This one's complicated. Bear with me.
The family computer (I have a separate computer at home for work) is a Pentium IV-3GHz, 1GB RAM, 120GB HD, Windows XP Pro (PowerSpec model 9340). It contains the (large) family photo archive, music collection (also large), the kids' schoolwork, and the family checkbook. The kids use it to play online games, and over time operation had become erratic - the system locked up during gameplay, etc. I suspected malware and decided I'd offload all the data, reload the original files using the "emergency recovery" CDs that came with the system, then reload the files. That done, I installed Norton GoBack 4.0 ("GB"), thinking that if problems arose in the future, I'd simply revert to an earlier system state.
GB never worked right. In early January 2006 I tried to disable GB by pressing the spacebar during the GB splash screen on bootup. Something went wrong; after that the system wouldn't boot. During boot, GB would display a message saying the system was unstable (or something like that) and that it was restarting, a process that would repeat indefinitely. If I tried pressing the spacebar to disable GB, I'd get a message saying GB was already disabled. Frustrated, I decided I'd start all over again, reloading the the original files using the emergency recovery disks. This time I didn't load GB. However - important point - I also didn't precede all this by wiping the drive or using FDISK /mbr to reload the master boot record, which I now believe was a significant omission.
Anyway, the computer worked fine and was in regular use for most of 2006. I installed a second HD, thinking I might use it for backup, but never got around to actually doing this. Then last August my work computer's D drive ("work-D") died. While attempting to diagnose the problem I swapped work-D with the D drive on the family computer ("family-D"). To my surprise, the family computer would no longer boot, even though I'd done nothing to the bootable C drive ("family-C"). A splash screen would flash past, then I'd get a message saying "reboot and select proper boot device." I reinstalled family-D in its original location. That didn't help at first, but after a couple of restarts the system booted and everything seemed back to normal.
OK, I know now I should have realized the system was flaky and backed up all my data. I didn't do that. I know, I know, I'm an idiot.
The crashed work-D drive turned out to have mechanical problems and a data recovery firm after several attempts pronounced the data unrecoverable. Determined not to let this happen again, I bought a new work computer with dual HDs and RAID capability on the motherboard, and set up disk mirroring (RAID 1). This was easy, so I decided I'd do the same thing on the family computer. RAID capability wasn't built in, so I installed a RAID controller card, hooked up the cables from the family-C and family-D drives, booted the computer, got into the RAID BIOS, and proceeded to replicate family-C to the (previously empty) family-D. This concluded uneventfully, but afterward the system wouldn't boot. Instead something flashed past and I got the message "reboot and select proper boot device." I removed the RAID controller card and hooked up family-C and family-D the way they'd been pre-RAID. Same result, "reboot and select..." Looking more closely at the screen flashing past during boot, I was startled to realize it was the GB splash screen, telling me I should press spacebar to disable GB. Pressing spacebar produced no result, only the "reboot-and-select" message.
Realizing that GB (or a subset thereof) had somehow remained installed on family-C despite my reinstalling the original files from the recovery CD, I bought a new HD, installed Windows, then hooked up family-C as a slave. Family-C was accessible but there were no files on it other than (I think) an empty "TMP" directory. Using Recover My Files from getdata.com, I was able to extract thousands of files from family-C, but without the original filenames or folders. Not wishing to go through each file individually, I sent the disk to a data recovery firm. They were able to recover thousands of files, complete with filenames and folders. However - key point - no files later than December 2005. Instead, they found an 8GB file called GOBACKIO.BIN dated 12/14/05, the approximate date of the original GB install.
So that's where we are. To summarize:
1. Family-C is physically intact and data can be recovered from it, just nothing later than December 2005. Please understand that up till my unfortunate experiment with the RAID card a few weeks ago, the family computer was in regular use and all recent files were available. I'm pretty sure they're still there but GB has disguised them.
2. Whatever the "emergency recovery" CDs did, they didn't wipe family-C clean, since the pre-12/05 files are still there, as is GOBACKIO.BIN.
3. The only thing I have done to family-C is duplicate it to family-D while attempting to install the RAID card. I don't think this destroyed any data on family-C. I did not attempt to reinstall GB on it or mess with the master boot record. I did trying installing GB on my new drive and hooking up family-C as a slave, but could find no data.
4. All I did to stop family-C from working in the first place was mess around with family-D. I deduce from this that GB won't let the system boot if it detects any change to the hardware configuration. I was able to restore the original hardware configuration the first time GB acted up, but not the second time. I halfway believe if I could put things back exactly as they were pre-RAID, I could get family-C to boot, although repeated attempts to do that have failed.
5. GoBack apparently is resident on family-C, certainly in the form of GOBACKIO.BIN, probably also in the master boot record, and maybe elsewhere. The data recovery firm found a "Norton GoBack" directory under "Program Files"; this includes various executable files. You'd think a fresh install from the recovery disks would have rendered these files inoperable but maybe not.
6. I have been in touch with several people at Symantec customer support but they are baffled by my problem and do not seem to have a good grasp of how GB works (probably not surprisingly, since I understand the product was originally developed by another company).
So: how can I retrieve my critical files? I have found some online advice about using a bootable Win98 disk with gb_prog.exe loaded on it, and using that to rehook GB into the MBR. However, (a) this advice refers to earlier versions of GB than the one I have (4.0), and (b) my problem is so wacky, with GoBack apparently operational even though it's not officially installed, that I have low confidence rehooking GB will work. I'm also reluctant to do anything that involves writing to family-C for fear I'll hose things once and for all.
While we're on the subject, can anybody explain to me how GB works, and why my files are invisible? Does GB stash files in binary form in GOBACKIO.BIN? (Symantec tech support says no, but can't say where the files are.) Info online suggests GOBACKIO is where GB stores "snapshots" of the system at various points, but it's not clear why you'd need 8GB for that.
Any help greatly appreciated. At the moment family-C is at the data recovery firm; I can get it back in a couple days. I do have in my possession all the recovered files, including GOBACKIO.BIN, on DVD. Before proceeding I'd ideally like to get a coherent idea of what went wrong. -Ed