Jump to content

Recommended Posts

Hey there, I seem to be infected with some nasty malware. I have several issues and perhaps they are related. First, I am completely shut out of normal mode, as I get a fake BSOD with a 0x00AEM001489 error citing suspicious activity and asking for my key. Then, in safe mode, I cannot run any anti-malware or cleaner programs (malwarebytes, adwcleaner, hitmanpro, Zemana, CCleaner) or Windows Defender. I'm running Windows 10 Home and I'm at a loss for what to do next. I generated a couple FRST64 logs to maybe help some of you troubleshooters out there. Any help is greatly appreciated. I'm a grad student and I need my computer ASAP! Thanks!

Addition.txt

FRST.txt

Link to post
Share on other sites

Hello hisdudeness47 and :welcome: Forum.

My screen name is Android 8888 but you can call me Rui and I'll be helping you with your malware issues. Please ask questions if anything is unclear.

If you can, I suggest printing out each set of instructions or copy them to a Notepad file and reading the entire post before proceeding. It will make following them easier.

Your system is infected with several types of malware, being one of them a nasty rootkit. So please DO NOT run any tools on your own and follow the directions in the order listed.

Make sure to run all the tools from the Desktop and with Administrator privileges.


First I need you to run FRST from the Recovery Environment and attach the produced log (FRST.txt).
To do that please proceed as follow:


On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.
Note: You need to run the version compatible with your system (64-bit).


Plug the flashdrive into the infected PC and start the computer into the Recovery Options for Command Prompt.

Since you are using Windows 10 please consult the following links:

How to Start Windows 10 in Safe Mode with Command Prompt

How to Boot to Advanced Startup Options in Windows 10

Click on Command Prompt when you get in the Advanced Options.
 

Note: In case you can not enter System Recovery Options by using the method above, you can use the Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
Choose one of the options below to download and create a Windows Repair Disk or Installation Disk. Either one can be used.

How to Create a System Repair Disc in Windows 10
Microsoft Windows and Office ISO Download Tool

You may also download from Microsoft but you will need to input your license key first. The above links do not require your licence key:
Download Windows 10


To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt


Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the Notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please attach that log to your next reply.


Thank you.

Rui

Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.