware infection. Here is a video from the makers of the software. They do a free home edition too.

It looks interesting but doesn't it work like the system restore functionality of Windows?

**Compton** · (This post was last modified: 04-15-2016, 01:26 PM by Compton.)

OK the software looks good but to create a backup and restore of the computer

you have to launch the application within windows let's say you got infected with malware

can't launch the application or boot into windows how do you then restore that image?

**Partha** · (This post was last modified: 04-15-2016, 02:01 PM by Partha.)

(04-15-2016, 01:20 PM)Compton Wrote: OK the software looks good but to create a backup and restore of the computer

you have to launch the application within windows let's say you got infected with malware

can't launch the application or boot into windows how do you then restore that image?

Right, that is when an installation media would be helpful.. another option would be to make use of rescue disks offered by some antivirus makers and boot from one of those rescue disks and then run a malware scan

If it's able to disinfect the infected mbr, that should do the trick as well

***Britec*** · 04-15-2016, 01:45 PM

**Compton** · 04-15-2016, 02:07 PM

to answer my question yes you can restore without booting into windows

using Rollback RX recovery console but that console is still store on the hard drive

you will not be 100% sure that recovery console will boot up