CelticRose
Graduate Poster
Okay, this post is mostly a vent and plea for sympathy since I've got the problem under control (excepting one oddity which you'll hear more about later), but any advice -- other than "get a Mac", "get Linux", and the like -- is more than welcome.
Computer details: I'm running Windows 7 (factory installed) on an HP Pavilion g series laptop purchased late May 2012. Browsers are IE9 and the next to latest version of Firefox (now the latest: see below). Everything is the newest and most up-to-date version. Antivirus, etc., is McAfee Total Protection.
I was playing Skywire VIP on Nitrome's website early this morning when suddenly IE9 crashed -- just shut down, no error messages. Okay, browsers crash sometimes -- annoying but no big deal. I open IE9 again, tell it that I don't want to restore my last session, start thinking about what game I want to play next, then all hell breaks loose. User Account Control pops up saying that some unknown .exe file wants to make changes to my computer (Sorry, I don't remember the name of it. I entered panic mode shortly after this and forgot to write anything down). I tell it no, but UAC won't go away. Next thing I know, I've got all sorts of warning messages saying that files couldn't be read, and what looks like a Windows dialog box pops up (it was a good one; I'm not usually fooled by such things) saying that there are bad sectors or some such nonsense and gives me a choice of scanning and attempting to repair (recommended, of course!
) or doing it later. I clicked the do it later choice (big mistake), thinking that I'd better get rid of the virus before I attempted any repairs.
So, I opened McAfee and started a quick scan of "the most vunerable areas" of my computer. Shortly into that, McAfee abruptly shuts down and my computer starts shutting itself down.
Oh
My computer then restarted itself without giving me a chance to open it in safe mode. My screen immediately fills with warnings again and most of my programs are MIA. The same dialog box opens again and this time I opt to attempt a repair. It starts a "scan", and while I'm anxiously waiting for it to finish, I notice that in very faint type at the bottom of the dialog box it says it's a trial version. Oh,! It's a fake antispyware virus and I fell for it! I shut as much of it down as I could.
I go to the Start Menu and almost everything's gone -- I can't find the Control Panel. I try restarting to see if I can get into safe mode: no such luck. I try a Ctrl-Alt-Del to see if I can get into System Restore: either you can't do it that way in Windows 7, or in my panic I couldn't see it. After some frantic poking around, I managed to get into Explorer (the file system, not the browser. Microsoft, why does your nomenclature have to be so confusing?) and was able to navigate to the Control Panel and get to System Restore. Whew.
I started a System Restore. It took forever, which was not good for my nerves. Eventually, it finished, my computer restarted, and everything looked okay. Big sigh of relief.
I start IE9, wanting to delete the bookmark for Nitrome. I'm not sure if the virus came from there or from one of the sites that I was looking up pop culture references on, but to be safe I'm not going anywhere near Nitrome again. I open my favorites, and everything's gone except for the Favorites Toolbar folder. Nothing's in the history except my homepage and something I don't recognize. I delete the "stranger" from the history to be safe. A little more poking about shows me that while my programs are intact, most of my files have disappeared. Fortunately, I do incremental backups, I obsessively save files to DVDs as they're created/obtained, and I save files that are updated frequently on a weekly basis. Also, when I bought the computer a few months ago I saved all my important files, including my favorites folder and a list of sites I bookmark on Firefox, to DVDs. So, I might lose some recent stuff, but I can restore most of it. I can deal.
After a little more poking around, I discover that the Excel files I had pinned to the taskbar or had recently accessed can be opened. Huh? I check the filepath to see if they've been moved, but it still points to the same place. However, when I open the Documents folder, there's nothing there. Wtf? Well, whatever's going on, this is an opportunity to save my recent data, so I save everything I can open to DVD.
I open Outlook, and everything's okay. All my emails, tasks, etc. are there -- even the most recent ones. so, I haven't actually lost anything, I just need to get everything back where it belongs. Yay!
I try to open Firefox, and it gives me an error saying that it's already running and I need to either close the process or restart my computer. I open Task Manager, but it doesn't show any Firefox processes running. Lovely. First things first, however, I need to make sure there's nothing still lurking on my computer before I restart it again, so I start McAfee on a full scan. At this point I'm pretty well knackered both from the stress and from a bug I'm coming down with, so I let McAfee do its thing and go to bed.
5 hours later, I wake up. McAfee is done with the scan and hasn't detected any problems. It's telling me I need to restart because it's installed some upgrades, so I do so. Everything looks pretty much the same. I try Firefox again and get the same error message. Okay, let's try uninstalling and reinstalling. I uninstall Firefox, but I leave the box saying to delete my preferences unchecked. I open IE9 and try to get Firefox, but it won't download. After a few tries, I notice an error message at the bottom of the screen flashing for the briefest of instants before the page redirects. Could it be the pop-up blocker? I disable the pop-up blocker. It was the pop-up blocker; Firefox downloads. I install it, but instead of launching, it gives me the same error message as before. Uh-oh. Okay, try one more thing before going to JREF and begging for help. I uninstall Firefox again, this time deleting my preferences. I try installing it again, and this time it works! Yay!
Okay, now to restore my files. I grab my trusty copy of Windows 7 for Dummies by Woody Leonhard and start looking up how to restore files from backups. Woody reminds me that Windows 7 makes shadow copies of everything on a regular basis, and that all I have to do is right-click the affected folder and choose "Restore previous versions". Can it really be that
simple? I check, and, lo and behold, I have intact files dated as recently as Sunday! Yay!
I follow Woody's advice, and rather than clicking Restore, I save a copy to my desktop and make sure that everything's okay with the files and subfolders before transferring them to the proper location. Now, here's where things get strange. When I started copying the files and subfolders into the main folders, Windows insisted they were already there. It allowed me to replace the files, but it would only merge the folders. After merging the folders, I still couldn't see the folders or access the files within them. So, I renamed the folders before copying them. That worked: I can see the renamed folders and all the files within them are intact.
After much long and tedious work, I got everything restored. Then, since my computer's been nagging at me to do a full backup (I've kept postponing it, but I won't do that in the future), I took care of that. Whew! All done! (I hope.)
Now, these "phantom" folders worry me a bit, so if anyone has any ideas I'd be glad to hear them. I have memory to spare, so having a duplicate set of folders & files isn't a huge deal. What could present a problem is those programs that save things in dedicated folders and can't have the folder renamed or they won't recognize the filepath. For example, Outlook has a file in the Documents folder named Outlook files where it apparently saves backups, and Adobe Digital Editions has a folder in the Documents folder named My Digital Editions where it saves downloaded library books. Now, obviously I can't just rename those folders without causing trouble. So far, however, everything seems to be working as it should, so I'm hoping for the best.
tl;dr version: My computer got a virus, but I fixed it. However, folders vanished, but the computer says they're still there.
Computer details: I'm running Windows 7 (factory installed) on an HP Pavilion g series laptop purchased late May 2012. Browsers are IE9 and the next to latest version of Firefox (now the latest: see below). Everything is the newest and most up-to-date version. Antivirus, etc., is McAfee Total Protection.
I was playing Skywire VIP on Nitrome's website early this morning when suddenly IE9 crashed -- just shut down, no error messages. Okay, browsers crash sometimes -- annoying but no big deal. I open IE9 again, tell it that I don't want to restore my last session, start thinking about what game I want to play next, then all hell breaks loose. User Account Control pops up saying that some unknown .exe file wants to make changes to my computer (Sorry, I don't remember the name of it. I entered panic mode shortly after this and forgot to write anything down). I tell it no, but UAC won't go away. Next thing I know, I've got all sorts of warning messages saying that files couldn't be read, and what looks like a Windows dialog box pops up (it was a good one; I'm not usually fooled by such things) saying that there are bad sectors or some such nonsense and gives me a choice of scanning and attempting to repair (recommended, of course!
) or doing it later. I clicked the do it later choice (big mistake), thinking that I'd better get rid of the virus before I attempted any repairs.So, I opened McAfee and started a quick scan of "the most vunerable areas" of my computer. Shortly into that, McAfee abruptly shuts down and my computer starts shutting itself down.
Oh
My computer then restarted itself without giving me a chance to open it in safe mode. My screen immediately fills with warnings again and most of my programs are MIA. The same dialog box opens again and this time I opt to attempt a repair. It starts a "scan", and while I'm anxiously waiting for it to finish, I notice that in very faint type at the bottom of the dialog box it says it's a trial version. Oh,
! It's a fake antispyware virus and I fell for it! I shut as much of it down as I could.I go to the Start Menu and almost everything's gone -- I can't find the Control Panel. I try restarting to see if I can get into safe mode: no such luck. I try a Ctrl-Alt-Del to see if I can get into System Restore: either you can't do it that way in Windows 7, or in my panic I couldn't see it. After some frantic poking around, I managed to get into Explorer (the file system, not the browser. Microsoft, why does your nomenclature have to be so confusing?) and was able to navigate to the Control Panel and get to System Restore. Whew.
I started a System Restore. It took forever, which was not good for my nerves. Eventually, it finished, my computer restarted, and everything looked okay. Big sigh of relief.
I start IE9, wanting to delete the bookmark for Nitrome. I'm not sure if the virus came from there or from one of the sites that I was looking up pop culture references on, but to be safe I'm not going anywhere near Nitrome again. I open my favorites, and everything's gone except for the Favorites Toolbar folder. Nothing's in the history except my homepage and something I don't recognize. I delete the "stranger" from the history to be safe. A little more poking about shows me that while my programs are intact, most of my files have disappeared. Fortunately, I do incremental backups, I obsessively save files to DVDs as they're created/obtained, and I save files that are updated frequently on a weekly basis. Also, when I bought the computer a few months ago I saved all my important files, including my favorites folder and a list of sites I bookmark on Firefox, to DVDs. So, I might lose some recent stuff, but I can restore most of it. I can deal.
After a little more poking around, I discover that the Excel files I had pinned to the taskbar or had recently accessed can be opened. Huh? I check the filepath to see if they've been moved, but it still points to the same place. However, when I open the Documents folder, there's nothing there. Wtf? Well, whatever's going on, this is an opportunity to save my recent data, so I save everything I can open to DVD.
I open Outlook, and everything's okay. All my emails, tasks, etc. are there -- even the most recent ones. so, I haven't actually lost anything, I just need to get everything back where it belongs. Yay!
I try to open Firefox, and it gives me an error saying that it's already running and I need to either close the process or restart my computer. I open Task Manager, but it doesn't show any Firefox processes running. Lovely. First things first, however, I need to make sure there's nothing still lurking on my computer before I restart it again, so I start McAfee on a full scan. At this point I'm pretty well knackered both from the stress and from a bug I'm coming down with, so I let McAfee do its thing and go to bed.
5 hours later, I wake up. McAfee is done with the scan and hasn't detected any problems. It's telling me I need to restart because it's installed some upgrades, so I do so. Everything looks pretty much the same. I try Firefox again and get the same error message. Okay, let's try uninstalling and reinstalling. I uninstall Firefox, but I leave the box saying to delete my preferences unchecked. I open IE9 and try to get Firefox, but it won't download.
After a few tries, I notice an error message at the bottom of the screen flashing for the briefest of instants before the page redirects. Could it be the pop-up blocker? I disable the pop-up blocker. It was the pop-up blocker; Firefox downloads. I install it, but instead of launching, it gives me the same error message as before. Uh-oh. Okay, try one more thing before going to JREF and begging for help. I uninstall Firefox again, this time deleting my preferences. I try installing it again, and this time it works! Yay!Okay, now to restore my files. I grab my trusty copy of Windows 7 for Dummies by Woody Leonhard and start looking up how to restore files from backups. Woody reminds me that Windows 7 makes shadow copies of everything on a regular basis, and that all I have to do is right-click the affected folder and choose "Restore previous versions". Can it really be that
simple? I check, and, lo and behold, I have intact files dated as recently as Sunday! Yay!
I follow Woody's advice, and rather than clicking Restore, I save a copy to my desktop and make sure that everything's okay with the files and subfolders before transferring them to the proper location. Now, here's where things get strange. When I started copying the files and subfolders into the main folders, Windows insisted they were already there. It allowed me to replace the files, but it would only merge the folders. After merging the folders, I still couldn't see the folders or access the files within them. So, I renamed the folders before copying them. That worked: I can see the renamed folders and all the files within them are intact.
After much long and tedious work, I got everything restored. Then, since my computer's been nagging at me to do a full backup (I've kept postponing it, but I won't do that in the future), I took care of that. Whew! All done! (I hope.)
Now, these "phantom" folders worry me a bit, so if anyone has any ideas I'd be glad to hear them. I have memory to spare, so having a duplicate set of folders & files isn't a huge deal. What could present a problem is those programs that save things in dedicated folders and can't have the folder renamed or they won't recognize the filepath. For example, Outlook has a file in the Documents folder named Outlook files where it apparently saves backups, and Adobe Digital Editions has a folder in the Documents folder named My Digital Editions where it saves downloaded library books. Now, obviously I can't just rename those folders without causing trouble. So far, however, everything seems to be working as it should, so I'm hoping for the best.
tl;dr version: My computer got a virus, but I fixed it. However, folders vanished, but the computer says they're still there.
