Facebook Trojan Virus… Not a problem if you have a Windows Home Server.


So, my wife just got hit, Facebook Users Attacked by Trojan VirusHOW TO: Install a Facebook Trojan,  Facebook Users Attacked by Trojan Virus, Facebook users receive fresh Trojan warning  .


She got an email in her Facebook inbox from two of her friends. She clicked the link in the message and the rest was all badness. Does anyone remember NIMDA?


She called me at work in a panic.  She did not know what to do and my wife used to be an IT Manager and a pretty big software company. Granted, this was years ago before we had kids, but she is no dummy in regards to technology. I told her not to worry, her laptop was backed up from our Windows Home Server.  Since I really had no idea what kind of virus this was, I told her to disconnect the network router from the internet immediately.  Since I was already on my way home and she was juggling our three kids, she waited for me to get home.


I asked her if she had any files that she modified since the last backup and if so copy them off to a thumb drive. She didn't, but for those of you who do have to do this, copy the files off and then when you are backup and running. Virus scan the files first and then copy them back to their proper location.


 When I got home I plugged my wifes laptop into the network router with a network cable (you do not want to run a restore wirelessly). I put in the Windows Home Server Restore CD and rebooted the machine. Click any key to boot from CD. Waited a few minutes for the OS to load and answered a few prompts. Since I don't do this scenario very often, can't remember the exact steps, but there were only a few;



  1. Home Server prompted me for which computer that you want to restore, by default it choses the machine I was on.

  2. It asked me what backup I wanted. I chose the one from the the previous night.

  3. What volume (drive) I want to restore and to what volume you want to restore to. Chose the default.

  4. It warns me that this will delete everything on that volume (drive) if I chose to continue,. I chose continue

  5. Chose Next and it runs the restore

  6. About an hour later, I was prompted that the Restore completed Successfully and to click Finish To restart my computer from the restored volume.

  7. Rebooted and my wife's machine was back up and running.

What people fail to realize is that Home Server is not just a Network Attached Storage (NAS), it is a full backup and capable of restoring the complete drive, not just the files and directories that are backed up in the cloud by services like Mozy. Crashes Needn’t Be Fatal. Mozy cannot protect you from the facebook virus. In all cases where you use a NAS or a online backup service in the cloud and you have a hard drive fail or you have a really bad virus and you need to rebuild your system, you will either have to go get a new drive (in the case of a drive failure) and then reinstall your Operating System, all of your applications like Microsoft Office, Microsoft Money, all of your games, all of your third party software for your cameras, external devices, etc.... and redo all of your settings. The list can really be long and tedious.


 Show of hands, how many of you have about 4-12 hours to set your machine back up from scratch?  I DON'T!!!!  I am not saying the cloud based backup solution is not something you should do. I do it, but this is a last resort. Not the first and only resort.


 Windows Home Server is the first step in protecting your data. I know houses burn down, thieves will rob your house and possibly take your computers and your Windows Home Server, but this statistically happens less than virus, worm, trojan, hard drive failure, etc...


 So, bottom line, Windows Home Server saved my butt one more time. Saved me a huge amount of time and headache. Saved me countless hours of lost sleep since our machines in our house are critical. Last, but not least, it saved me a lot of pain with my wife who would have been very frustrated while she waited for her computer to get back and running and since it is her machine she would have had to spend a lot of time getting it setup just the way she likes it, not the way I would set it up. Is any of this getting through? 


Lastly, thanks Charlie Kindel and the Windows Home Server Product Team for creating such an amazing product. I am and always have been a believer in this product. Now, I am just that much more a DIE HARD FAN!


Kevin Beares
Community Lead (Windows Server Solutions Group)
Yeah, I am the guy who ran the beta for V1 of Windows Home Server

Comments (10)

  1. Anonymous says:

    As I was rebuilding my main workstation again (life running pre-beta OS's is always fun), I was very

  2. Anonymous says:

    I’m still in the process of putting my Home Server together at some point soon. I just need many more hard drives for it and a computer. Minor detail, I know, but I will get there eventually! In the meantime, check out this case where Home Server save

  3. Frazpro,

    If you have a OEM version of Windows Home Server and you lose the primary partition, recovery is built-in to perform a server resinstallation.  Depending on how the failure occurred, yes, you could lose your backup database. As Stormy1954 pointed out above, At your own risk you could try the beta WHS Backup Database-Backup Add-In at http://www.mediasmartserver.net/forums/viewtopic.php?f=3&t=2066

    Thanks,

    Kevin

  4. @ j and v – she was running UAC on Vista. The message came from someone that she really trusted and she conciously said OK through all of the prompts. In hind sight, she was like I was, Doh! Do you remember NIMDA and the "I love you" virus?

    The critical thing here is that we all make mistakes. It is how we recover from them that is critical. In this case, we have WHS as our primary back up store. We also run two anti virus packages on that particular PC, but we did not have it setup to scan the file before allowing it to run. The virus was sophisticated enough and we were obviously not sophisticated enough in the defenses we had in place to prevent the machine from being infected. Lesson learned.

    As you can see from the net, there are numerous people that were infected. I think that the level of trust that we give a vendor comes in waves. In this case, with facebook, my wife trusted that nothing would come throgh her inbox that would be suspect. I cannot recall ever getting a single piece of spam in my inbox on facebook. Can you?

    Thanks though, Kevin

    @ ozinca and j and v. I agree a UPS would definitely be a great piece to this puzzle, but we, WHS, could do more work to put additional contingencies in place for these sorts of scenarios to prevent data loss on the server.

  5. Paul,

    Sorry to hear that you had that issue with your Home Server Backup Database. Now, since I am a glass half full guy most of the time, I could still see this as a good thing. Home Server had an issue from a power failure and the database got corrupted. The great thing about it is that we at least detected a bad database condition and did our best to recover it without too much heavy lifting on your end. I am sure Home Server immediately started backing up all of your computers and within a few hours you were back to having backups of all of your machines.

    This scenario of recovering your backup db is very near and dear to our hearts. I hope to see that feature sooner than later so that in the unlikely event you have something bad happen to your Home Server, you can recover it quickly just like you recover a machine.

    I will have to confer with my colleagues, but I thought someone in the community or one of us wrote a tool or white paper on how to backup your backup db to an external drive. Anyone want to jump in and provide that information?

    Thanks again for the comment,

    Kevin

  6. Anonymous says:

    @ Kevin Beares – "She got an email in her Facebook inbox from two of her friends. She clicked the link in the message and the rest was all badness."

    Running without UAC (vista) or admin on XP I see.

    @ozinca

    Having a server without a Uninterruptible power supply (UPS) is a recipe for disaster! I bought one for my home-built WHS and it will safely shutdown the WHS when the battery gets low. Love you WHS again by getting a UPS!

  7. Anonymous says:

    At your own risk you could try the beta WHS Backup Database-Backup Add-In at

    http://www.mediasmartserver.net/forums/viewtopic.php?f=3&t=2066

    Not tried it myself.

  8. Anonymous says:

    I have been running WHS since the V1 beta. I pretty much forgot it was there when it came to backups. Then in the space of 3 weeks recently I had reason to use the restore 3 times. These were two HD failures on different PC’s and one a rebuild after having to send a laptop for warantee repair. The laptop was returned with the out of box setup. I am sure glad that it just does its thing every night without me having to think about. If you put any kind of value on your time and data (or relationship with your partner :)) then only one single unprotected failure will soon convince you of the value. The problem is far too many consumers aren’t aware of the real risks or the existence of WHS to protect them. Also, too few retailers position the product correctly or attempt to educate the consumer.

  9. Anonymous says:

    Kevin

    So I too love Windows Home Server.  I have had it up since launch on my MSS.

    Backup has also save me too a bunch of times BUT.

    I cannot believe the fragility of the backup service.

    I have 10 machines accounts backed up there (or should I say had).

    The other night my house lost power and on reboot, I got a message saying my backup database was corrupted and I needed to recover it.

    I did.

    I ended up loosing 8 of the 10 backups in the recovery process.  Some of these for machines that I had been keeping the backups for till I relocated the data.

    Paul O’Farrell

    The guy who still loves WHS only slightly less so.

  10. Anonymous says:

    I’ve just got into the WHS having taken advantage of a 120 day demo disk from MS. So far so good and I’m quite impressed with the system.

    I’ve moved our shared media onto the box and duplicated it across the volumes in there.

    My concern is, if I lose the boot volume of the WHS, can I recover it and then get access to my backup data? The installation was all but unattended in terms of setting up the partitions and installing the system. If the boot volume goes and I have to resinstall, I cant see anyway of getting access back to my backup data including the shared volumes.

    Am I worrying unnecessarily?

Skip to main content