Jump to content

Internet/Mail.ru/extension.city......all of the above

arthacker21
 Share

Recommended Posts

arthacker21

arthacker21

Posted
Posted

Ironically enough all of this happened right after I installed McAfee and I uninstalled afterwards. Even got to a point where I can't turn my pc on. I got it on and installed Malwarebytes and ran it the first time with high hopes. Rebooted and now the problems are still there and I can't open Malwarebytes. Twitch won't open, Discord won't open, Chrome and all browsers go to Bing, Can't get rid of this stuff. Constantly seeing "download *insert name here* and this will get rid of [exactly what i'm having problems with.] Frankly I'm tired of searching for answers and can't afford to take it for someone to do it for me. 

 

...and I can't seem to find any threat scan logs for Malwarebytes.

FRST_27-03-2018 01.07.48.txt

Addition_27-03-2018 01.07.48.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello arthacker and welcome to Malwarebytes,

Your system is infected with smartservice infection. To remove this infection you will need acess to a spare PC and a USB flashdrive 4GB or above. Do this first:

Open FRST, copy/paste the following inside the text area of FRST. Once done, click on the Fix button. A file called fixlog.txt should appear on your desktop or the folder you saved FRST to. Attach it in your next reply.
 
Quote

Start::
CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes
CMD: fltmc instances
CMD: dir /a:-d /o:d C:\windows\system32\drivers
End::



user posted image

Thanks,

Kevin

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted
Boot up your spare PC plug in the flash drive, navigate to that drive, right click on it direct and select format. Quick option is adequate...

Next,

On that same PC downoad and save FRST to same Flash drive, make sure to get the correct version, if you are unsure d/l and save both, only the correct one will run. Do not plug Flash Drive into sick PC until booted to Recovery Environment.

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

Next,

Boot sick PC to Recovery Environment, if you are unsure of that action have a read at the following link, maybe bookmark for future reference...

https://www.tenforums.com/tutorials/2294-boot-advanced-startup-options-windows-10-a.html

Next,

From the Windows 10 Tutorial you should get access to the Advanced Startup Options at boot for Windows 10

user posted image


From that window select "Troubleshoot"


user posted image


From the next window select "Advance Options"


user posted image


From that Window select "Command Prompt"

Ensure to plug the flash drive into a USB port... You should now be in Recovery Environment with the Command Prompt Window open......

Continue with the following:
 
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" or "My PC" and find your flash drive letter and close the notepad.
  • In the command window type E:\frst64 or E:\frst depending on your version. Press Enter Note: Replace letter E with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


Leave the infected PC in Recovery mode, post the produced log from your flash drive via the spare PC....

Thank you,

Kevin..
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

The link I listed gave 7 options, if you`ve tried all of those and still have problems maybe recovery option is disabled...

Select Windows key and X key together, from the X menu list select "Command prompt (Admin)" at the prompt type or copy paste the following:

bcdedit.exe /set {default} recoveryenabled yes  then hit enter...

When that is done try the options again. Please be aware that if this PC is booted to any option other that Recovery Environment the infection will mutate and Recovery Options will be turned off again.

Thanks,

Kevin...

Link to post
Share on other sites
arthacker21

arthacker21

Posted
  • Author
Posted (edited)

okay I am once again at the windows boot manager and these steps say noithing abuot that. the only options I have are to start windows 10 or use thee windows memory diagnostics tool... or I can  presss f8 to specify an advanced option. 

Edited by arthacker21
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted (edited)

Probably Recovery option is turned off again, even booting to safe mode allows the protective driver to rename itself and turn off Recovery Environment option... Boot back to Windows run the following command from Elevated Command prompt, when that is done try to access recovery environment again..

bcdedit.exe /set {default} recoveryenabled yes 

If the USB flash drive has been plugged into the sick PC when in safe mode that will have to be formatted again on spare PC..

 

Edited by kevinf80
typing error
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.