|
They have deleted. When I came over and switched the PC on again I could see the different devices and they were empty. Windows login was protected with a password due to the remote management tool of them, but the rest was all reachable.
dandy72 wrote: I don't understand what the motive would be for anyone calling others over the phone, only to delete data in some unrecoverable fashion. Money... plain and simple dirty money...
dandy72 wrote: only to delete data in some unrecoverable fashion. that's what I hope they were not that professional, and I can maybe (with luck) recover something.
dandy72 wrote: but if this was a Windows machine, it was a windows 7 machine
dandy72 wrote: I'd be looking for volume shadow copies. See vssadmin.exe, or ShadowExplorer for a GUI version. Thank you very much for the tip, I will have a look
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Nelek wrote: Money... plain and simple dirty money...
So I still don't understand. How do these guys profit from data being deleted and unrecoverable?
Nelek wrote: it was a windows 7 machine
You also mentioned a NAS however - unless the NAS machine is itself running Windows 7, it wouldn't be creating volume shadow copies.
Still, let me know if this helped - this is a really poorly known and under-appreciated feature, and has allowed me to recover files long thought to be lost (including some files some people would rather have not had me recover for them)
|
|
|
|
|
dandy72 wrote: How do these guys profit from data being deleted and unrecoverable? They try to make you believe that if you pay you get the data back. A sort of ransom. The problem is... they can'T beacuse to copy the hard drive a lot of time would be needed.
If the drives would have been encrypted, then there is still a possibility to recover it. Another thing is if the actually give the code after getting the money or they just ask for more.
About the NAS... I don't think it was doing shadow copies, not sure if that NAS was even able to do them. Anyways thank you, I will dig about the feature a bit. Since I suppose I will have to bring everything back to life, I will try to make some changes.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
A NAS on its own wouldn't know anything about shadow copies - this is a feature of Windows and NTFS.
|
|
|
|
|
Oh... ok. Thanks for the tip
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Still worth keeping in mind when trying to recover stuff from your PC.
|
|
|
|
|
That's why I said "thanks for the tip"
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
I know this is not the kind of advice you want right now, but let him consider backing up data to the cloud. I have excellent results with Microsoft's OneDrive. Even if OneDrive data gets deleted, it is kept in a cloud recycle bin for a month and can be restored easily.
Get me coffee and no one gets hurt!
|
|
|
|
|
I don't take it bad. I know about it, but the problem I see with this is... encryption.
He could not manage to follow the easy advice of "don't keep all USBs plugged at the same time when you don't need them"...
Sadly I don't think he is going to leaarn from this that much. So keeping a healthy encrpytion and backing up in the cloud... I see it a bit unrealistic.
I will check which options there are anyways. Thanks
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Look in the recycle bin, and secondly get an undelete program.
When a file is deleted in windows its entry in the FAT has a ~ put at the start. That is it. (at least I am pretty sure it is that way, if memory serves me correctly).
SO undoing that restores the file.
It is very easy.
|
|
|
|
|
It was Windows 7 (NFTS).
The bin was empty, I suppose they used something similar to "Caps + Delete" (delete without sending it to the recycle bin) or an internal deletion of the "Remote Desktop" they used.
My relative says he saw a popup about a confirmation to delete the data (that's when he realized what was really going on). The confirmationw was not the typical "windows popup" it had another colours, he said.
I am hoping that they didn't use a recursive deletion or things like that, just a "fast and dirty" deletion, that might be undone at least partially (every byte of data back will be better than nothing).
The problem is... windows is fvcked up, so I will have to reinstall from the scratch in C:, the Data were in D: but I am not sure if your idea will work after a fresh installation
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Why not boot off a rescue disk and run an undelete?
|
|
|
|
|
This is going to be my first try. I have a couple of versions of Hiren's (10.1, 13.3) to boot in DOS or in miniXP is good. But I am not sure if the tools contained are that good.
I too have an old linux bootable CD somewhere (that I have to find first). But the good undelete software is what I am missing.
If it doesn't work as expected, then Install windows in C: and run rescue in D:
At least this is the only thing where he was disciplinated, he saved everything in the "data" partition and keeping "system" clean (I was doing restore image backup, updating and creating new image a couple of times a year), but keeping the "data redundant drive" always plugged in... (I hope he learnt from this experience)
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
There must be a bootCD+undelete combo on the net somewhere, this is classic rescuse stuff.
What I always do is keep my OS on one drive, and all my data on another, and also put backups on that data drive.
Then if I get s problem I can just wipe the OS drive with impunity.
It is a bit of a faf to set up, but gives you 100% antivirus/anti scam protection.
|
|
|
|
|
I do similar for me, with him is partitions separated, but not drive separated. Second partition is the one that had the data that got deleted (with OS backup images inside, that's why I have to start over again). And the external drives (NAS and USB) were connected too, so redundancy went to hell too.
That's why I was thinking on reinstall windows in C: partition, leaving D: (Data) untouched.
I think it is better to concentrate my effors on the main HDD, that had the most actual data and will probably be easier for the tools.
But I will have a detailed look to the bottable cds first. If I can do everything in low level from the booted environment I think it might get better results.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Unless they used a program to write over all the data - delete just marks the filename as deleted in the directory. To be able to recover the data - DO NOT write anything to the drives. Use an undelete program or a data recovery service like Geek Squad at Best buy - looks like the cost is $200 to $1400.
Best Buy Geek Squad Data Recovery page here [^]
|
|
|
|
|
Good to know. Thank you.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
|
Quote: contained massive data sets belonging to Alteryx partner Experian, a consumer credit reporting agency
There's a special place in Hell for these companies. Preying on people's fears - usually the people without the resources to defend themselves - by providing a "service" to track their credit score, with a nice little side business of using all that personal data for marketing. And they don't even care enough about the people they are providing this service to treat their data with any care.
The best bit: people pay them for this "service".
cheers
Chris Maunder
|
|
|
|
|
The rest of the world gets by just fine without credit reporting agencies. Why do we even need them in the USA? Consider the potential damage caused by the Equifax breach. We will have less privacy breaches without these agencies. If the federal government does not know how to protect the privacy of their citizens - go and ask the Swiss or Belgians.
Get me coffee and no one gets hurt!
|
|
|
|
|
Cornelius Henning wrote: The rest of the world gets by just fine without credit reporting agencies. Ummm... where did you get that idea? AFAIK nearly every nation uses some form of public / private credit reporting systems.
|
|
|
|
|
Hmmm.... It will be interesting if CP members in other countries will report if they have anything as invasive as USA credit reporting agencies where they are. Here any company can procure a comprehensive report on your credit history over the past years, showing how you paid your bills month - by - month.
And as the Equifax disaster showed: You cannot trust these companies to keep your personal data safe.
Get me coffee and no one gets hurt!
|
|
|
|
|
It's 5 years old but this article[^] paints a fairly standard picture across many countries.
While I agree with much of your sentiment - it's not just a US problem.
|
|
|
|
|
Interesting, thanks!
Quote: South Africa has a robust credit reporting system, When I left that country 20 years ago, there was no such system in operation.
Get me coffee and no one gets hurt!
|
|
|
|
|
Indeed, the UK has allowed scum like Experian and Equifax to run their filthy rackets here for a great many years.
98.4% of statistics are made up on the spot.
|
|
|
|