Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Massive malware infection has made a mess

25 Dec 2015   #1
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 
Massive malware infection has made a mess

I had a malware/trojan infection a few days ago that kept me occupied for the better part of two days with cleaning up using:

Malwarebytes Anti-Malware and Anti-Rootkit
AdwCleaner
Junkware Removal Tool
Norton Power Eraser
Sophos Virus Removal Tool
Trendmicro Housecall
SpyBot Search & Destroy
and Chrome Cleanup-Tool.

Now, when the smoke has cleared and I try to assess damage done, even the c:\users\MyName\appdata is gone(!) and I find files and and folders in completely new places, some empty, some not.

It is seemingly an unholy mess (but wholly a mess;) and I wonder if the best thing would not be to simply reinstall Windows 7 as it is next to impossible to distinguish what is whole and what is messed up.

Would a system restore really restore e.g. c:\users\MyName\appdata, a folder which is kinda, sorta useful?

So what say you? Would it be better beginning with a clean slate, or is there hope yet?


My System SpecsSystem Spec
.
25 Dec 2015   #2
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Clean install after running CLEAN ALL from DISKPART

Disk - Clean and Clean All with Diskpart Command
My System SpecsSystem Spec
25 Dec 2015   #3
mitchell65

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

I presume, Göran, that you have not been regularly backing up your system with something like Macrium Reflect. May I urge you after following Golden's advice to install Macrium and make regular backups at least once a week. Then when you have a problem you can restore your system and be up and running again within the hour!
My System SpecsSystem Spec
.

25 Dec 2015   #4
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 

Quote   Quote: Originally Posted by Golden View Post
Clean install after running CLEAN ALL from DISKPART

Disk - Clean and Clean All with Diskpart Command
Thanks Golden. This would give me about as clean a slate as they come;)
My System SpecsSystem Spec
25 Dec 2015   #5
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 

Eeeey... Mitch, old friend! Good to 'see' you!! Hope your'e doing fine. Happy New Year to you btw! "I presume, Göran, that you have not been regularly backing up..." how dare you inseminate that...and who are you all of a sudden to presume...uh...how in blazes did you know?

"May I urge you /.../ to install Macrium and make regular backups...?" Yes my boy, you may.

Now it's off to clean this slate I go...thanks good buddies, happy New Year all around!


'It wasn't me but I'll never do it again...'
My System SpecsSystem Spec
25 Dec 2015   #6
iknowjohnny

windows 7 professional
 
 

Quote   Quote: Originally Posted by Admiral Awesome View Post
c:\users\MyName\appdata is gone(!)
R U sure it's not just hidden? Some of those anti malware and virus apps will turn "view hidden files and folders" back to hidden in folder options so you may just not be able to see it.
My System SpecsSystem Spec
25 Dec 2015   #7
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 

"R U sure it's not just hidden? Some of those anti malware and virus apps will turn "view hidden files and folders" back to hidden in folder options so you may just not be able to see it."

Now you tell me;) Anyway, there's 106,304 files on the system drive to check, and at that point I had been awake for some 24 hrs straight not wanting to give up. At that point I gave up, and came here to write the OP.

After that I just went ahead and did what user Golden suggested and nuked the system drive - nuked it but good, then reinstalled Windows.

I could have never quite gotten rid of the nagging suspicion that, even if I had known about what you now tell me, there was still some bad code lurking in the depths of all those files, ready to pop up at some time in the future and wreak havoc anew.

I want my PC to be my PC, no compromise. Then I took that know-it-all whippersnapper Mitchell's advise and got Macrium and backed up the C drive on an external drive.

So I'm good. Thanks for replying though
My System SpecsSystem Spec
26 Dec 2015   #8
mitchell65

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Quote   Quote: Originally Posted by Admiral Awesome View Post

Then I took that know-it-all whippersnapper Mitchell's advise and got Macrium and backed up the C drive on an external drive.
Thanks for that - I haven't been called a "whippersnapper" since circa 1947
My System SpecsSystem Spec
26 Dec 2015   #9
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 

Quote   Quote: Originally Posted by mitchell65 View Post
Quote   Quote: Originally Posted by Admiral Awesome View Post

Then I took that know-it-all whippersnapper Mitchell's advise and got Macrium and backed up the C drive on an external drive.
Thanks for that - I haven't been called a "whippersnapper" since circa 1947
You're welcome young man. I hope it's not a derogatory term (as you know, this is not my first language); it certainly wasn't meant like that. Thanks for the reminder to back up - I had been meaning to for years. You obviously knew who you were dealing with
My System SpecsSystem Spec
26 Dec 2015   #10
tony22

Windows 7 Ultimate x64 SP1
 
 

Göran, I'm curious. Can you recall what each of the various tools found during your efforts to identify and remove the problem(s)?
My System SpecsSystem Spec
Reply

 Massive malware infection has made a mess




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Possible malware infection
Sorry if ths is in the wrong section,,i wasn't sure where to put itl. My cother computer wont let me visit any pages at all with any browser and it also wont let me run hardly any programs either. I have cleeaned the system with Malwarebytes Anti Malware and tried to use superantispyware but...
System Security
Malware infection.
Hi, so this all started when I clicked on a Shipment Label.exe that arrived on my email, impersonating FedEx, a minute later, I get hit by a Malware denying me internet. So, I start by running Avira which didn't find anything. So, I go onto my laptop to see what I can do, after that, I restart my...
System Security
Possible malware infection
Hey, I have been having problems with BSODs, and have been redirected to here from the BSOD subforum. http://www.sevenforums.com/bsod-help-support/281276-recent-bsods-happening-random.html I have no idea what I should post or say here furthermore, but I do need help as it is a very big...
System Security
Win 7 Install Has Made A Mess
I've had to re-install Windows 7. And it naturally did something completely screwy - Disk 0 used to be Disk 1, and vice versa. Rearranged my Disk labels, and drive letters in a nonsensical way, but far worse, it has labeled my Documents drive as "System, Active" (in MiniTools Partition...
Installation & Setup
Made a mess of my partitions, need to recover what is possible
Hello, My name is Alex, and first of all, I would like to thank you for taking the time to help me. SYSTEM: I am running an optiplex 755 with a 160gb 7200rpm hard drive. Just added a 320gb WD 5400rpm hard drive. WAS dual booting win7 pro 64bit (OEM) and winxp pro 32bit ATTEMPTED: I wanted...
Hardware & Devices
Made a mess of C:\users\public security
Files within c:\users\public folder have been reset to owner "Administrators" and all security is gone. Inhereted security from c:\users\public is still there on all files and folders. What security is the default on a normal windows 7 machine? Please send me outpu of follwing commands ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 19:05.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App