Seeking assistance to this interesting issue. See details below.
System - Dell Latitude E6520 Intel CoreI5 8g Ram Laptop - 6yr experience on Linux OS's
New WD Fresh Loaded HD 500gb from clean 3DVD set Debian 7.4.0 'Wheezy' in June 2015
Errant Condition 2-9-17: Opened an e-mail from trusted business associate - sys lockup! Reboot required - All originally created Desktop files/icons removed from desktop, and desktop 'filesystem' functions muted. Trash folder missing.
Attempts to open 'Files' from the gnome3 icon on desktop sidebar fails to show in display. (self clears in ~750ms)
Surmised action: Base Account owner is 'displaced/replaced' with new empty folders via e-mail trojan/hack. (sys lockup upon tainted mail opening resulted in forced power off reboot) Where files were stripped of athority and reloacted?
Observation1: New folders= Home; Desktop; Documents; Downloads; Music; Pictures; Videos; All Empty but have 'symbol icons' on their folders.
Observation2: Originally created folders now exist in the 'FileSystem listing' under another "Home" folder with their original names (less emblasioned icons) under original 'MainUser' folder. (the original named account owner at install)
Observation3: Calling 'nautilus' from the root terminal, results in empty 'Tatooed' home folder opening as default. Any attempts to open the 'relocated' files by drilldown thru original folders - 'home > mainuser > desktop'- upon opening 'desktop' result is a complete clearing of all, to a blank desktop.(including root terminal) This action is repeatable.
Note: The displaced 'Desktop' folder, has additional multipe folders and files within. (a Denial of access?)
Additional actions: Removed WD 500g HD, and via SATA/USB adapter, used second uncontaminated Deb 7.4 PC(AMD3) to read the drive and contents.
The action was the same - upon drilldown thru the displaced files to 'desktop', the screen clears to blank with no access to the files within.
(Unknown yet if contamination now transferred to second unit!)
Third attempt to access: resulted in succes of reading the files!(Third system = AMD2; Load = Ubuntu 6) - used this to duplicate files to USB stick for full recovery of the 'stolen' data. What a mess. Could this be a Weezy Bug? Has anyone else delt with this or similar issue?
An optional thought to reformat the WD drive and reload all is uncomfortable. This is a work unit with lots of 'stuff' on it.
I would like to delete the 'revised' folders, then cut and paste the original folders back to their original location and restore original permissions profiles to them. But that is outside my current skillset with LINUX.
Already installed another 500gb HD and reloaded Deb 7.4 to the lap for more testing of e-mail server.
Any Suggestions on helping this noob restoring the 'moved' files back without a total rebuild? Thanks.posting.php?mode=post&f=6&sid=9e6c6b04fe3a9d354388dfaf5d8c3218#