Preserve a fresh installation of Windows XP with updates and drivers?
December 7, 2011 2:10 PM Subscribe
I just created a fresh installation of Windows XP with updates and drivers on my parents' computer. How can I preserve this installation, so that they can easily rollback (or even wipe the hard drive) to get back to this uncorrupted state after it is inevitably infected with some unremovable malware? The contents of the hard drive are under 4gb and can fit on a DVD. They don't store content locally, so I'm unconcerned with losing data.
And, no, switching to Linux is not an option. Thanks!
Isn't there a "last valid configuration" option, that title is likely wrong but I have used a command like that before, built into the OS.
posted by Freedomboy at 2:20 PM on December 7, 2011
posted by Freedomboy at 2:20 PM on December 7, 2011
You can always install windows 7. windows backup on windows 7 backsup the whole machine as an image .
IF nothing gets stored locally you can buy deepfreeze.
posted by majortom1981 at 2:21 PM on December 7, 2011
IF nothing gets stored locally you can buy deepfreeze.
posted by majortom1981 at 2:21 PM on December 7, 2011
'last valid configuration' is occasionally wiped by malware, and sometimes doesn't restore to a desired point. (Or, in my experience, EVER.)
Any backup that's stored locally can be compromised.
posted by Heretical at 2:23 PM on December 7, 2011
Any backup that's stored locally can be compromised.
posted by Heretical at 2:23 PM on December 7, 2011
I'm a fan of ghost images. You can make an exact clone of the drive and then burn it onto a DVD that can be booted to, which then auto restores the image. If you're worried about them wiping out their system you can require a password to be typed in first.
It requires a bit of extra work up front but is very nice. Something like this will get you started.
I think the newer versions you can even leave the ghost image on the hard drive and then execute everything from inside windows. The bootable DVD is a preferred foolproof method though.
posted by zephyr_words at 2:43 PM on December 7, 2011 [1 favorite]
It requires a bit of extra work up front but is very nice. Something like this will get you started.
I think the newer versions you can even leave the ghost image on the hard drive and then execute everything from inside windows. The bootable DVD is a preferred foolproof method though.
posted by zephyr_words at 2:43 PM on December 7, 2011 [1 favorite]
Deep freeze costs 35 bucks a year, and does exactly what you want it to do. Totally worth it.
posted by rockindata at 3:08 PM on December 7, 2011 [1 favorite]
posted by rockindata at 3:08 PM on December 7, 2011 [1 favorite]
I use Acronis True Image. My base image always consists of Windows and Office with any High Priority Updates.
Every few months when I get tired of the cruft I restore to my most recent image. After a clean restore I install all of the new High Priority updates since the last image then I reimage the computer and this new image becomes my new base image.
posted by dgeiser13 at 3:11 PM on December 7, 2011
Every few months when I get tired of the cruft I restore to my most recent image. After a clean restore I install all of the new High Priority updates since the last image then I reimage the computer and this new image becomes my new base image.
posted by dgeiser13 at 3:11 PM on December 7, 2011
Deepfreeze, you can "thaw" some of the drive so they can store stuff, if they want.
posted by wandering_not_lost at 3:15 PM on December 7, 2011
posted by wandering_not_lost at 3:15 PM on December 7, 2011
Free solution: Ultimate Boot CD for Windows. Download the building software. (You have to supply your own Windows files because they can't redistribute Windows.) Boot UBCD4Win, run DriveImageXML (one of the zillions of utilities on the CD), create a snapshot image of your C: drive while it's completely quiescent, no files in use because you booted from the CD, not the HD. Requires a separate partition to store the image on, you can't store it on C: while you back C: up. USB hard drives work fine for this.
I have backed up and restored roughly forty PCs using UBCD4Win and DriveImageXML over the course of several years and it has never failed me. Five stars. Oh, DriveImageXML can read individual directories and files out of the snapshot it makes, you don't have to restore the whole thing to access it.
posted by jfuller at 3:23 PM on December 7, 2011 [2 favorites]
I have backed up and restored roughly forty PCs using UBCD4Win and DriveImageXML over the course of several years and it has never failed me. Five stars. Oh, DriveImageXML can read individual directories and files out of the snapshot it makes, you don't have to restore the whole thing to access it.
posted by jfuller at 3:23 PM on December 7, 2011 [2 favorites]
3rd-ing Deep Freeze... This is essentially a computer lab type of situation. This is a great way to take the keys from repeat malware-clicking offenders... That goes double if they do not save things locally.
Good luck!
posted by milqman at 8:16 PM on December 7, 2011
Good luck!
posted by milqman at 8:16 PM on December 7, 2011
Acronis TrueImage worked well for me (though for a hard drive failure, not malware). Also install Microsoft Security Essentials and Malwarebytes.
Windows 7 is even more secure though.
posted by juiceCake at 9:50 PM on December 7, 2011
Windows 7 is even more secure though.
posted by juiceCake at 9:50 PM on December 7, 2011
You don't need to spend money on software to do this. You can download System Rescue CD and use partimage to save images of your disk partitions to some external medium. Maybe not as user-friendly as the commercial options, but it definitely gets the job done.
Whatever software you go with, there are two things to keep in mind:
(a) A backup is only good if you are sure you can use it to recover your system. Get a spare disk an go through the recovery process to make sure everything works correctly now, before disaster strikes.
(b) Having a year-old image may not be as useful as you think these days - software gets updated all the time. After restoring from a stale image you may find yourself facing several hours of updating and patching, which may not go 100% smoothly. Think about setting things up so that your users can periodically update the backup image (but keep a known good backup you make yourself, just in case).
posted by Dr Dracator at 11:27 PM on December 7, 2011
Whatever software you go with, there are two things to keep in mind:
(a) A backup is only good if you are sure you can use it to recover your system. Get a spare disk an go through the recovery process to make sure everything works correctly now, before disaster strikes.
(b) Having a year-old image may not be as useful as you think these days - software gets updated all the time. After restoring from a stale image you may find yourself facing several hours of updating and patching, which may not go 100% smoothly. Think about setting things up so that your users can periodically update the backup image (but keep a known good backup you make yourself, just in case).
posted by Dr Dracator at 11:27 PM on December 7, 2011
You might be better off learning how to make a boot-and-forget unattended setup disk. This will be a lot less trouble to keep up to date than a full-system image.
Also, Linux might actually be a useful part of a solution. I used to set up customer PCs with separate system (C:) and user (D:) partitions as well as a little Linux partition used solely for Windows backup and restore, and you're welcome to adapt my backup and revert scripts if you feel moved to do likewise.
I'd set up Linux (usually Ubuntu Hardy, though one of the tiny ones like Damn Small Linux might be better) to boot with/dev/sda1 (C:) mounted on /home/windows/system and /dev/sda2 (D:) on /home/windows/user, and make three desktop launchers:
I haven't done an installation like that for quite some while; doing Windows installs and watching them get vandalized without having been backed up became too depressing so I stopped offering that service (my customers get Debian now, plus Windows in a VirtualBox VM if they ask really nicely). But it should all still work just fine if you can be bothered.
posted by flabdablet at 12:55 AM on December 8, 2011 [1 favorite]
Also, Linux might actually be a useful part of a solution. I used to set up customer PCs with separate system (C:) and user (D:) partitions as well as a little Linux partition used solely for Windows backup and restore, and you're welcome to adapt my backup and revert scripts if you feel moved to do likewise.
I'd set up Linux (usually Ubuntu Hardy, though one of the tiny ones like Damn Small Linux might be better) to boot with/dev/sda1 (C:) mounted on /home/windows/system and /dev/sda2 (D:) on /home/windows/user, and make three desktop launchers:
- "Backup Windows" to launch the backup-windows script in a terminal window
- "Revert Windows" to launch the revert-windows script likewise
- "Reinstall Windows" to launch revert-windows with an argument of "/home/windows/user/Documents and Settings/Admin/My Documents/Backups/sda1.ntfsclone-clean.gz"
I haven't done an installation like that for quite some while; doing Windows installs and watching them get vandalized without having been backed up became too depressing so I stopped offering that service (my customers get Debian now, plus Windows in a VirtualBox VM if they ask really nicely). But it should all still work just fine if you can be bothered.
posted by flabdablet at 12:55 AM on December 8, 2011 [1 favorite]
so that they can easily rollback (or even wipe the hard drive) to get back to this uncorrupted state after it is inevitably infected with some unremovable malware?
This problem can be solved by not giving them local administrator rights. Sounds harsh, but it'll work.
posted by mr_silver at 1:47 AM on December 8, 2011
This problem can be solved by not giving them local administrator rights. Sounds harsh, but it'll work.
posted by mr_silver at 1:47 AM on December 8, 2011
Second Deep Freeze. IIRC, you can set a specific folder(s) for allowing them to download stuff (My documents. for instance).
posted by Man with Lantern at 9:38 AM on December 8, 2011
posted by Man with Lantern at 9:38 AM on December 8, 2011
This thread is closed to new comments.
posted by JauntyFedora at 2:16 PM on December 7, 2011 [1 favorite]