abolibibelot wrote:(...)Apparently, running CHKDSK solved the problem(...)
Start by cloning/imaging the afected drive. Never run CHKDSK on it.
Move the clone to a system that is known as clean / not infected. Make sure that you don't have any malware on the main system and that you can clean the clone as well. You don't want to get infected by some OS Bug / exploit that the malware might be using. Make sure the host is updated to the latest version of your OS and protected.
Now attempt logic recovery on the clone using stuff like R-Studio, Get Data Back, etc.
Also check the 0 size files with hex editor. Make sure the files don't have any content at all.
Maybe the malware did backup the files somewhere first ? Maybe only the file allocation table are affected ?
And of course if data is important send the drive to a specialist....