Hii and welcome.
The computer seem to be infected with a version of the SmartService Rootkit. This is a very difficult Rootkit to remove.
You will need a non infected secondary system to download FRST64 in a USB drive (Pen Drive), boot the infected computer in the Recovery Environment and run FRST64 at the command prompt. What it is most important is the the USB drive should not be inserted in the infected computer, but until you have reached the command prompt in the Recovery Environment. Here are the instructions.
Please download Farbar Recovery Scan Tool and save it to a flash drive.
Note: You need to run the version compatible with your system. In your case is FRST64.exe.
Boot in the Recovery Environment
- You are running Windows 10
- To enter the Recovery Environment with Windows 10, follow the instructions in this tutorial on TenForums
- Note: If you can't access the Recovery Environment using the method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on. For more information, check out this tutorial on TenForums.
Once in the command prompt
- In the command prompt, plug your USB Flash Drive in the infected computer.
- Type notepad at the prompt and press on Enter
- Notepad will open. Click on the File menu and select Open
- Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad
- In the command prompt, type e:\frst.exe64 and press on Enter
- Note: Replace the letter e with the drive letter of your USB Flash Drive
- FRST will open
- Click on Yes to accept the disclaimer
- Click on the Scan button and wait for it to complete
- A log called frst.txt will be saved on your USB Flash Drive. Post it in your next reply
If you successfully run FRST64 in the Recovery Enironment, boot the computer in Normal Mode and follow these steps:
Please download Malwarebytes to your desktop.
- Double-click mb3-setup-1878.1878-188.8.131.527.exe and follow the prompts to install the program.
- Once the program has fully updated, Proceed with the Scan options and select "Threat Scan".
- The Scan Pane is the introduction to scan-related options in the program. When you click Scan in the Menu Pane, you will see the screen shown below.
- After a scan has been executed, scan results are displayed.
- Put a checkmark on all detected and click on "Quarantine Selected"
- Selected reports may be viewed on screen, or exported to a text file for later viewing. Please note that only manual (on demand) scans are available for users of the free version of Malwarebytes.
You may export to your clipboard or to a text (TXT) file. Export to a .txt file and post its contents.
No request for help throughout private messaging will be attended.
If I have helped you, consider making a donation to help me continue the fight against Malware!