I lost everything in all directorys with the letters doc in their name through a virus that doesn't seem to have antivirus software support as yet. Didn't just happen to me but to a friend also and we hadn't shared a single file and both computers were fire-walled and protected by current anti-virus/anti-malware software so we both have no idea how this thing got onto our systems and caused the havoc it did. He was using my modem connection to connect to the net and I'm currently eying my service provider with suspicion. Luckily Recuva seems to have found just about everything lost and I am slowly recovering my files. I have struck a couple of problems though.
1. It only appears to locate the most common file extensions and template files (ie .dot or .dotx) haven't been included in the search.
How can I find files with uncommon extensions?
2. Downloaded a trial version of
Recover My Files
and though
Recuva
has a much more user friendly & intuitive interface, the other software does seem to find more 'lost' items.
How can I find what I don't know I've lost???
3. I was using the file type facility to 'sort' my lost files into folders when I recovered them but, as I worked through each type, I didn't think to deselect the type I had just worked through and recovered. ie I sorted through my pictures and recovered them into a new folder then sorted the documents. However when i went to the documents folder it had also re-recovered the picture files I had originally sorted and saved in another folder and then re-saved them again.
Other than going back and remembering to deselect everything each time, is there anyway that once a file is recovered, it can be removed from the list unless the entire scan is redone?
This virus or worm or what-ever it is, targets specific directories and deletes everything within them. I had a directory called WebDocs and it deleted everything within it. This directory was not under the My Documents folder but in one by itself like My Pictures or My Downloads. It appears that these commonly named folders have a weakness and my solution has been to rename anything with a common Microsoft created title. For instance, my movies/videos folders are now called Flicks etc.
Didn't just happen to me but to a friend also and we hadn't shared a single file and both computers were fire-walled and protected by current anti-virus/anti-malware software so we both have no idea how this thing got onto our systems and caused the havoc it did. He was using my modem connection to connect to the net and I'm currently eying my service provider with suspicion.
My Windows 7 Desktop has Ethernet to Netgear Router.
I enabled Wireless and powered up my friend's Vista which detected my Signal.
I gave it my WAP2 password and it connected.
I checked my Desktop network and could see Vista sharing folder.
Had I not run Malware bytes and removed 5 trojans from the Vista before I allowed connection my Desktop could have been infected.
It was not your I.S.P. that cross-infected you, but promiscuous Windows.
Pause for thought.
How do you know that there is no infection within either the files that remain or that you want to retrieve.
My Windows 7 Desktop has Ethernet to Netgear Router.
I enabled Wireless and powered up my friend's Vista which detected my Signal.
I gave it my WAP2 password and it connected.
I checked my Desktop network and could see Vista sharing folder.
Had I not run Malware bytes and removed 5 trojans from the Vista before I allowed connection my Desktop could have been infected.
It was not your I.S.P. that cross-infected you, but promiscuous Windows.
Pause for thought.
How do you know that there is no infection within either the files that remain or that you want to retrieve.
I know just enough to generally know not to get myself in trouble but not this time. Your scenario sounds very similar to what we did except he lost his files that night, I lost mine either at the same time and didn't notice or the next day. It seems like a hell of a cosmic coincidence for it to happen to both of us at the same time but, hey, stranger things happen with random electrons.
Trust me, I am more than pausing every time I recover the files to consider a reinfection except the lil' nasty is still probably there. I want to recover the files onto a partitioned drive which can save the data without overwriting anything still not recovered. Once I've accomplished that, I'll continue the search for a solution. I have sent an email to Kaspersky my anti-everything provider and have searched the net for removal tools. most still don't support Windows 7 (Symantec, McAfee, CA etc) I would appreciate any suggestions in addition to the one above I am currently downloading.
I have also searched for malware that has this footprint (specifically targeting doc folders)but have so far found nothing except for a virus actively commented on over 5 years ago. Am I naive to believe my anti-everything software should have picked it up and 'smote' the lil' beggar down?
cheers
Liz
(old enough to use age as an excuse for this debacle)
If this happened to me I would simply plug in my Macrium Boot Rescue CD and restore my Partition Image backup file and restore to the previous day's state
In your situation without any image restoration possibility I would :-
Recuva what I could to another drive whilst fearing that with every action I am spreading infection around my P.C. and the Recuva destination drive ;
Wipe free space in case anything not Recuva'd might escape the next time I retrieve a lost file - I never W.F.S. but fear defeats principles ! !
If this happened to me I would simply plug in my Macrium Boot Rescue CD and restore my Partition Image backup file and restore to the previous day's state
In your situation without any image restoration possibility I would :-
Recuva what I could to another drive whilst fearing that with every action I am spreading infection around my P.C. and the Recuva destination drive ;
Wipe free space in case anything not Recuva'd might escape the next time I retrieve a lost file - I never W.F.S. but fear defeats principles ! !
I have also searched for malware that has this footprint (specifically targeting doc folders)but have so far found nothing except for a virus actively commented on over 5 years ago. Am I naive to believe my anti-everything software should have picked it up and 'smote' the lil' beggar down?
cheers
Liz
(old enough to use age as an excuse for this debacle)
Absolutely! Not every virus can be caught by every anti-virus. This is an ongoing battle between hackers and security suite publishers. And a huge multi-billion dollar industry has arisen around this fracas.
I rely on a full-disk backup image to guard against anything that might get "through". If my system gets attacked or damaged or generally made un-usable, I just go and restore. It's like having a magic technician on call 24-7, he can repair any system problem in 45 minutes! And there is no lingering question about whether "all of it is gone".
Backups are the most important defense you can have against mal-ware today.