Scared to Leave Safe-Mode!

Discussion in 'Malware Removal Assistance For Windows' started by justin rodriguez, Jun 7, 2017.

Need Malware Removal Help?

We offer free malware removal assistance to our members. Sign Up now, and get free malware removal support.

  1. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    Operating System:
    Windows 10
    Are you using a 32-bit or 64-bit operating system?:
    64-bit (x64)
    Infection date and initial symptoms:
    06/06/17

    downloaded what i thought was a movie, was an .exe package diguised as "boyandthebeast.exe".
    tried to hard reset(power button), started up seemingly normal but after a few secs went straight to bsod with the phrase
    IRQL not less than equal
    and
    ndistpr64.sys

    after that i was in a reset loop until i managed to get to the repair screen, then went into safe networking.
    Current issues and symptoms:
    bsod reset loop
    IRQL_NOT_LESS_THAN_EQUAL
    ndistpr64.sys error code
    Steps taken in order to remove the infection:
    ive read as many resources as i could, but dont really know exactly how im supposed to implement the FRST tool.
    so far ive gone into the system manually to uninstall and remove as much of what i could find and identify as malicious.
    however, i now am at a loss insofar as how to proceed.

    i waited as long as i could and got as much help as i could and did as much research as i could before posting this.
    Logs added to help request:
    • I did not upload the FRST logs (I understand that this will increase the time need it to clean-up the PC)
    any info regarding how to handle this would be appreciated. i still have to figure out how to make a backup of personal files and or my system while in safe mode, or however i can because im scared to reboot without at least having a rudimentary plan of action!
    thanks, hope this isnt too redundant for the forum.
     
  2. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    i am now in the process of zipping up my personal files and emailing them to myself via google drive. after that i will proceed to repair. please leave this thread open as i plan on running the farbar tool a.s.a.p.
    thank you all
     
    ravi prakash saini likes this.
  3. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    here are the reports from farbar tool. have set preferences to recieve email notifications. let me know if im missing something. thank you
     

    Attached Files:

  4. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    this is autoruns report
     

    Attached Files:

  5. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    now running ms window malicious software removal tool
     
  6. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    So im hoping that someone can help me with this?
     
  7. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    lost connectivity on desktop after reboot. successful reboot, but lost belkin service and then mozilla keeps popping up with two tabs. ran farbar tool again.
    these are the reports.

    PLEASE AAAH HELP!!
     

    Attached Files:

  8. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    the mozilla pop-up is bigpicturepop.com. hope this stuff helps
     
  9. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,120
    2,600
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
    Hello,


    Download [​IMG]Malwarebytes Anti-Rootkit to your desktop.
    • Double-click the icon to start the tool.
    • It will ask you where to extract it, then it will start.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Click in the introduction screen "next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt"
      • "system-log.txt"
     
  10. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    thank u for your assistantance. followed the insructions.
     

    Attached Files:

    S3cur1ty 3nthu5145t likes this.
  11. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,120
    2,600
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
    [​IMG] Scan with Farbar Recovery Scan Tool

    Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
      (XP users click run after receipt of Windows Security Warning - Open File).
    • Make sure that Addition.txt option is checked.

      [​IMG]
    • Press Scan button and wait.
    • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
    Please attach report into your next reply.
     
  12. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    thank you. here are the scans you requested
     

    Attached Files:

  13. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,120
    2,600
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
    I see why MBAR detected so little. Can you run it from Safe Mode with Networking so it can update and scan?
     
    rockstarrocks likes this.
  14. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    i can try. ive been having a hard time getting back to safe mode.
     
  15. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    im in the advanced options menu now, what should i do?
     
  16. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,120
    2,600
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
  17. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    now in safe mode w/networking enabled
     
  18. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    try to start it says requested resource in use
     
  19. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,120
    2,600
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
  20. justin rodriguez

    Jun 7, 2017
    36
    55
    Male
    rancho cucamonga, ca. US
    Windows 10
    i can download to laptop and use flash drive, is that ok