Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Probably the WORST malware damage I've ever seen...

09 Aug 2011   #1
Coke Robot

Windows 7 Ultimate x64
 
 
Probably the WORST malware damage I've ever seen...

K, I have a laptop that has a 500 gig hard drive and the complaint was that Windows wouldn't startup, Bootmgr is missing. The first thing I did was an std scan, Kaspersky 2012 found a few and I had to reboot to disinfect my machine since it spread to my drive.

After the reboot, I checked out what's in the hard drive and there's literally nothing but 1.5 gigs of files on it. I looked into the Windows folder and checked the gig amount in it, 1.3 gigs. There's no user data, or program data. It's almost like it was reformatted and Windows was gutted. Explorer.exe is gone.

At the moment, I'm running a file recovery on it and hopefully restore things back. But, my question is, how in the blue hell can something like that happen? Especially on 7, that is unheard of, at least to me.


My System SpecsSystem Spec
09 Aug 2011   #2
Maguscreed

Microsoft Community Contributor Award Recipient

Windows 7 x64
 
 

You are not alone never seen anything like that.
Just wondering though, have you ever attempted to view the drive when not actually booting from it before?
Do you use bitlocker or any other advanced security features.
There's a ton of reasons you wouldn't be able to see or view the files even though they were there.

edit: also were you booted from that drive when you ran the scan?
because if not it would not consider any of them as system files.
My System SpecsSystem Spec
09 Aug 2011   #3
Coke Robot

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by Maguscreed View Post
You are not alone never seen anything like that.
Just wondering though, have you ever attempted to view the drive when not actually booting from it before?
Do you use bitlocker or any other advanced security features.
There's a ton of reasons you wouldn't be able to see or view the files even though they were there.

edit: also were you booted from that drive when you ran the scan?
because if not it would not consider any of them as system files.
Yeah, I took it out from the laptop and into my system and looked around. I was thinking there might had been a Windows security thing going on so I double checked in ubuntu and it was the same result.

The drive isn't bitlocked since Home Premium is/was installed.

And no, the scanning was through my system since Bootmgr is missing on the laptop drive.
My System SpecsSystem Spec
09 Aug 2011   #4
Antkenn

Windows vista 64
 
 
Partition deleted and missing bootmgr

I am currently working to recover data from a windows seven samsung laptop.
On boot the same message missing bootmgr.
Using the recovery manager I was unable to recover the drive or to restore unless I optioned to reinstall to factory.
Removing the drive and slaving it to my computer, the drive was recognized but it asked me to format it to make it accessible.
I have just run a recovery program that took six hours to recover the data on the five hundred gb drive.
The owner had allowed her teenage son to use the computer so I am unsure if malware is responsible.
My System SpecsSystem Spec
09 Aug 2011   #5
Maguscreed

Microsoft Community Contributor Award Recipient

Windows 7 x64
 
 

Yeah you should have repaired the bootmgr first it's actually a pretty simple process.
I wish you luck in your file recovery attempts.
My System SpecsSystem Spec
09 Aug 2011   #6
Antkenn

Windows vista 64
 
 
Repair bootmgr

Thanx haven't damaged anything yet but am unable to start computer in safe mode or when I boot from cd then cancel and use command prompt I can't copy bootmgr or reinstall system from system partition.
I'm about to create a system disc from recovery and then install a basic windows installation then, as the system recovery cd can only be accessed from windows, reinstall the system to original state.
The samsung recovery option to restore to factory state stalls about one third of the way through so this is my only option unless you recommend another.

The client tells me that they were playing World of Warcraft and suspect they have been attacked by one of the players ?
My System SpecsSystem Spec
09 Aug 2011   #7
Maguscreed

Microsoft Community Contributor Award Recipient

Windows 7 x64
 
 

Likely paranoia the game client for WoW only talks to the server, there are no direct connections between players.
I think it unlikely.
My System SpecsSystem Spec
09 Aug 2011   #8
Antkenn

Windows vista 64
 
 

Ok great to know. I won't tell the mother that though. She is smart enough to have backed up to a portable. System restored via new install. Till next time.
My System SpecsSystem Spec
Reply

 Probably the WORST malware damage I've ever seen...




Thread Tools





Similar help and support threads
Thread Forum
Can Malware damage to the files existing on the host?
Hello guys, I'm somewhat aware of Malware and their actions. And also know how to get rid of them and clean the machine. And about the Malware, we all know that Malware can spread in the form of a Worm or a Virus. Viruses are Malware that require some form of user interaction to infect the...
System Security
PC laptops and accidental damage: Best and worst warranties 2014
PC laptops and accidental damage: Best and worst warranties 2014 | ZDNet
News
Can malware damage the files?
Hi all, When a computer is infected by malware, can that malware damage the non OS files or only damage the OS files? For example, someone may have thousands of various files in folders in drives of HDD, when his/her computer in infected by malware, is it possible that those personal files (such...
System Security
How do I unblock Windows Update after malware damage?
After becoming unable to download identified updates in Windows Update, and also being unable to search for new updates, I did a detailed scan with Microsoft Security Essentials which identified and removed some malware (Exploit:Java/CVE-2010-0840.IZ). Since Windows Update still wouldn't work I...
Windows Updates & Activation
What was the worst OS you have ever used?
What was the worst OS you have ever used? For it was Windows ME. To me that was Windows 98 with a few added features.
Chillout Room
What is the worst ever...?
Hello guys, What is the worst ever Operating System you have used? Mine was Windows ME, to me that was Windows 98 with a few added features not an operating system.
Chillout Room

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:57.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App