In reply to captain paranoia:
> Regularly image your computer's OS/Program HDD/SSD. I use Macrium Reflect; it's free. It images to my NAS.
Every now and then I image my OS, and I've 5 differing versions by using Acronis 2016. However I'm thinking about upgrading because the current version has some blurb about Ransomeware prevention.
> Regularly back up your Data disk to a removable USB HDD. I use FreeFileSync to back up my NAS, which holds my OS images, and my data (I don't keep data on the PC).
I keep copies of all my stuff on my PC and NAS box. I was under the impression that if the data isn't in two places at the same time then its not backed up. So far I'm using Window's File History to back up versions of my data/stuff to my NAS box which goes back six months, just in case I delete a file or two that I regret but don't realise for a couple of months.
I then use Free File Sync to back up my NAS box to two USB hard drives. These are not duplicates, I just don't want to store everything on one USB drive. Just in case the USB drive dies.
> I can restart from a catastrophic failure by using a Linux live CD to wipe the PC's HDD, then use a Macrium Rescue DVD to recover the PC's OS disk from my backup USB drive.
As far as I can tell, my Acronis backup software uses a Rescue Disk which is basically a Linux(Possibly) Live CD where I can restore my OS copy to my C-Drive. I'm guessing that it completely wipes the drive in this process, killing what ever nasties may be hiding on it. I don't know if this is true and would appreciate advice from anybody who knows about this sort of thing.
> I can re-build the NAS from the ground up, either with a hard formatted disk (Linux live CD again), or with a new disk, and then restore the NAS files from the backup disk with FFS.
I have a Synology NAS which has a Hyper Vault which can backup everything from the NAS box to an external hard drive but I don't use this option. I tried to use it but the process was exceptionally slow. I gave up after 72 hours straight and still nowhere close to finishing the project. I rely on Free File Sync to copy the data to external hard drives.
> This all assumes the ransomware wasn't a sleeper, and therefore present on the backup, only to re-activate itself when restored. The answer to that would be to run a Linux live CD and run a search and destroy on the ransomware.
May I ask what distro and software I could use to disinfect a window's OS?
I find this whole process complicated, or am I overcomplicating matters and there is a simple solution that I am missing to ensure that should I get Randsomeware, I can recover my stuff?
I don't care about the OS because that will be nuked from the outset.