Rootkit after total reformat from hidden drive, contaminated recovery

[JSntgRvr]

Syntax error:

FRST64 was saved as C:\Users\Joy\Downloads\FRST64.exe

• Download the enclosed file  Fixlist.txt
• Save it in the same location FRST64 is saved. 
• Start FRST (FRST64) with Administrator privileges
• This time around Press the Fix button and wait
• When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please attach this file in your next reply.

[JSntgRvr]

Bump

[regardingjoy]

Fixlog.txt

[JSntgRvr]

The installation failed as there is no Boot Configuration Data. That is what BCD stands for. Did you partition the hard drive prior to installation? We can try creating a BCD, but you will need a bootable Windows Installation media. Without it, the computer won't be able know where to go to have the system on.

[regardingjoy]

Just now, JSntgRvr said:

The installation failed as there is no Boot Configuration Data. That is what BCD stands for. Did you partition the hard drive prior to installation? We can try creating a BCD, but you will need a bootable Windows Installation media. Without it, the computer won't be able know where to go to have the system on.

how am I in Windows if theres no boot configuration data? how did it boot into windows with the drive not even being named? Im typing this from windows on the laptop we are talking about. If you read the whole post I installed windows from a bootable usb, following instructions here. Just trying to grasp how boot configuration data just disappeared. Forgive me, just trying to understand what it going on

[regardingjoy]

Yes I formatted all partitions to install, following instructions here

[JSntgRvr]

That bootable usb is a Windows Installation Media?

[regardingjoy]

the hirens boot disk is just a boot disk with programs on it. I used a real windows boot disk to install windows after the complete format. I tried to explain in my first post in this thread how this has been happening repeated even though I do a complete format. First rootkit on some scans, I even named what was found. Did multiple formats and new windows installs. Thats why I came here. I don't understand whats going on.

So the other gentlemen walked me through it again, to make sure I was doing everything correctly. But, these changes keep happening each time i format from scratch. And again, like the other 3 or 4x now, changes keep happening and I thought I was still having a rootkit because nothing logical made sense. One of Malwarebytes programs even detected something this install. and MalwareBytes main program was blocked from running at all somehow. Then windows firewall turning off, and windows defender, then the run button disappearing and many other things Ive mentioned in this thread. I guess I am not good at explaining. I tried my best at this in the thread. I wasn't paranoid for no reason. it's because things keep getting disabled or removed on their own. :(

[JSntgRvr]

Do you still have the real windows boot disk.

[regardingjoy]

The windows 11 usb, I do have it, but was told it’s the wrong one and it’s supposed to be universal. I have another that stopped responding after changes like this the time before last. I believe it’s correct. I can try that one again but the question is what happened to the correct install I just did? I can try whatever is suggested

but my issue is this keeps happening after total formats and new installs. It may take a few days to start happening,  but it has happened multiple times now without me doing anything. The same thing repeatedly, windows defender and firewall being disabled, then other programs, and each time the changes get worse, removing drives, usb and disabling my mouse is all new.

[JSntgRvr]

Why don't we try to create the BCD.

1. Boot with the Windows CD
2. Select Repair My Computer
3. At the menu select Troubleshooting-> Advanced ->Troubleshooting ->Command Prompt
4. At the prompt type the following:

bootrec /rebuildbcd

It will scan for operating systems and let you select the OS’s you want to add to BCD. Just type Y to accept

• Then type:

Bootrec \FixMBR

Bootrec \FixBoot

Remove the bootable disk and restart the computer.

[regardingjoy]

Booted from the windows disk and my mouse started working. Following those instructions now

[regardingjoy]

[regardingjoy]

It says it can identify no windows installations? So what am I booted into? 
Then the error with FixMbr. Should I still try the FixBoot?

[regardingjoy]

(Was). We can try tomorrow when you have time if you like. Idk what time zone you are in. Whatever you suggest I will do. 

[JSntgRvr]

Get your Windows 11 product key. Then preform a Clean Install

https://www.elevenforum.com/t/clean-install-windows-11.99/

[regardingjoy]

Thank you. I will start this tomorrow, post and wait for instructions after. 
I was able to repair the drive, and it said it succeeded, but the windows usb still says the same error. Thanks so much for sticking with me. 

[JSntgRvr]

I want you to have in mind that there are a few things that can cause an I/O device error and that one of the most common causes is a damaged or corrupted hard drive. There are several reasons your external HDD is corrupted, such as a power surge, virus, or bad sectors on the drive. So, if your installation fails once again, replacing the hard drive would be one of the best options.

[regardingjoy]

I understand. But I ran tests on the drive previous to this install and it came out with good results, so if it’s failing it’s likely due to a virus? If I have to replace it, it will have to go in the trash/to be recycled, sadly. 

I followed the instructions here earlier in the thread to clean disk,just like before. As soon as I did I checked through the boot disk and drives showed up I do not even have. I have two USB drives, not four. I made a new c drive, rebooted to the windows disk after checking the drives to repair. Hopefully these photos post. 
I skipped the online install. And am updated. I downloaded frst and a few programs through patch my pc, but did not run them. Windows updates going on now. The drive I use to boot the windows usb is Y: I don’t know what drive my mouse is on, but I checked all before installing.

my mouse started work after I cleaned the drive and opened the windows install. It was disabled immediately after.

[JSntgRvr]

If you wish, we can erase the contents of the efi partition, reformat and repopulate the partition.

[regardingjoy]

If that will help I’m all for it. 

[regardingjoy]

Updates are going on 

[regardingjoy]

But I can do that after if it’s advised

[regardingjoy]

I tried to pin cmd to my taskbar, in case I need to use it. But it showed up incorrectly. It looks like a piece of paper white icon, instead of the normal black shortcut.

[regardingjoy]

I always check services, because if I am unable to disable things I don’t use like Xbox game save I assume something is wrong. I cannot disable it, the option is gone. It’s greyed out. Software protection for example says it’s stopping currently. I am not making any changes, just observing. Thank you so much for helping me.