[TangentMedia]

I think sda1 was the disc drive with the xPUD on it. And I suspect sdc1 in an earlier trial was the USB. But it doesn't always show up. I am now trying to get it to show up in the tree using different USB plugs.

[Advertisements]

Okay. I used my Windows Recovery Disc to get to a command line and copy the testdisk folder to the data drive (f:) so I could run the testdisk_static off of that drive from xPUD, which i did. But when i ran it, it immediately returned Segmentation fault. So the TestDisk command window never opened.

[TangentMedia]

Okay. I used my Windows Recovery Disc to get to a command line and copy the testdisk folder to the data drive (f:) so I could run the testdisk_static off of that drive from xPUD, which i did. But when i ran it, it immediately returned Segmentation fault. So the TestDisk command window never opened.

[JSntgRvr]

There is a partition that is FAT32, which also is detected as the RAW Volume (meaning it is detected as not formatted). So, either sdb1 or sdc1 should be your USB drive. By clicking on any of these, you should be able to see the contents of your USB drive.

[TangentMedia]

I can't get sdc1 to show up anymore. The first one always locks it up (sda1) and the other 3 are the system drive and 2 data drives. Did you see that i executed the testdisk_static from f: and got a Segmentation fault? A google search suggest it may be because it is an older version of testdisk, but i don't know that for sure.

Edited by TangentMedia, 30 December 2011 - 12:04 AM.

[JSntgRvr]

Which is the location of your system drive in xPUD?

[TangentMedia]

sda2

[TangentMedia]

I downloaded the latest testdisk for linux (6.13) and copied the testdisk files to f:. Going to try running testdisk_static from there again. Will let you know how that goes in a few minutes.

[TangentMedia]

It's working... Will post the log here soon!

[JSntgRvr]

We may need to use both ways, xPUD and the repair console to get the report I want to see.

• While on xPUD, click on the folder that represents your System drive (sda2)
• Press Tool at the top
• Choose Open Terminal
• Type the following:
  
  parted /dev/sda print >Parted.txt
  
  Leave a space between the following arguments:
  
  

  parted
  /dev/sda
  print
  >Parted.txt

  
  
• After it has finished a report will be located in the root directory your System drive named Parted.txt
• Now boot to the Repair Console
• In the repair console we know your system drive is E: as it is the only drive that has the Windows and the <JUNCTION> to Documents and Settings [C:\Users], and the USB drive is H:.
• At the repair console prompt type the following and press ENter:
  
  Copy E:\Parted.txt H:\

If successful you may be able to post the contents of the Parted.txt file from your USB drive in your next reply.

[JSntgRvr]

It's working... Will post the log here soon!

Follow the instructions. My concern is how you would be able to post that report. If successful, you can also run Parted and get a report.

[TangentMedia]

Okay. I will post whatever i can generate; perhaps both. Testdisk_static is still running the Deeeper Search routine.

[TangentMedia]

Looks like that deeper_search is going to take awhile. Can I run the other report (Parted.txt) at the same time?

Also, do you have any idea yet whether this is malware related?

[JSntgRvr]

Looks like that deeper_search is going to take awhile. Can I run the other report (Parted.txt) at the same time?

Also, do you have any idea yet whether this is malware related?

Not recommendable.

[JSntgRvr]

I'll be here tomorrow.

[TangentMedia]

Okay. Thanks. I will post results in the morning. Will be out of town all day. And will follow up in the evening. Thanks again for your help. I'm anxious to get my workstation back online.