All contents of RAM are wiped when you turn the power off.
So any malware is definitely not persistent in RAM. There is some permanent storage on a RAM stick (the very small capacity SPD flash data chip) but code is never executed from the SPD chip and it is very hard to write to. And overwriting the data on the SPD chip would result in the system becoming unbootable.

Some fields in SPD data might be not be fill out by the vendor, and older versions of MemTest86 might not display all the newer fields as well. Especially for new DDR5 with older MemTest86 releases.

I would flash the BIOS & wipe the hard drive. Then re-install windows.

Are you sure it is malware and not just some more mundane hardware instability?
(it doesn't really make sense for a virus to stop the machine booting, at least not without a ransom request, what would be the purpose?)

And if it really is malware, do you really really trust all the apps you have installed and web sites you are using?

Alright, good to know that I can rule out RAM then.
(Downloaded memtest86 yesterday from the website and it's DDR4)

I'm now flashing the BIOS
then formatting the M.2 from the BIOS
then installing windows from a phone-flashed USB drive
Then, when it pops back up I'll share proof of how I know it's still on my system if I suspect it is.

Last days I did not do anything on my system, besides installing Malwarebytes, ESET, Nvidia GeForce, Samsung magician and the WiFi driver from TP-link website directly. All software comes from official websites (why I'm saying it like that will soon be clear). Other than that I have not been on shady websites as far as I know. Not downloaded anything at least and I'm running decent paid AV.

Only after installing all mentioned drivers and enabling BitLocker (yes, I shift+f10 during windows installation to avoid the forced internet connection), so I'm sure I at the least are moderately well protecting my system for anything out there, I connect to the internet.

If I take all those steps, my system is not noticeably affected quickly, but eventually it breaks through by setting up RPC and makes my OS the virtual system on my own harddrive.

A few days ago during my last attempt of cleaning, I noticed it was very annoyingly trying to make me install Nvidia control center (just kept showing me the usual popup you get only once if you don't have GeForce experience installed, but this kept showing back up every few minutes). It wants to install it from the windows appstore and once I did, because I thought. It's the windows appstore & it's nvidia.. that's safe..
Not a few minutes later all sorts of weird files with (.jps or .JSP files with date 1999 in file details) started popping up in folders that don't make sense for Nvidia to be using, like nested deeply in user account folders. 30 minutes later, obvious slower system but no activity in task manager. So I start snooping everywhere and yup, signs of virtual hard drives, can't access certain files, can't change ownership of certain files and here comes the "fun" part; if you use PCIe wifi card like me and you turn off WiFi? Apparently they still have access only if you physically remove the card does their activity stop being manual (it still is doing things on autopilot, but not reactive to what I am doing).

You ask; Why did it/they make my computer stop working?

​​​​​​I found some stub files and was going through them, as I've been going through a lot of those weird files. I believed to have seen some connection details and bam, BSOD while I had a file open in notepad.

​​The reason I went for testing RAM is because I couldn't find an answer on how to check my GPU on rootkits. Only websites that say it's not what viruses do anymore. So I was kinda hoping it would be this, as I don't have money to replace parts right now and I do need my computer.

StripedFly is what this looks to be, as far as I can find. But no signs of it being fixable also.. please correct me if I'm wrong.

Unrelated to your issue, but related to benchmarking: Samsung magician doesn't really work. No point installing it for better performance. Likely you don't need WiFi drivers either, built in Windows ones will likely work.

Related to you problem. You should also flash the firmware of your router & reset password.


Most of this stuff also has innocent explanations. 'Weird" files, files with a date of 1999 and a BSOD also isn't a conclusive sign of malware.
I see plenty of strange inexplicable PC behaviour, buggy software and unstable hardware that isn't malware.

As there is no permanent storage on a GPU, no file system on a GPU and no operating system. Having a root kit on a GPU doesn't really make sense.

The bug in the SMBV1 protocol that allowed this was fixed in 2017. So this seems unlikely.
https://learn.microsoft.com/en-us/se.../2017/ms17-010