Windows 10: Virus / Malware, please help!

Hi, Ive got a virus that persists even after formats, I believe I caught it from my roomate and he recently got his identity stolen, so Im pretty scared. We both seem to have it but his files are older, so Im guessing i got it from him over the local network somehow.
I was using kapersky internet security and windows 10, upgrading from Home to to Pro when I noticed everything, my main concern is that im being roped into an evil twin situation or at least having my files stolen, or technicly shared against my will.
Theres a few different things ive found out on my own, I have a background in web programming, I understand what shells are and limited cmd-line know-how like diskpart.


My setup:

Operating System

Windows 10 Home 64-bit
CPU
Intel Core i5 7500 @ 3.40GHz 56 °C
Kaby Lake 14nm Technology
RAM
4x8 32.0GB Dual-Channel G.Skillz @ 1066MHz 15-15-15-36
Motherboard
MSI Z170A KRAIT GAMING 3X MS-7A11 U3E1 33 °C
Graphics
GF276 1920x1080@60Hz
LG FULL HD 1920x1080@60Hz
2047MB NVIDIA GeForce GTX 1060 6GB EVGA 38 °C
Storage
119GB ADATA SP600 SATA SSD 30 °C
1862GB Western Digital WD My Passport 2626 USB Device USB SATA SSD30 °C
Optical Drives
HL-DT-ST DVDRAM GH24NSB0
Audio

NVIDIA High Definition Audio



Persistence;

it persists by a variety of ways that each install each other, or install extensions to central windows services and processes to avoid detection. The main methods of infection are dlls and registries and svchost/ntoskernel-run services that all eventually removes your authority over everything on the computer and then shares out your files.


Methods ive seen are;

Binary coinstallers installed in locations where drivers are expectedprobably based of hardware like nvidia drivers. These coinstallers refer to PCI locations as devices with memory storage abilities of some kindmaybe they are virtualized objects in a shell? There also seems to be a set of drivers installed in an "EFI Shell" and my ethernet adapter settings, accessible from bios, go like this:

Intel Gigabit 0.0 Uefi driver Adapter PBA FFFFFF-0FF. PCI ID ADDRESS MAC etc.
Theres a bunch of VPN and Network Drive / Virtual Drive / Sharing / Remote Administration / Workgroup / Domain Administration - related services and confirgurations set up, so I installed bitdefender and requeted all connections through that adapter be refused, bought a wifi one and built its profile a little more carefully.

However, my X: drive seems also affected, so I really just want someone to help me get a handle on whats happening and what I can do to log/Identify/Prevent/Wipe it.

All my files are saved and backed up, I just need a cleaning procedure for my pc and my and my roomates, and if I should do anything with my cellphonesI have 2 androids before I go online and hunt out if anything has been opened in my name.

Im using an administrator account, disabled all others and set up strict firewall rules.


Ive installed Kapersky Ccleaner MalwareBytes ProcessHacker Bitdefender and none of them come up with anything please help!

:)

 

Is it a Virus or a Malware or something else?

Hello Joes,

There's a possibility that your device is infected with a malware causing why you're unable to delete the game on your laptop. In order for us to assist you better, we'd like to ask the following:

• Aside from formatting the hard drive, what other troubleshooting steps have you tried so far?
• Have you asked your friend where did he download the games?

To identify if your computer is infected with a virus or malware, we recommend downloading and running
Microsoft Safety Scanner. The scanner can easily detect if there's any virus found on your device. To do so, follow the steps on this
link.

We are looking forward to your reply.

 

Rooted Malware, Virus, and Trojan Infection, Keylogger Trojan Malware

Hi,

Please click the link below and follow Stephen Boots' suggestion on how to remove Trojan virus on your computer:

• List of anti-malware product removal tools

Let us know if you need further assistance.

 

Malware Detected

If this is what you are seeing suggest you follow all
ofthe steps listed in this removal guide:
https://www.bleepingcomputer.com/virus-removal/remove-the-requested-resource-is-in-use-error/

Other scanners that may help resolve this malware issue are listed in
List of Malware Removal Tools

Regards…

Top 10 Ways PUPs Sneak Onto Your Computer. And How To Avoid Them. | Emsisoft | Security Blog