Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › I've been attacked and lost 400GB of my HD.
New Posts  All Forums:Forum Nav:

I've been attacked and lost 400GB of my HD.

post #1 of 12
Thread Starter 
Hey,

The other day i was using my computer, the usual stuff, msn, gaming, internet, and then this popup came up from the bottom right of the screen saying "malicious software detected" then i clicked the "more info" and it showed the path to some "trojan.exe" in system or system32, then i clicked "search for additonal information of this file on the online database" or something like that, then the screen went black for 3 seconds and rebooted, then windows started loading and rebooted again, and since then i cant get to windows.

I booted from the windows 7 CD and it doesnt detect my HD.
I tried the "repair", it didnt worked.

now im using some Linux Live CD's i have, Gparted says 400GB of my hd (my DATA partition, where i keep all my important stuff) is "Unknown" File system, and i cannot mount it confused.gif

Is there any way to recover the lost partition(s) or files? // Mostly media, projects, ebooks, games, music etc.
Was this caused by a hardware malfunction or a trojan? rolleyes.gif

Please give me some advice, im a bit desperate wink.gif
Super lol system
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x3 720 @ x4 20. M4A77TD XFX HD 4870 XXX Super Talent 4GB 
Hard DriveOptical DriveOSMonitor
Seagate 500GB. CD Rom 52xD Windows 7 Ultimate / GNU-Linux. Samsung 2053NW 
KeyboardPowerCaseMouse
Logitech TR2-470W Thermaltake Topower Logitech Mx510 
  hide details  
Reply
Super lol system
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x3 720 @ x4 20. M4A77TD XFX HD 4870 XXX Super Talent 4GB 
Hard DriveOptical DriveOSMonitor
Seagate 500GB. CD Rom 52xD Windows 7 Ultimate / GNU-Linux. Samsung 2053NW 
KeyboardPowerCaseMouse
Logitech TR2-470W Thermaltake Topower Logitech Mx510 
  hide details  
Reply
post #2 of 12
Look into some software for data recovery. There are pieces of software that will dig through a drive (that is not booted to of course) and take the literal data off of the disc. When you 'format' a drive, the data doesn't disappear, it just gets ignored. But as you write data to the drive, the old data gets over-written. So simply stop using the drive and use one of those programs. A piece of software we use at work is R-Studio, but it costs and is not free.
    
CPUMotherboardGraphicsRAM
Intel Q6600 2.4GHz G0 GIGABYTE P35-DS3L NVIDIA GTX 260 4GB DDR2 1066 
Hard DriveOptical DriveCoolingOS
640GB Seagate 7200.11 Generic DVD/CD Drive Arctic Cooling Windows 7 Pro 64-bit 
MonitorKeyboardPowerCase
Acer 22" H233H Wireless Logitech Corsair TX750 Attached to a wall via screws 
Mouse
Wireless Logitech 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Q6600 2.4GHz G0 GIGABYTE P35-DS3L NVIDIA GTX 260 4GB DDR2 1066 
Hard DriveOptical DriveCoolingOS
640GB Seagate 7200.11 Generic DVD/CD Drive Arctic Cooling Windows 7 Pro 64-bit 
MonitorKeyboardPowerCase
Acer 22" H233H Wireless Logitech Corsair TX750 Attached to a wall via screws 
Mouse
Wireless Logitech 
  hide details  
Reply
post #3 of 12
The pop up was it your anti-virus/spyware program or just something that looked like windows.

So you cannot boot into last known good or safe mode with windows (Tap F8 during boot)?
post #4 of 12
The thing that popped up at the corner and was saying "malicious software detected" is actually a malware or whatever it's called. I think you should try to boot into safemode and run malware/spyware cleaner. There's Malwarebytes for free, u could use it.
~|Nanpa|~
(15 items)
 
  
CPUMotherboardGraphicsRAM
|A8-3870k 3.5Ghz| |Gigabyte GA-A75-UD4H| |Onboard 6550D -_-| |Samsung 30nm Low Profile 2133 Cas9| 
Hard DriveOptical DriveCoolingOS
|Corsair Force GT 90GB|WD 820GB| |SamSung BluRay| |Stock Heatsink -_-| |Win 7 Ultimate x64| 
MonitorKeyboardPowerCase
|Samsung S27A950 120Hz 3D| |Microsoft SideWinder X4| |CorSaiR HX650| |Open TechBench|White LeDs|PurPle UV| 
MouseMouse PadAudio
|Microsoft SideWinder X8| |SteelSeries Diablo III| |OnBoard| 
  hide details  
Reply
~|Nanpa|~
(15 items)
 
  
CPUMotherboardGraphicsRAM
|A8-3870k 3.5Ghz| |Gigabyte GA-A75-UD4H| |Onboard 6550D -_-| |Samsung 30nm Low Profile 2133 Cas9| 
Hard DriveOptical DriveCoolingOS
|Corsair Force GT 90GB|WD 820GB| |SamSung BluRay| |Stock Heatsink -_-| |Win 7 Ultimate x64| 
MonitorKeyboardPowerCase
|Samsung S27A950 120Hz 3D| |Microsoft SideWinder X4| |CorSaiR HX650| |Open TechBench|White LeDs|PurPle UV| 
MouseMouse PadAudio
|Microsoft SideWinder X8| |SteelSeries Diablo III| |OnBoard| 
  hide details  
Reply
post #5 of 12
Quote:
Originally Posted by lkegley9;13100247 
Look into some software for data recovery. There are pieces of software that will dig through a drive (that is not booted to of course) and take the literal data off of the disc. When you 'format' a drive, the data doesn't disappear, it just gets ignored. But as you write data to the drive, the old data gets over-written. So simply stop using the drive and use one of those programs. A piece of software we use at work is R-Studio, but it costs and is not free.


I thought that just applied when you do a quick format, actual format writes zeros to the platters right?
MuchoIdiot II
(9 items)
 
MEDIASERVER 2
(14 items)
 
 
CPUMotherboardGraphicsRAM
core i7 7700k Asus maximus IX hero Gigabyte GTX1080Ti G.SKILL TridentZ RGB Series 32GB (4 x 8GB) 288-... 
Hard DriveCoolingOSPower
Samsung 960 EVO m.2 Corsair H115i Windows 10 Pro Corsair HX1000i 
Case
Corsair 750D Airflow 
CPUMotherboardGraphicsRAM
AMD FX8350 Asus M4A785-M none 8GB DDR2 800Mhz 
Hard DriveOptical DriveCoolingOS
16x LP 2/3TB Seagate Asus External Corsair H70 Windows 10 
MonitorKeyboardPowerCase
none none Corsair TX750W Antec 1200 
MouseMouse Pad
none none 
CPUMotherboardGraphicsGraphics
Pentium 2 300Mhz pd440fx 3DFX VooDoo 2 3DFX VooDoo 
Hard DriveOptical DriveOSMonitor
Crucial C300 LightScribe DVD writer Windows 98SE Westinghouse LCM22W3 
KeyboardPowerCaseMouse
Keytronic Corsair CX500 Micron Millennia XRU Logitech PS/2 Optical mouse 
Audio
Soundblaster 16bit ISA 
  hide details  
Reply
MuchoIdiot II
(9 items)
 
MEDIASERVER 2
(14 items)
 
 
CPUMotherboardGraphicsRAM
core i7 7700k Asus maximus IX hero Gigabyte GTX1080Ti G.SKILL TridentZ RGB Series 32GB (4 x 8GB) 288-... 
Hard DriveCoolingOSPower
Samsung 960 EVO m.2 Corsair H115i Windows 10 Pro Corsair HX1000i 
Case
Corsair 750D Airflow 
CPUMotherboardGraphicsRAM
AMD FX8350 Asus M4A785-M none 8GB DDR2 800Mhz 
Hard DriveOptical DriveCoolingOS
16x LP 2/3TB Seagate Asus External Corsair H70 Windows 10 
MonitorKeyboardPowerCase
none none Corsair TX750W Antec 1200 
MouseMouse Pad
none none 
CPUMotherboardGraphicsGraphics
Pentium 2 300Mhz pd440fx 3DFX VooDoo 2 3DFX VooDoo 
Hard DriveOptical DriveOSMonitor
Crucial C300 LightScribe DVD writer Windows 98SE Westinghouse LCM22W3 
KeyboardPowerCaseMouse
Keytronic Corsair CX500 Micron Millennia XRU Logitech PS/2 Optical mouse 
Audio
Soundblaster 16bit ISA 
  hide details  
Reply
post #6 of 12
Do you have access to another computer? If you do make sure your antivirus is up to date and then put the hard drive in there as a secondary drive. You can then try to browse to your storage partition and also you can try to clean the malware that is on that hard drive using malwarebytes or another good cleaner.
post #7 of 12
Thread Starter 
I cant get to windows in any way, i have tried everything, only drivers, safe mode etc, and the windows 7 DVD wont even detect my HD.
The popup was the Windows defender or something like that. It looked like a windows thing and the name was familiar thats why i clicked it. I regret it now frown.gif

Aawa thats what i thought, but booting from a live CD is the same thing and i cant mount the partition so i dont have access to the files.
Edited by octohedron - 4/12/11 at 1:06pm
Super lol system
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x3 720 @ x4 20. M4A77TD XFX HD 4870 XXX Super Talent 4GB 
Hard DriveOptical DriveOSMonitor
Seagate 500GB. CD Rom 52xD Windows 7 Ultimate / GNU-Linux. Samsung 2053NW 
KeyboardPowerCaseMouse
Logitech TR2-470W Thermaltake Topower Logitech Mx510 
  hide details  
Reply
Super lol system
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x3 720 @ x4 20. M4A77TD XFX HD 4870 XXX Super Talent 4GB 
Hard DriveOptical DriveOSMonitor
Seagate 500GB. CD Rom 52xD Windows 7 Ultimate / GNU-Linux. Samsung 2053NW 
KeyboardPowerCaseMouse
Logitech TR2-470W Thermaltake Topower Logitech Mx510 
  hide details  
Reply
post #8 of 12
Yeah, that's called Rogue Software. Gets the best of us, and the best way to learn to avoid it is experiencing it.

Can you access your hard drive from another computer to run an external scan?
post #9 of 12
Thread Starter 
i could download some linux app's and run them from the live CD, or i could take the HD to my friends house and try some, but i was trying to find a solution from the live CD if there is one.

And if i were to access my HD from another computer, i wouldnt know what to do with it... it has 400GB of "unknown", windows cant detect it, only thing i could think of is to format it in linux, then create new tables and try to recover the data after that...
Edited by octohedron - 4/12/11 at 1:16pm
Super lol system
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x3 720 @ x4 20. M4A77TD XFX HD 4870 XXX Super Talent 4GB 
Hard DriveOptical DriveOSMonitor
Seagate 500GB. CD Rom 52xD Windows 7 Ultimate / GNU-Linux. Samsung 2053NW 
KeyboardPowerCaseMouse
Logitech TR2-470W Thermaltake Topower Logitech Mx510 
  hide details  
Reply
Super lol system
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x3 720 @ x4 20. M4A77TD XFX HD 4870 XXX Super Talent 4GB 
Hard DriveOptical DriveOSMonitor
Seagate 500GB. CD Rom 52xD Windows 7 Ultimate / GNU-Linux. Samsung 2053NW 
KeyboardPowerCaseMouse
Logitech TR2-470W Thermaltake Topower Logitech Mx510 
  hide details  
Reply
post #10 of 12
I'd suggest you to use Pandora Recovery. It's free and works perfectly with my SD cards. It's supposed to work with HDDs too...

You can see how to use it here: [ame="http://www.youtube.com/watch?v=juBtfwkBGy0&feature=channel_video_title"]How to UnDelete & Recover Files on a Memory Card[/ame].
The Beast
(19 items)
 
Dell Studio 1537
(13 items)
 
 
CPUMotherboardGraphicsGraphics
Intel Core i7 2600k Gigabyte GA-Z68XP-UD3P EVGA GTX 580 Fermi EVGA GTX 580 Fermi 
RAMHard DriveHard DriveOptical Drive
G.SKILL Ripjaws X Western Digital Caviar Green Crucial RealSSD C300 LG GH24LS70 24X SATA Lightscribe 
CoolingCoolingCoolingOS
Corsair H100i Coolermaster Megaflow 200MM Red LED Scythe GentleTyphoon AP-15 Windows 7 Ultimate 
MonitorKeyboardPowerCase
Dell ST2310 Microsoft Wireless Keyboard 3000 Corsair AX850 Corsair 600t 
MouseMouse PadAudio
Microsoft SideWinder X8 XTrac Ripper ASUS Xonar DG 5.1 
CPUMotherboardGraphicsRAM
Intel Mobile Core 2 Duo T5800 Dell 0P173H-A09 Mobile Intel 4 Series Express Chipset Family 3gb @ 400 MHz 
Hard DriveOSMonitorKeyboard
320gb Windows Vista SP1 Dell ST2310 Microsoft Wireless Keyboard 3000 
CaseMouseMouse Pad
Dell Studio 15 Microsoft SideWinder X8 XTrac Ripper 
  hide details  
Reply
The Beast
(19 items)
 
Dell Studio 1537
(13 items)
 
 
CPUMotherboardGraphicsGraphics
Intel Core i7 2600k Gigabyte GA-Z68XP-UD3P EVGA GTX 580 Fermi EVGA GTX 580 Fermi 
RAMHard DriveHard DriveOptical Drive
G.SKILL Ripjaws X Western Digital Caviar Green Crucial RealSSD C300 LG GH24LS70 24X SATA Lightscribe 
CoolingCoolingCoolingOS
Corsair H100i Coolermaster Megaflow 200MM Red LED Scythe GentleTyphoon AP-15 Windows 7 Ultimate 
MonitorKeyboardPowerCase
Dell ST2310 Microsoft Wireless Keyboard 3000 Corsair AX850 Corsair 600t 
MouseMouse PadAudio
Microsoft SideWinder X8 XTrac Ripper ASUS Xonar DG 5.1 
CPUMotherboardGraphicsRAM
Intel Mobile Core 2 Duo T5800 Dell 0P173H-A09 Mobile Intel 4 Series Express Chipset Family 3gb @ 400 MHz 
Hard DriveOSMonitorKeyboard
320gb Windows Vista SP1 Dell ST2310 Microsoft Wireless Keyboard 3000 
CaseMouseMouse Pad
Dell Studio 15 Microsoft SideWinder X8 XTrac Ripper 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › I've been attacked and lost 400GB of my HD.