Solved! Cant open any antivirus or win safe mode due to virus

[krnac.ma]

hey guys,

ive recently got a borrowed notebook back, but it has some type of virus, probably a trojan. Tried to download malwarebytes, renamed it to explorer.exe, nothing, its blocked, tried to download rkill, the log says no viruses, same with avast or eset. when its booting its skiping the choosable options for windows safe mod, it just goes straight to windows without any chance of getting into anything. what it does though, its opening random sites, random programs, trying to install random programs.. can anyone help? cant even backup, it deleted all backups.. any help appreciated

 

[geofelt]

The first job of a virus is to thwart removal programs.
I imagine that the Microsoft malicious software removal tool is also blocked.
I think there may be a stand alone bootable version of the MSRT.

Does your notebook have a recovery/reset button?
It will access a protected portion of your hdd to allow resetting to factory specs.

Failing that, I think your only option is to do a clean install of windows.
If your laptop does not already have a ssd, I would use this as an opportunity to go to a ssd.
Remove the infected HDD and do a clean install on the SSD.
Your performance will be much improved.

For the future, resolve to:

1. Vet who you lend your laptop to.
2. Create an EXTERNAL backup.

 

[Seaweed Monster]

Just a thought, but could be worth a try. If you have a spare (empty) USB stick, you could install and run a free operating system from your USB stick, then potentially install an anti-virus program in Ubuntu and run a scan on the Windows directory/drive. I have seen some forum posts where people have used/suggested this method to remove Windows viruses if you cannot access safe mode etc...(https/askubuntu.com/questions/725095/can-i-remove-a-virus-in-windows-from-ubuntu-in-a-dual-boot-setup)

Steps:

1. Follow the steps here to step Ubuntu onto your USB stick:
https/tutorials.ubuntu.com/tutorial/try-ubuntu-before-you-install#0

2. Once in Ubuntu, follow the video tutorial. The Article is a newer tutorial for installing the program, but I think the video might be more informative:
- https/www.youtube.com/watch?v=9h3q5ss40oY (A bit old, but should still be similar)
- https/community.spiceworks.com/how_to/15551-use-ubuntu-to-remove-a-virus-from-windows (Using Avast instead of Clamtk anti-virus software)


After you have thoroughly scanned the Windows directory/drive, quarantined and deleted any suspicious files the virus scanner has picked up, try booting back into Windows and see if it has worked.


If that has not worked, it might be worth considering wiping the drive and re-installing Windows.

I hope this fixes your problem!