Well as I’m homeless and sleeping in a sleeping bag with a rucksac containing all my possessions, due to the cold weather the state put me in a hotel and my laptops got hacked.

Reinstalling windows and then AV scanning the backups has resulted in my backups being wiped.

So all my work is gone, my template builder which I’ve spent 4 years working on, to get it to version 5, but not quite complete, has gone, personal photos have gone, files, everything has gone.

Windows Defender never once reported a problem, but this laptop is still playing up despite having every single security measure switched on!

Anyway as I now no longer have any code or the apps I’ve been working on in order to sell, I’m now well and truly out of business.

So farewell and goodbye!

Criminals run the UK and work for the State.

Sorry to hear that Richard.

Theres not a lot that can be done.

The best backup system I ever had was to fill up a hard drive, then put a new one in copying over the work I needed onto the new drive.

Remember the drives werent that big back then but it served a couple purposes. The current anti virus scanner would detect all sorts of viruses on the old drives which the AV of the day never detected. I started off with a fresh copy of windows installed from CD not these easy to hack USB sticks.

Its easier to recover from hard drives than anything else especially if you bought batches of hard drives because a part could be swapped when hardware failures occurred.

Just contemplating what else to do with my life as Im not qualified for anything.

Its been down hill for me since I listened to govt employees, in particular moving to Norfolk, and I had the misfortune of being born to two untouchable govt employees as well!

Very sorry to hear this, Richard

Friedrich

Yeah, its frustrating, one thing after another.

Fortunately I didnt bitlocker encrypt the backup drives so I’ve been able to run this program and recover files over night.

I need to work out the file signature for .app, .clw, .inc, etc etc and add it to the recovery program as its just recovering them as txt files at the moment and sifting through 2TB of txt files isnt practical, but randomly selecting folders and txt files show its recovered template files, based on its contents, havent found any app, dct, clw, inc’s etc yet though but I only started recovery at 1600hrs yesterday.

Dont have my C6 or C10/11 installers at the moment but to be fair cant remember what the c10/11 serial number is, but my I do remember my c6 serial numbers so if anyone could upload a copy of c6.3 with patches to 9054, I can provide a one drive link to upload it to.

What an exercise to go through though…

Oh, man…
So sorry to hear that…

Glad you were able to get some items back.
No cloud backups at all?
I backup to external drives, google, dropbox, onedrive and Crash42 every day, overkill, maybe, but I sleep better.

Dont trust cloud, plus the bandwidth here in the UK is still too slow for it.

OneDrive couldnt keep up with the PhotoRec file recover process, so my pc hard drive filled up and I had to abort recovering files to OneDrive, and thats when synching problems happen and OneDrive will swamp your CPU so it maxes out at 100% and you cant use the pc any more.

So I ended up having to recover to another 2TB external drive and manually delete the files from the web page interface of One Drive, kill the app on the pc and manually delete the One Drive recovered files stored locally because it was crashing the PC. Its still not ideal and its been a several years since I lasted tried to used OneDrive and the same problems still exist.

In future, I’ll be using batches of identical smaller drives, not giant drives, because if a hard drive fails, I can break them apart and swap heads and platters from one chassis to another.

I’ll also make the sectors sizes massive to avoid file fragmentation which will make file recovering more successful when partitions are damaged/erased. I think I’ll be investigating different file systems at this point as well because NTFS, exFat, FAT32 all have strengths and weaknesses when trying to recover files.

And then finding a good util which can search through tens of thousands of folders and millions of files to identify them automatically will be useful, but thats if I use the default photorec util to recover files. I’m looking at the options to specifically add clarion files to the file types to see if it can recover them more easily because the clarion .exp file is sometimes recognised as a .java file and a .c file. Template files are recognised as txt files and .c files with some loss of the first few chars in a file. Havent found any .clw’s yet, or .app, .dct, .bpp, .dct, .inc and other clarion specific files yet.

Had a conversation a few weeks ago with someone who used to work with HP here in the UK ironically on the Tape Drive Backups when the US arm didnt want to work on it.

He seemed confident that tape drives will make a come back, which is the irony of my situation, but tape drives get dirty, tape wears out as it runs over the head, just look at how music cassettes used to mess up with repeated use even in high end hifi or professional tape units.

Hard drive arms/heads dont touch the platters so they are more robust than tape imo and components are easily interchangable when parts like heads and motors fail, if a batch of identical drives are purchased at a time.

Plus having batches of smaller hard drives makes it hard to wipe data when hacked or inexperienced do risky ops, or something else goes awry.

However, I’m just glad I didnt use bitlocker to encrypt the backup drives as it would definately be Game Over!

sorry to hear of your ongoing problems Richard, but very glad you have been able to find/recover some files.

I do a combination of backups including simply emailing myself zipped up files to gmail so it is in the cloud, on top of having chosen directories automatically mirrored in the cloud. No doubt others have different strategies including github or whatever - but I note your lack of trust in the cloud which limits your options. Re the drive arms/heads, I recently bought an external 4TB SSD, which plugs into the USB port - so there are no moving parts so I am hoping it should be reliable. The prices of hard drives have dropped a lot - or perhaps you pay the same now as you did for the previous one but it has twice the capacity.

Anyway good luck with recovering the remainder of your files.

The first few bytes of an C6 app seem to be 68 68 6C D6 Hope that helps

I recently received an email from GRC that SpinRite supports SSD now, btw. GRC | Hard drive data recovery software  

Wow, I didn’t think spinrite was still in existence! Used to use it all the time.

Thanks, this should be useful.

Because of file fragmentation its looking like Im going to have to use TestDisk to rebuild the partition and then PhotoRec to recover the clarion files from the rebuilt partition, but as it takes about 24hrs to do one disk, Im not going to know what is the best way to recover clarion files until the processes have finished.

It also looks like PhotoRec can be configured to pull out selected file types and ignore others which should make it possible to limit it to the clarion files only.

Currently have over 6000 folders to sift through so need to improve this situation.

I’ll give this a go as well to see how it performs. I always liked his port scanner.

Written in assembler but it has got me thinking what file system would be best for data recovery situs.

Makes me wonder if something like RAID exists for single drive file systems. Large drives could still redeem themselves in my books if they could be used as a single drive with a file system that provides redundancy.

Obviously NTFS, exFAT and the recently increased FAT32 doesnt have that redundancy, but if the FS duplicated, triplicated, striped the data across the single drive, that would be useful.

ZFS handles bitrot and copies=x for single drive redundancy, but dont know if it can be built into windows via the linux subsystem.

Seems like another can of worms being opened here…

Im happy getting a 4TB drive with 1TB of storage and 4x redundancy…

Edit.
Even Dynamic Disks cant do it on Windows as they are designed to be on(line) all the time…

Same even applies to the new MS ReFS which is surprising.

Might have to fire up gparted gui and see what it can configure for some insights for single drive redundancy…

Oh F&$# Hacker !!.. Sorry to hear Richard .

Did you leave the External Backup online running, while Hacker kill it ?

What was software AV ? Is Windows Defender ?

I alway Backup External by manual like plug USB and click Backup Now while I work a day, Until complete then unplug and put the fireproof safe lock or take with me bring home.

I dont know when it happened, but I had earlier been testing different configs and some of my scrips from Generate autounattend.xml files for Windows 10/11 with the Windows Media Creation Tool as I can reinstall win 11 and apps, with windows configured how I like, like start button on the left using this autounattend in about 11 mins.

So the easiest explanation is I selected the wrong USB drive because unusually I must have had the back drives plugged in as well, but I’m adamant I didnt have both plugged in at the same time. I dont even have the laptop connected to wifi or bluetooth when I plug the backup drives in.

Ironically I’d been finishing up an app which records all activity, so if it was finished it would have told me what exactly had happened, ie did I have the backup drive plugged in and then used it with the Windows Media Creation Tool or not… A small bit of that activity logging code can be seen here: Extending Win32.LIB adding 2 Kernel Functions - #5

However I didnt spot this until the Windows Defender had unusually scanned the drives in record breaking time, so I have 32Gb of windows install files overwriting other files.

Its a PIA though but the file recovery exercise is useful, if not unwanted and yet another set back but trying to find a file system that can provide redundancy on single drives is also useful.

What version app were you seeing that in?

One common sig for app and dct files is…

cla 0D 0x744F7053

C6.3 app & dct are

app 0 0x0000000000020034010000340100744F7053
dct 0 0x000000000002004A0000004A0000744F7053

Other versions of clarion apps, eg C55 have a different hex sig.

Create an ascii encoded file called photorec.sig and place the file in the folder where photorec.exe is and copy each line onto its own line in the photorec.sig file.

I understood, That Microsoft (Windows) Defender was NOT PERFECT say 60% rate.

I suggest that ESET or Avast or Bitdefender AV were 98% powerful tools and alway update on every hour help scanner on every the files is protection. So Against a Windows or Microsoft Defender were too slow and delay a update within 3 months, Too little too late !

I used a ESET Security Premium been 32 years alway caught & destroy a virus. ESET knew that many Bad Social, SPAM email, advertising, poster inside who evil write a programmer can hacker or virus.

I hope, you will restart your business again !

One of my customers wanted/tried Eset on their corporate network and it ended up being removed after the year was up. Only AV comp I had to ring to get stuff to work, main issue was the push to workstation didnt work.

Used Symantec enterprise for corporate, ie ms exchange server and workstation with their cloud spam dns reroute, that worked ok but penny punching caused it to get ditched for others.

Stuxnet showed no AV could detect it as it takes the AV ages to reverse engineer it because it was so well written, same with alot of ransomware, alot of AV cant detect it and only their heuristics might step in and kill the process. The hourly updates are new sigs of already known viruses, its the new viruses they struggle with as noted with our own software not always being flagged or whitelisted properly even when codesigned.

My own demo app linked above showing dll loading got flagged when I copied it from my xp vm running c6.3 onto win11 for testing so whilst a false positive, its heuristics still suspected enough to flag it, ie the dll loading. Shame it couldnt see the loadlibraryex flags requiring dll sìgning…

The one AV I do rate is Kaspersky but its not politically trusted.

I rate it because it found some malware which required their rescue disk and the rescue disk was blocked from uploading its definitions to resolve the issue.

Ive also had things like pegasus on one of my phones* as well…

Lets just say I dont tow the UK govt line… which hurts online and offline!

• AirBnb’s were dissappearing from the app, which manipulated where I could stay and not stay.

Edit.

So far ZFS seems to be the only file system with a possible Win10+ option which could provided some “redundancy” on a single drive, which could be used to rebuild partial (external/usb) drive failures.

Basically, a single drive with single “vdev” and 2 or 3 copies/ditto blocks of the data is stored on the single (external/usb) drive along with file system “meta data” stored automatically 2 times using “spatial diversity” across the drive.

https://docs.oracle.com/cd/E19253-01/819-5461/gevpg/index.html

2nd image of page 2 on this link shows it best.

Where cloud, tape or physical raid drives is not possible or impractiable or whatever, copies>1 is next best option, and there is an OpenZFS for Windows, making it potentially possible to use on Windows.

The rebuild process for ZFS is called resilver(ing), but if I can get this to work on a laptop, this might be the best stop gap to avoid future data loss when only large external hard drives are the only practical option.

*Might be available on Wayback Machine
https://blogs.oracle.com/relling/entry/zfs_copies_and_data_protection

Resolving Problems With ZFS

https://docs.oracle.com/cd/E19253-01/819-5461/gbbuw/index.html

Viewing Resilvering Status

https://docs.oracle.com/cd/E19253-01/819-5461/gbcus/index.html

Replacing a Device in a ZFS Storage Pool

https://docs.oracle.com/cd/E19253-01/819-5461/gbcet/index.html

Mods, if there’s too many links posted, would storing in a txt file and attaching the text file be a better option?

Edit2

A pertinent link because whether homeless lugging stuff around in a laptop or on a boat with no net access, they both have parrallels.

I’m sorry to hear that…