Hello,
To start off, I know this is a virus without question and I am unable to get into windows or even install it via a bootable drive due to an error message popping up when I get to the copying files part.
I've noticed that GRUB is installed on my PC suddenly and I've never installed UBUNTU or LINUX on this PC.
On top of that, I've also noticed that some kind of script is running after I press F12 and select the USB drive to boot from. It happens right after I press the USB drive to boot and before the Windows loading screen comes on. This is how I have to access Command Prompt.
To explain further.... SFC can complete it's scan but Windows Resource Protection is unable to fix my issue.
I can't fix it with DISM either. It fails.
I've completely unallocated all of my drives.
I've used diskpart to fully clean my drives.
And this is where it gets weird: I've noticed that my PC supposedly has 5 physically mounted drives and 3 removable drives...
This is not true. I have (3) NVME drives and (1) SSD & finally the (1) removable bootable drive.
After going into my BIOS boot menu, I've noticed there are (3) storage devices
Generic-USB3.0 CRW -01.00
Generic-USB3.0 CRW -11.00
Generic-USB3.0 CRW -21.00
These are definitely NOT my drives. And I unplugged all other devices from my PC so im confident that these are malware somehow posing as USB drives. After doing a quick search via Google, I noticed that these Generic names are a part of the UBUNTU system.
I'm guessing those along with GRUB and various other items are pointing to the answer here but I just don't know enough about them to be able to solve this myself and am hoping for some assistance.
By the way, I've tried deleting, unmounting, removing, flushing and every other command I could possibly find to remove these Generic drives but they mostly don't respond, access is denied etc. (I've been at this for almost 20 hours now so I've tried a lot)
I can't access safe mode, when I boot into Kaspersky Rescue Disk, I have no connection to the internet via either ethernet or wifi and if I add a connection it still won't work.
KSD does not find any viruses and I think it's being stopped short with it's scan.
I could go on and on.
There is absolutely no data I want on these drives and whatever this virus is, I'm fairly sure it's probably corrupted my OneDrive also I know it at least tried to access it along with my personal vault (that had nothing in it)
To start off, I know this is a virus without question and I am unable to get into windows or even install it via a bootable drive due to an error message popping up when I get to the copying files part.
I've noticed that GRUB is installed on my PC suddenly and I've never installed UBUNTU or LINUX on this PC.
On top of that, I've also noticed that some kind of script is running after I press F12 and select the USB drive to boot from. It happens right after I press the USB drive to boot and before the Windows loading screen comes on. This is how I have to access Command Prompt.
To explain further.... SFC can complete it's scan but Windows Resource Protection is unable to fix my issue.
I can't fix it with DISM either. It fails.
I've completely unallocated all of my drives.
I've used diskpart to fully clean my drives.
And this is where it gets weird: I've noticed that my PC supposedly has 5 physically mounted drives and 3 removable drives...
This is not true. I have (3) NVME drives and (1) SSD & finally the (1) removable bootable drive.
After going into my BIOS boot menu, I've noticed there are (3) storage devices
Generic-USB3.0 CRW -01.00
Generic-USB3.0 CRW -11.00
Generic-USB3.0 CRW -21.00
These are definitely NOT my drives. And I unplugged all other devices from my PC so im confident that these are malware somehow posing as USB drives. After doing a quick search via Google, I noticed that these Generic names are a part of the UBUNTU system.
I'm guessing those along with GRUB and various other items are pointing to the answer here but I just don't know enough about them to be able to solve this myself and am hoping for some assistance.
By the way, I've tried deleting, unmounting, removing, flushing and every other command I could possibly find to remove these Generic drives but they mostly don't respond, access is denied etc. (I've been at this for almost 20 hours now so I've tried a lot)
I can't access safe mode, when I boot into Kaspersky Rescue Disk, I have no connection to the internet via either ethernet or wifi and if I add a connection it still won't work.
KSD does not find any viruses and I think it's being stopped short with it's scan.
I could go on and on.
There is absolutely no data I want on these drives and whatever this virus is, I'm fairly sure it's probably corrupted my OneDrive also I know it at least tried to access it along with my personal vault (that had nothing in it)