The day after I drafted the article about not having a Windows CDROM or recovery CDROMs, I got a call from a friend. Unfortunately, he had experienced the thrill of destructive software, probably multiple viruses and adware.
The signs were bad — antivirus program installed but not running, firewall disabled, occasional warnings from the AV program’s monitoring routine that it couldn’t confirm the integrity of the antivirus programs, AOL starting up automatically when he booted, missing "All Programs" from the Start button, no software in "Add/Remove Programs", unable to edit, add or change users, browser hijackers infecting Internet Explorer, and multiple strange programs starting automatically.
There was also something I hadn’t seen before — the recovery partition that HP had put on the machine was visible as a "drive" while he was in Windows (it is supposed to be hidden).
The bad guys had apparently edited the hard drive’s partition table some time so that, on subsequent reboots, the hidden recovery partition was no longer hidden and no longer protected from changes.
The bottom line was that his best option was to copy his data to another physical hard drive (he had two) and then use the recovery partition to restore his hard drive to the original condition.
You can probably guess what happened when we tried to boot into the recovery partition – it was corrupted, too. I left him with instructions to call HP for recovery CDROMs so he could get back in operation.
If you don’t have original Windows CDROMs or Recovery CDROMs, get them, because you will need them eventually. Whether it is a software problem, a hard drive problem or just wanting to use a bigger hard drive, the CDROMs are a necessary backup for you.
At best, without them you will be down until you can get them. At worst, you may no longer be able to get them.
Followup: HP came through with flying colors. He called on Wednesday and had the restore CDROMS in his hands on Saturday. His recovery options are a full, blow it all away recovery and a partial recovery which should save his data. Since he’s copied his data to another drive and to make sure that all the nasties are gone, he’s going to do the full recovery.
and