WD 2500BMVU NTFS

everything shows up as shortcuts, you can extract individual files (just used r-studio to grab some DWG's) but when you extract enything in a folder structure it just shows up as shortcuts on the destination drive, its the USB version otherwise I would DDI it and hope for the best.

Drive shows to be correct volume size , when you right click on any object the path references \xesisthine.exe\ (for example) im guessing thats the virus thats throwing it out.

I can see everything in r-studio but when you try to lay it back on a drive it just reverts back to shortcuts.

tried chkdsk, formating the destination Fat32, creating a root folder, attributes etc etc

any ideas before i go nuts?

thanks

andy

_________________
Databusters Data Recovery Glasgow
http://www.datarecovery.co.uk/latest-data-recovery-jobs/

just extracted 10 random folders, when you right click the folder you get the 1.8GB etc etc but nothing in it

_________________
Databusters Data Recovery Glasgow
http://www.datarecovery.co.uk/latest-data-recovery-jobs/

format the other drive using ubuntu to eliminate the virus using linux ( kubuntu or ubuntu whatever)

use linux to copy the files that you want ( virus will not be executed because its only a windows virus)

format the pc after and reinstall windows

try to not get caught again

customer drive mate, i was just about to fire up knopix

ta for that

andy

_________________
Databusters Data Recovery Glasgow
http://www.datarecovery.co.uk/latest-data-recovery-jobs/

If it's a boot sector virus I would have at least tried re-writing the mbr using the old ms dos command:
fdisk /mbr
That way you don't lose the data on the drive.

fdisk /mbr doesn't fix these new MBR viruses.
Download: http://www.sysint.no/nedlasting/mbrfix.htm
Boot from ERD commander or put the drive in an external enclosure and run mbrfix from there.
A few new viruses in circulation are putting system/hidden attributes on every file so it appears no files are on the drive until you choose "show all files"

When it shows up as shortcuts, are you booting from this drive or is it also showing up as shortcuts from another PC?
When you choose the properties of these shortcuts where does it point to?

Thanks for that matt

UFS Explorer doing the trick, thanks sean

_________________
Databusters Data Recovery Glasgow
http://www.datarecovery.co.uk/latest-data-recovery-jobs/

Welcome

_________________
PC Image Data Recovery
http://www.pcimage.co.uk

New!! HDD-PCB.COM for all your PCB and donor HDD requirements!

On XP booting to recovery console and running FIXMBR also resolves this issue in most cases.

A couple of non-MBR related workarounds.

This is TOUEW.EXE or 435534**.SCR Should be a process in Windows Explorer. Kill it if you see it. Run ComboFix.

More tediously, you can set WE to show hidden files, and then enable show extensions for known file types, then you should see your files in each folder. Copy them out.

nice to know mate, thanks

_________________
Databusters Data Recovery Glasgow
http://www.datarecovery.co.uk/latest-data-recovery-jobs/