Windows 8 Unidentifiable Drive/Partition Created by Malware?

Lena Brinkman

New Member
Lately, my computer had been running slower than usual and ads from various websites/companies had been popping up while I was using my browser. I determined this was caused by malware and set to work deleting the files manually (deleting all extra add-ons and temp files, unhiding my files and rummaging through my program files and data, etc.) before running Malwarebytes which got rid of all the additional files I had missed.

For a couple weeks, this had seemed to solve my problem, but yesterday, as I was browsing the internet, another one of those pesky ads popped up even though there were apparently no more files or suspicious things to be removed from my computer. Malwarebytes notified me to let me know it had blocked the ad, but I was still puzzled as how it could have reinstalled itself or reappeared after I had gone through such lengths to delete it and there was nothing left.

So I opened up my Defragmenter... and voila! \\?\Volume{06684dc9-dce9-4ff4-a1c6-6e7bc6f55c8b}\

optimize drives.png


I am pretty sure this is the source of my troubles, but I have been racking my brain trying to figure out how to delete or get rid of it. I have looked it up and I believe this is called a "partition," but I'm really not sure what it is so excuse me if I am wrong. If this partition is not the culprit, could anyone please explain to me what it is and offer insight as to what I could do to find the malware?

I did go into Disk Management to view my partitions, but they all seem important and I don't know how to view more information about each of them. Also, I wouldn't be able to delete them even if I wanted to because when I right click on any of them except for the first one with 500 MB, all it displays is "Help."

disk management.png


I would be forever grateful if anyone had any ideas as to what I could do or help me out with this.
 
You don't want to remove your oem mate... you really don't!
There are drivers stored there that your system needs however you can remove it with the "diskpart" tool built into windows if you have your heart set on it.
 
What has my worried is all those little MB partitions. Generally, there should only be one for an OEM OS and the size varies as to OS. In windows 7, the system partition containing the MBR is 100 MB in windows 8/8.1 it's 350 MB.

The 11.71 GB partition is your OEM factory recovery partition...leave that one alone. The 350 MB is the MBR (part of the legacy BIOS) for windows 8...leave that one. The 500 MB partition is your EFI ( part of your UEFI BIOS)...leave that one. The 40 MB and 490 MB partitions I have no clue.

Checking my disk management, I see I have the same "Help" window on my healthy recovery partition of 17.16 GB when I right click it. So I'm assuming that your 40 MB partition is tied to your 11.71 GB recovery partition, which I've not seen before.

I'd run my Anti-Virus software and any malware/spyware software you have.....not just Malwarebytes.
 
The old tried and true software's.....

SuperAntiSpyware
Malwarebytes
Spybot S&D
Ccleaner
Adwcleaner

All of which are free...just google or bing for them.
 
I agree with ussnorway. The Disk Management picture appears to show a normal Dell install after an 8 to 8.1 update.

You could normally put the Volume title in a Run box and open that partition, but that OEM one will probably not. If you want to check all your partitions, open an Administrative Command prompt and type mountvol to see the partitions. Any without a drive letter will show with the volume ids.
 
I haven't had a chance to run any more anti-malware programs but I will do so now.

@ussnorway
You know what? I actually did make a backup recently because it kept pestering me to do so. That's what it could be.

@Saltgrass
I did what you said and looked at all the partitions. They all seem to have the same format as the partition I found in my Defragmenter.

So I suppose if that partition is apparently safe, could anyone tell me why it can't be optimized like all the others? It's 90% fragmented.
 
I have attached a picture of my partitions. As you can see the OEM and EFI System partition are not included in the optimization list.

It appears the one you show as needing optimization is the extra Recovery partition. Since thoses partition are not written to or read from I would not worry about the listing showing the fragmentation.
 

Attachments

  • Frag Partitions.JPG
    Frag Partitions.JPG
    235 KB · Views: 338
I ran Ccleaner, Spybot, and Adwcleaner.
Adwcleaner was the most helpful and seemed to get rid of the remaining malware.
As of now most of my problems have been resolved (including some browser problems I didn't mention in this thread).

@Saltgrass
Thanks for the info. I'm not so freaked out by my partitions now :)

Anyway thank you to everyone else who replied. It was extremely helpful.
 
Back
Top