Query regarding partial data loss and inability to perform a system restore

By Discombobulated ·

I wonder if someone can help, please.

Last night I lost my entire 'My Documents' folder and I am unable to perform a system restore to any time point. I can't find the folder anywhere on my hard drive.

A few days ago, I was bidding for an editing job on a Freelance writing site. The client contacted me asking if I could edit his thesis document. He sent me the document to look at so that I could give him a price for the work, which I duly did. He eventually chose another contractor which was all well and good. He had,made it clear in his job posting that he would expect any contractor to agree to sign a full disclosure.

I wondered if it might be possible for 'someone' to target a cyber attack on this single folder on my hard drive? And if so, is there any way of retrieving the lost data?

The only other thing I have downloaded since then is a program called 'Sibelius Scorch' to allow me to view online sheet music. I believe I may have been prompted to install an Active X add-on.

If this is the the problem rather than the paranoid client scenario, does this suggest some sort of malware? I have run a full scan and my Kaspersky isn't picking up any problems. I have noted that some posters on various forums suggest a program called 'Malwarebytes'. Is this safe to use, and is it likely to help me with my problem?

Thankfully, I didn't lose very much work but I would appreciate any help or advice you could offer.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Yes it's likely to be Malware that came with your Sheet Music Crap

by OH Smeg Moderator In reply to Query regarding partial d ...

And Malwarebytes is a Brilliant Program which is ideal provided that you download it from a safe source though now you may not be able to install it depending on what Infection you have picked up.

You can get it here just click on the Free Download link


After it's installed and updated restart your system in Safe Mode and run the scan and rerun the AV Scan again in Safe Mode.

You are more likely to find infections and be able to remove them in Safe Mode than with Windows running normally.

Or you could try a Rescue CD like one of the ones available here



Collapse -

Reponse To Answer

by Discombobulated In reply to Yes it's likely to be Mal ...

Thanks, OH Smeg,

Thanks for your reply and your suggestion. I downloaded and updated malwarebytes from the link you provided. Once I have finished here, I'll do as you suggest and run a scan in safe mode. I'll let you know how it goes...

Collapse -

A thing worthy of mention here Discombobulated...

by SmartAceW0LF In reply to Query regarding partial d ...

First, I second the nod for Malwarebytes Anti-Malware heartily. Second, being familiar with Sibelius, I find it highly unlikely that is the source of your problem. Nonetheless, it is important to realize that often times, the site you happen to have been on when you experience a sudden change or symptom in your system, may or may not be responsible. Many malicious programs reside in your temporary files for a bit before finally being executed at a later point. Sometimes, hours, other times days or even months.
Finally, -and the most significant reason for my additional post on this point- currently there are several flavors of malicious code at large that will first, set the attributes of your personal files to be hidden. They will still be on the system, just not visible via the default settings of Windows Explorer. If left to continue its aggravation, the code will do the same for all of the files on your desktop and on to the typical default files necessary for all users which normally reside in the default user profile. Left long enough, it will even begin deleting those files. It can be a real pain to clean up, and though MBAM (Malwarebytes) will find and clean the offending code from your PC, it will not fix the issues caused by this particular coding.
So before you get distraught over the loss, be sure to enable the ability to view hidden files within windows explorer. Open Windows Explorer go to Tools/Folder Options in the file menus at top. Click the View tab on the property sheet, put a tic in the settings to "Show Hidden Files and Folder" and untic the option to "Hide All Protected Operating System Files". Then check to see if your folders and files are now visible. If so great. If not, depending on the relative importance of recovering the files in question, you might consider shutting the machine down and asking for further assistance from a different machine. Do run a scan with MBAM first though. Also, MBAM may be installed, updated and run from Safe Mode With Networking. Good luck.

Collapse -

Reponse To Answer

by Discombobulated In reply to A thing worthy of mention ...

Thanks for your suggestions, SmartAceWOLF and Sue T. One of the first things I did when I couldn't find my folder was to check the 'hidden files and folders' options. I only thought to do this because itunes decided to hide my music from me at one point in the past :-) But I didn't know to uncheck the option to 'Hide All Protected Operating System Files'. I have since done this and alas, no joy, I'm afraid.

Can you please explain what would be involved in 'asking for further assistance from a different machine'? Sorry if this is a dim question...!

Collapse -

you may also want to check to

by Sue T In reply to Query regarding partial d ...

see if for some reason or another that your My Documents folder is not a hidden folder that you may have to just unhide. Have you tried opening a document that was in that folder by first opening the application (like Word) and then choosing file open. Does the document open? If so, then you know you your documents are still there.
Good luck

Collapse -

Reponse To Answer

by Discombobulated In reply to you may also want to chec ...

Hi Sue T. Thanks for your reply. As you can see from my reply above, I tried doing as you suggest. I did try to open a document that I had been working on before the crash and the file pathway is missing. Do you think this means the folder is definitely gone?

Collapse -

Targeted Attack

by a.portman In reply to Query regarding partial d ...

Oh Shmeg is at least partially right. Follow the link on the bottom of hos post to the malware restore tools. A Linux boot CD may allow you to find your My Documents Folder. Although, assuming you downloaded Siebelius from its website and not a bittorrent, you probably did not get the maleware there.

Now to, "
I wondered if it might be possible for 'someone' to target a cyber attack on this single folder on my hard drive? And if so, is there any way of retrieving the lost data?" Are you referring to your potential liability to the originator if your copy of his data is published/used not by him? That is a distinct maybe. Do I think someone targeted your machine to get this file, no. Is it possible that all of your data was compromised and it might get used somehow, possibly, but unlikely.

I would concentrate on recovering the my files and cleaning my machine. Regretfully, the best way to know it is clean is reformat, reinstall everything.

Collapse -

Reponse To Answer

by Discombobulated In reply to Targeted Attack

Hi a.portman@...Thanks for your reply. It seems as if the folder is indeed gone, so I may well try the link for the Rescue CD OH Smeg suggests. I'll run the anti-malware first and go ahead and do that afterwards. Is this similar to the type of software I downloaded to recover crashed Audacity files, do you know?

Re. your second comment: I didn't think he would try to damage my documents folder on the basis of the shared document but you never can tell. As it goes, I still have the original attached to my e-mail file which I have tried to access again, simply out of interest to see if it would open...and it does, so if he were targeting my documents folder he would probably have also targeted the contents of my e-mail folder :-) I think the thought only crossed my mind because he was fairly insistent about the disclosure clause.

I'll go ahead and run the anti-malware and take it from there...

Collapse -

I know it will sound stupid

by gscratchtr In reply to Query regarding partial d ...

but make sure you didn't accidentally (via a stuck mouse button, as happened to me) MOVE your 'My Documents' to under another folder. You did say "anywhere on my hard drive." but I just wanted to make a suggestion.

or, when you were deleting the potentical client's work (was it in 'My Documents' ?) ensure that you didn't delete the entire 'My Documents' folder (as has also happened to me, again by a fat-finger); in my case, it was just moved to 'Recycle' so I had only a few moments of panic.

Collapse -

Reponse To Answer

by Discombobulated In reply to I know it will sound stup ...

Thanks for your reply gscratchtr. I have done this myself before too! But no, on the back of your suggestion, I rechecked other folders in 'My Documents'. I was literally in the process of editing another document when the whole thing 'hung'. When I went to save the file I was working on, there was no sign of my folder. So I wasn't deleting anything when it happened, but I have checked the recycle bin anyway. No sign of anything there.

Oh, hang on...I have just realised something. I said in my original (and subsequent postings) the my entire 'My Documents' folder had gone missing. That's not actually the case. It is still there but contains everything (everyone else's folders) except my own personal folder (which in turn contains My Music, My Videos, My Documents and lots of others I have created). Oh dear...now I really am discombobulated!

Off to run a malware scan...

Related Discussions

Related Forums