SadlyInfected

Terribly sorry for taking so long, here is the microsoft safety screen results on a fresh install of windows I reinstalled windows yesterday, but got a notification this morning saying i was signed out of my google account on windows due to suspicious activity and that i might have malware on my device Is it possible im still infected after all this? The scan found one infected file that it repaired but it said something to do with windows defender being blocked, which makes me question if im still infected ewven with the clean OS install msert.log

You as well, I really appreciate all your help, as i never would have been able to reset my pc in the first place without you :) Enjoy the rest of your day, Ill send you the safety scan files when i get there

I think I am going to initiate a clean reinstall right now, and then I will run the Microsoft Safety Scanner as soon as that is finished and update you with the results. Hopefully my machine will be clean after this

Which option do you think would serve me better? using your script to fix (which these have been working wonders btw i cant thank you enough), or going with the full reinstall? My C drive is running out of space so a reinstall might help with that too, but idk if i want to lose all my data just because of a *****er who wanted to ruin my pc and steal all my info

Okay i may end up taking those steps but i will do what you said first here is the Farbar scan result FSS.txt

Im taking all these steps now and will update as soon as its all done. You think it might be more worth my time to just reformat all my drives? I dont mind losing the data none of it is important

okay debaucherous activities have ceased. Here is the scan result (SecuritCheck) SecurityCheck.txt

Today is my birthday so i will not be able to do it until tomorrow, but i will update as soon as im finished I also noticed this morning my email was mass emailing random people in italian sending them a scam phishing link. is this because they still have access to my pc? or would they have gotten access to my account previously? I just want to make sure im safe

My apologies for the laate response, ive been away from home. I ran the script and the computer appears to be as normal. You cannot believe my relief. Thank you all so very, very much. edit: I ran an antivirus scan using malwarebytes and it found two, although its possible those could be for a c++ project im testing there is also a process running still called Windows host process (Rundll32) that i am not sure is legitimate

AltServer and Sideloadly are both programs for sideloading tweaked apps on my iphone, i trust them. HF i have absolutely no clue i didnt make that. I will run the script the second i get home

never mind it completed fully here are the results FRST.txt Addition.txt Shortcut.txt

here is the incomplete scans results FRST.txt Addition.txt

Whenever i run the tool, it freezes and becomes unresponsive during hte Scanning other areas phase. I had to close out of it using windows task manager. Im running it again to see if it freezes and re responds but is it supposed to be doing that?

I understand @AdvancedSetup, I have taken a minute to calm down. Sadly I am the highest level technician at the local computer security store, and the next nearset one is not accessible to me for the near future. But I would love some help please

Here it is (MBST gather log) mbst-grab-results.zip

I believe i am infected with a BIOS rootkit. allow me to explain why 1) I downloaded some files off of github and didnt check them (stupid i know) and when i ran them nothing happened ... or so it seemed. 2) So i went to delete the folder since it seemed useless at that point, and it said it was in use by another program. 3) I went ahead and opened task manager and saw some processes using fake windows host names running on my pc on startup. 4) i launched in safe mode and ran 13 different antivirus and rootkit removal tools, they all had 50+ detections and removed everything giving my pc a clean bill of health 5) restart pc. same files are loading on my system. I am sure they are malicious at this point because they are blocking me from accessing my windows update settings. 6) back to safe mode to download windows iso creator and flash that to my usb. its blocked. all AV websites are also blocked. 7) use my laptop to create windows install media, return to pc and boot from usb through bios, never once allowing windows to load 8) when i get into the windows installation media, it says i dont have any drives connected. panic is starting to set in. 9) after some research i determine i have a bios rootkit, and decide to reflash my bios 10) tried reflashing bios, invalid file. 11) reboot from a different USB that has flash programming tool installed to be able to freely reflash my bios and be safe and secure once again 12) FPT says i have no drives connected, not even the one i booted from. I am desparate at this point, and panicing pretty hard because I am getting every couple of hours an email saying a different account of mine has been compromised, so the rootkit is clearly loading malware. I cannot attach any pictures in this second because i am writing this from the laptop, but I would really appreciate it if someone smarter than me could please help me save my pc. I spen $8000 building it and I really cant handle watching it be murdered in front of me