just as eset might things other scanners pick up. hence it's always a good reason to always use atleast 2 scanners.

Agree. Shoot, I uploaded to www.virustotal.com an obvious trojan attachment from an email a couple weeks back, and got results all over the map. Most picked up nothing, and the rest were a mishmash of different names for this thing.

It could be your current AV suite or the stuff you ran when you noticed the problem might have killed the "scam" part of the software before it run or you were able to notice it, or it just didn't become active for some reason while the rest did.

I would do as I said earlier: Boot into safe mode(You don't need to use linux even as safe mode usually stops most processes from running and is very safe to run AV/related software in.) and use the one reply's program that kills all processes to make sure nothing unwanted is running....then reinstall MWB and run it. Then copy over the results log here and we'll help you out some more.

I've had malware cause havoc almost exactly like that to me.

Damn I wish I could spend five minutes in a room with the assholes that do this. They think they're so smart, but all they are is anti-social assholes. I would PAY for the privilege of spending five minutes in a room with the asshole that trashed my last laptop.

I'll do all that tomorrow, thanks for your help, everyone. :)

Yes indeed, most data loss is not from hardware failure or miscopies, it's from plain old user error. Fatfinger the wrong files and you end up with nothing on either disk to save you.

Personally, I like to use ZFS or something similar as it actually monitors and repairs files warning you if it can't verify the file against the checksum. RAID arrays will happily allow bit rot to ensue without any warning at all.

Heh, there's a reason why they call that RAID "0" and this is it. Personally, I use Crashplan and generally have a back up on site and at least one offsite. Makes situations like this a lot less scary. The big issue though tends to be after the restore having to work to figure out what files I really need and which ones are duplicates. Fortunately, I'm usually only restoring a few files or a directory.

I'd do the disk imaging just because there's definitely a possibility that something has gone awry with the MFT in which case you could indeed very quickly lose all of the files instead of just a few.

If the OP uses file recovery software, it should work on images rather than on the Disk. First step though is going to be to buy a large disk and probably two large disks. One for the image and one for the recovered data.

My external drive is about five times the size of my actual hard disk. ;)

Heh, well clearly you don't need another disk then. That should be more than enough. That reminds me, I really should head into town next week. Around here you can get a terabyte HDD that's little bigger than a pack of cigarettes.

That's good if your tower support it, elsewise you need to buy bloody brackets and such to fit it into the larger form factor slots. :\

Also why 1TB? Heck, if and when prices finish normalizing i'd recommend a 2TB drive. More cost efficient than a 2.5/3TB model and imo better suited for those of us with more stuff to store.

I should have mentioned that it was an external drive and 1TB is nearly triple the size of the HDD in my laptop. Right now having something that's extremely portable is of much greater concern than having the hugest possible capacity.

Well for laptops that's a no-brainer. 2TB is more a suggestion for those using desktops/etc.

Ok, here's what I did so far:

- booted with Linux-driven Avira Antivir and AVG disks, both only found "unknown virus" in specific old DOS programs that I'm quite certain are not a virus. I still allowed to put them in quarantine.
- booted with Ubuntu-CD and copied all the important stuff over to my external drive
- downloaded Unhide.exe and the most recent installer from Malwarebytes' Anti-Malware to my netbook, copied them over to my USB stick
- started the infected PC in safe mode, ran Unhide.exe from the USB stick, which completely restored all hidden data and the startmenu options (but I suspect booting in regular mode will hide them again)
- de- and re-installed Malwarebytes' Anti-Malware, now it's database is only 50 days old instead of 360
- unfortunately I wasn't able to connect to the Internet in safe mode, although I specified to load safe mode with network drivers. I have to create a new Internet connection, but Vista doesn't find the one
- ran a complete Malwarebytes' Anti-Malware check again, and this time it turned up absolutely nothing (because it already removed all possible threats it found last time I ran it, nothing new was found)

Not that many options left. Should I run the PC in regular (infected) mode, kill all processes, connect to the Internet, try to update Anti-Malware and run another check? Or run the online check from eset.com in regular (infected) mode?

Or format the hard disk and re-install the whole system? (The PC would probably benefit from it since I haven't ever done that since I got it in 2007 and I guess a lot of junk has accumulated over the years; then again, I've never set up Windows on my own before, not sure how hard and stressful it is, and I only got a so called recovery DVD that came with the PC, no manual that I know of.)

if you have recovered your data, can put it elsewhere and accumulated loads of junk in the last few years then i suggest just reinstalling windows all together.

it's not hard, even a monkey could do it.

Well, I hope you're right, but I'm kind of afraid to find out my skills are inferior to those of a monkey. :D

The thought of erasing it all is scary as it probably involves lots of work trying to make everything working and comfortable again, re-installing tools etc., but I admit it's also quite tempting to restart with a clean slate and only restore what I really need.