[vannster69]

 Addition.txt   38.43KB   337 downloads  FRST add.txt   564.73KB   380 downloadsSo after a lot of headache I finally got my computer scanned and it looks like its a mess. I've been dealing with a high jacked Browser for a week now I couldn't do anything. As soon as windows loaded my browser would pop open and start going all over the place. I couldn't even refresh my computer or change certain settings. It's just been nuts, I've never experience anything like it. Anyway I hope to be able to get this resolved with a lot of help I'm sure.

[Advertisements]

Looking over your logs, back as soon as I've had time to check them through.

[Gary R]

Looking over your logs, back as soon as I've had time to check them through.

[Gary R]

Hi vannster69

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please observe these rules while we work:

• Do not edit your logs in any way whatsoever.
• Perform all actions in the order given.
• If you don't know, stop and ask! Don't keep going on.
• Please reply to this thread. Do not start a new topic.
• Stick with it till you're given the all clear.
• Remember, absence of symptoms does not mean the infection is all gone.
• Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
• Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.

If you can do these things, everything should go smoothly.
 

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

OK, there's a whole mass of stuff showing in your logs, but the "key" indicator of your infection is the entry below ...
 

HKLM\SYSTEM\CurrentControlSet\Services\vpceksg <==== ATTENTION (Rootkit!)

.... which indicates that you have an infection we're calling SmartService.

There are numerous versions of this infection (which appears to be still under active development by its creator), and which exact one you have may affect how successfully we can remove it.

So ...... there are two options open to you ......
 

• You can reset your computer to "factory" conditions, in which case you will lose your personal files and folders, and any programs and apps that you have installed.
• We can attempt to clean the infection off your machine.

The first option is probably quicker, and is pretty much guaranteed to work.

The second option preserves your files and programs, but is a fairly "involved" process, will probably take some time to complete, and is not guaranteed to return your machine to exactly how it was before you got infected.

Please let me know which of the above options you wish to take

If it is the option to clean your machine, please answer the following questions ....
 

• Do you have access to another "clean" computer that we can use to download the tools we'll need ?  (Your infection will "modify" any tools that are downloaded on the infected machine.
• Do you have access to a USB flash drive that we can use ? (to transfer things to and from the infected machine)

 

[Gary R]

Do you still need help ?

 

It is nearly 2 days since I posted in reply to your request for help, and I haven't heard anything from you.

 

If you no longer need help, please let me know.

 

If I don't hear from you within another 24 hours, I will presume that that is the case, and close this topic.

[vannster69]

I'm sorry I didn't get back to you sooner I've been busy. This whole thing with my computer has drained me and I slept for a day 1/2. When I got up and looked at my computer and found out it was in my safe mode now going crazy I completely lost it. I ended up yesterday at around 9PM cleaning my whole disk drive and over writing it. Now I did this not really knowing if it was going to fix it or not and I guess according to my screen I still am only 30% done. I hope this does it. Now I guess I need to figure out how and what Operating system I can afford because I believe that will be gone to won't it. Let me know if what I did will work or not and maybe you can point me in the right direction. I did buy a copy of total AV antivirus and malware protection. Have you heard anything about them.
Thank You and let me hear back from you.

Vann

[Gary R]

What process did you use to "clean your whole disk drive" ?

 

How are you overwriting your hard drive ?

[Gary R]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.