CMD.EXE missing, unreadable files, virus?
I am using a dual boot system with Windows 10 and Ubuntu.
Two days ago Windows failed to open CMD.EXE. He said the file could not be found or something similar. At about the same time, I got a notification from McAfee saying that a virus had been stopped, but CMD.EXE was still not starting. I found the behavior strange, so I immediately shut down my computer. I was worried that there might be more than one virus and it wasn’t all stopped. Viruses could do evil things like encrypt your data and I didn’t want to risk losing anything.
Since CMD.EXE wasn’t running, I couldn’t shut down my computer with “shutdown -s”, so I closed it from the start menu instead. I briefly saw a question. Did I want to close a strength program? The screen quickly went black so I couldn’t see what program it was. The computer was obviously still doing something, so I pressed the power button to shut down the computer. I haven’t dared to run Windows since then, so I can’t run “worm” to see the exact version of Windows 10.
Looking at the Linux partition I see that C: Windows System32 cmd.exe (64 bit cmd.exe) is missing, but C: Windows SysWOW64 cmd.exe (32 bit cmd.exe) is there (but illegible).
Some files in C: Windows and many files in C: Windows System32 and C: Windows SysWOW64 are unreadable by “ls” on Linux. Doing an “ls -l” first there is a list of unreadable files, and there are a lot of question marks in the output (even if I run “ls” as root):
ls: unable to access ‘notepad.exe’: input / output error
ls: unable to access ‘regedit.exe’: input / output error
– ????????? ? ? ? ? ? notepad.exe
– ????????? ? ? ? ? ? regedit.exe
Many other files are unreadable. Fortunately, all of the important files in% USERPROFILE% appear to be readable.
Is it a virus? Is there anything I can do from Linux to remove it?
Is the hard drive broken? This would explain why the files are unreadable. The Linux “badblocks” did not find any errors on the Linux partition and I performed a full “CHKDSK.EXE” scan of the Windows partition only a week ago. The Linux and Windows partitions are both on the same hard disk drive (SSD).