Konglo

Last time I connected to internet to download updates, the malware took control of folders & started launching again. Using an iso of windows 10, it includes all recent updates. I just want to use this laptop to safely scan & backup my other hard drives from my main PC...then need to install an OS. I dont think I can safely use my original C drive anymore, even after formatting due to the malware respawning but I could be wrong.

Also checking my laptop details on my account on Microsoft website, this laptop should have 32gb RAM & the system type is GT72S 6QE.

I'm nervous to connect to the internet because it seemed to have gone south last time I did try to update security etc. Any advice on what I can do to snip out the source of this malware from here? Or any way I can make sure it's safe to scan my main CPUs drives & backup using this laptop?

As an update, I was able to clean & format the C drive by using a ventoy boot USB with a Windows 10 iso & cmd prompt from the install new Windows screen. I successfully booted up to a clean install of Windows 10 & attached is a picture of my laptop specs. A bit confused because this is definitely not a Desktop..

Currently formatting a 128gb SD card that I can physically switch to read only & put any iso//update files I need to use without connecting to the internet. Thank you for sticking with me through all of this! It has helped me a lot knowing that I can get feedback & reference an IT professional while troubleshooting all of this.

Thank you, that's what I was going ti ask for guidance on next. I'd like to use this old laptop as a way to safely scan & track down what's causing this on my main CPUs hard drive because I'd rather help protect myself & others in the future from this insane malware. It seems to have only taken ownership of files in folders on my main OS drive & repeated this again using the bootusb OS.

I wish...once I started running malwarebytes & other security updates.. It looks like the malware found the new OS & is now taking ownership/creating new users while using EndpointProtection to protect itself...because I didn't install this program, yet again...& it won't let me end the process or uninstall normally. These are the first stages of the malware that I've seen repeated each time & I think it's linked to connecting to the internet through ethernet, because it was fine until I needed to download updates & antivirus.

Sorry, scratch that last message.. I'm at a fresh windows home screen now, basic programs & the time is correct. I also see that I have access to the other drives & OS in file explorer.

Two steps forward, one step back. :/ Windows can't seem to finish setting up after choosing my privacy settings. All it says is OOBE settings..Any ideas?

I successfully reinstalled & booted up windows using a ventoy USB. Im setting up my account & I asked for a security code to be sent instead of typing password (just in case of keylogging)..however, the email I receive is in Mandarin...much like the random unwarrented code emails I was getting a month or so ago, but have since stopped... until today. Even sent myself a login code multiple times earlier today & the emails were in English. What should I try? Typing in my password, using the code e-mailed to me, or something else? Again, thank you so much for your continued patience with me & helping me try to solve this.

Sorry about that, here's the scan results with BCD enabled & the fixlog from your fixlist. FRST (5).txtFixlog (2).txt

Here's the FRST file, I suppose I was nervous because this malware was transferred by an external hard drive. FRST (3).txt

Sorry, maybe it was a false alarm. It reset, updated & working fine now. Is it safe to continue transferring files between the two laptops?

I created the frst.txt successfully. Went to plug in the USB to my last working laptop to send the file to myself & now the last working cpu I own is starting to have issues & malwarebytes won't start.

I added the "usb" path to boot options when it failed to load the others.