Restore all Windows files quarantined using Debian clamtk

[kedaha]

I am not proud of this story because, as a dedicated free software guy I'm not at all comfortable about restoring anyone's broken proprietary system. Anyway, here goes: I don't know if this will be of interest to anyone who used clamtk and dual boots Debian and some version of Windows but I recently agreed to try and fix a non-functioning Windows 7 system on a Toshiba laptop, which has long dual-booted the Microsoft OS and Debian 8. I would've gladly installed Debian to the whole disk but its owner needs some Windows program for work which isn't available in Debian. While Debian's always worked like the first day, the stuff on the Windows side got worse and worse. It was obvious that, even though the system still booted, it was riddled with malware so I thought I'd have a go at removing them from the Debian partition with ClamTk, described as "a graphical front-end for Clam Antivirus. It is designed to be an easy-to-use, lightweight, on-demand antivirus scanner for Linux systems." Easy-to-use? Well, not exactly in this case.

After hours of scanning the partition it informed that there were "498 threats" so I started to eliminate them. I deleted several but then I thought better of it and continued to laboriously "quarantine" them, one-by-one, so as to be able to restore, if necessary, the files.
I at least took the precaution of copying all the owner's files before doing the above. I must admit I didn't have a clue what files I was deleting because I know very little about Windows, something I suspect I have in common with most Windows users.
Windows did not boot and entering the recovery modes just led to endless waiting --which went on for hours--for something to happen.

Solutions?
I tried getting a downloaded replacement from the Windows site but, because it was a pre-installed OEM version, it was not available so you had to contact the manufacturer.
I concluded that my best bet was to try and restore all the quarantined files and then simply use the option to reinstall the entire system with the factory defaults from the recovery partition. So I started to copy some of the files back which I quickly decided was too time-consuming. And what if some of the files I'd unthinkingly eliminated were essential? Well, I started searching for a way to restore all the files and came across this HOWTO from March 2014: /clamtk/+question/245615. I modified the bash script as required for the user, executed it and in seconds the Windows system was back to its previous state barring the few files I had removed.
After that, I kept my finger crossed, rebooted and it worked except the system whined about a few missing "dll files" but I was able to enter the Windows recovery utility which reinstalled the whole system lock, stock and barrel. Problem solved. Something I might mention is that reinstalling Windows did not affect the Debian partition or grub menu, which I had expected.

On the reinstalled system I installed a gpl'd antivirus program called clamwin to give some protection as a substitute for the pre-installed out-of-date program which required payment for updates.
On reflection and mindful of the saying that "the cobbler should stick to his last" I think I'll steer clear of such tasks in the future but it's not so easy sometimes to refuse help to close friends or relatives.

Thank you for reading.

[sunrat]

Shakespeare would be proud. Such a moving tale of tragedy and woe with splashes of comic relief. No-one died though.

[Dai_trying]

No-one died though.

I think the deleted files might disagree

[n_hologram]

I got so frustrated with fixing Windows systems that I drafted a linux spin designed to help in cases like these. Your pain is shared.

Highlights:

...I know very little about Windows, something I suspect I have in common with most Windows users.

[kedaha]

Thanks for the comments.
While I don't know much about Windows—and I really don't want to—the lack of knowledge in this instance was compensated by my command line fu otherwise I would've been unable to restore the system and, fortunately I realised before it was too late not to eliminate any more essential files which clamtk had identified as threats.
I suppose that most cases like this are solved by Windows experts by following a similar, tedious procedure, namely just backing up the user's personal files and then reinstalling the system. I remember being in a computer shop some time ago and a customer, who had brought in a malfunctioning laptop due to viruses, was quoted quite a high price for fixing it. I've heard of people who have to get their system fixed several times. I suppose if they don't buy an AV program with paid updates they'll end up paying one way or another.
But the task isn't my cup of tea.

[vbrummond]

Best thing to do instead would have been to back up personal files, scan those, and nuke windows from orbit with a reinstall from a windows repair disk. A windows 10 disk can be downloaded legally from Microsoft for free.