Arthalius
asked on
Restore an entire drive with Volume Shadow Copy
Caught a nasty virus on my computer yesterday that hijacked nearly everything, deleted about 30Gb of irreplaceable files, and tweaked all sorts of settings in my computer (Win7 Pro x64). While the computer has now been thoroughly cleaned and is free of any backdoors, keyloggers, or spyware, I am still faced with the need to fix the damage it did while present. I've already used the Restore Previous Version tab to recover a number of directories that were tweaked or deleted by the virus, but a question just occurred to me...instead of spending countless hours repairing the damage, why can't I just do a Previous Version restore on the ENTIRE DRIVE?
If I right click the C drive in the Computer window and select the Previous Versions tab, I have seven days worth of snapshots to refer to. If I could roll back two days, that would fix everything. Unfortunatly, while the "Open" and "Copy" buttons are available to me, the "Restore" button is grayed and unavailable. Does anyone know how to fix this and roll back the entire system drive?
If I right click the C drive in the Computer window and select the Previous Versions tab, I have seven days worth of snapshots to refer to. If I could roll back two days, that would fix everything. Unfortunatly, while the "Open" and "Copy" buttons are available to me, the "Restore" button is grayed and unavailable. Does anyone know how to fix this and roll back the entire system drive?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Gideon7
What you are looking for is called VSS Revert. This feature is available on Server versions of Windows.
ASKER
I can copy the files to USB, but I really want to roll back changes and not just recover deleted files. Of particular importance to me is the Windows folder. The virus made a lot of changes that will take some time to fix (changed default application mappings, disabled menus, disabled recycle bin) that will take some time to fix. I'd really prefer to just overwrite the whole thing with an earlier version.
I guess I could dupe the shadow copy onto USB, boot from a LiveCD, and copy the files back into their original locations, but blindly overwriting system files seems like a recipe for disaster. I assumed that the VSS system would have a mechanism for restoring the system files, since it seems to have the ability to back them up.
Was I wrong?
I guess I could dupe the shadow copy onto USB, boot from a LiveCD, and copy the files back into their original locations, but blindly overwriting system files seems like a recipe for disaster. I assumed that the VSS system would have a mechanism for restoring the system files, since it seems to have the ability to back them up.
Was I wrong?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Partial points to theras2000 because his response sent me in the right direction, but the actual solution wasn't found here.