[Porotto]

Everything windows starts i get this crap show up in my process (originates from AppData\Local\YTPack) another is (AppData\Local\Ojics)

 

and it causes all this crap to be placed in my appdata/roaming folder (tried adwcleaner and malwarebyte neither find anything)

 

 

[Advertisements]

Hello Porotto, welcome to Geeks to Go Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. 
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

• Ensure you read through my instructions thoroughly, and carry out each step in the order specified.
• Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in providing the best set of instructions for you.
• Please backup important files before proceeding with my instructions. Malware removal can be unpredictable at times.   
• If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
• Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
• I will notify you when I believe your computer is free of malware. Please bear in mind, absence of symptoms does not necessarily correlate to absence of malware, so please wait until the "All Clean". 
• Ensure you are following this topic. Click  at the top of the page. 

======================================================
 
Please run the following diagnostic scans so I can ascertain the state of your computer.
 
STEP 1
 Farbar Recovery Scan Tool (FRST) Scan

• Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
• Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
• Right-Click FRST.exe or FRST64.exe and select  Run as administrator to run the programme.
• Click Yes to the disclaimer.
• Ensure the Addition.txt box is checked.
• Click the Scan button and let the programme run.
• Upon completion, click OK, then OK on the Addition.txt pop up screen.
• Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
   

STEP 2
 TDSSKiller Scan

• Please download TDSSKiller and save the file to your Desktop.
• Right-Click TDSSKiller.exe and select  Run as administrator to run the programme.
• Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
• ​Click Start Scan. Do not use the computer during the scan.
• If objects are found, change the action to skip.
• Click Continue and close the window.
• A log will be created and saved to the root directory (usually C:\). Attach (not copy/paste) the file in your next reply.
   

======================================================
 
STEP 3
 Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

• FRST.txt
• Addition.txt
• TDSSKiller log (attached!)

[LiquidTension]

Hello Porotto, welcome to Geeks to Go Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. 
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

• Ensure you read through my instructions thoroughly, and carry out each step in the order specified.
• Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in providing the best set of instructions for you.
• Please backup important files before proceeding with my instructions. Malware removal can be unpredictable at times.   
• If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
• Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
• I will notify you when I believe your computer is free of malware. Please bear in mind, absence of symptoms does not necessarily correlate to absence of malware, so please wait until the "All Clean". 
• Ensure you are following this topic. Click  at the top of the page. 

======================================================
 
Please run the following diagnostic scans so I can ascertain the state of your computer.
 
STEP 1
 Farbar Recovery Scan Tool (FRST) Scan

• Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
• Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
• Right-Click FRST.exe or FRST64.exe and select  Run as administrator to run the programme.
• Click Yes to the disclaimer.
• Ensure the Addition.txt box is checked.
• Click the Scan button and let the programme run.
• Upon completion, click OK, then OK on the Addition.txt pop up screen.
• Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
   

STEP 2
 TDSSKiller Scan

• Please download TDSSKiller and save the file to your Desktop.
• Right-Click TDSSKiller.exe and select  Run as administrator to run the programme.
• Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
• ​Click Start Scan. Do not use the computer during the scan.
• If objects are found, change the action to skip.
• Click Continue and close the window.
• A log will be created and saved to the root directory (usually C:\). Attach (not copy/paste) the file in your next reply.
   

======================================================
 
STEP 3
 Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

• FRST.txt
• Addition.txt
• TDSSKiller log (attached!)

[Porotto]

All 3 scanned. 

Attached Files

•  FRST.txt   67KB   289 downloads
•  Addition.txt   33.12KB   247 downloads
•  TDSSKiller.txt   257.5KB   348 downloads

[LiquidTension]

Hello, 
 
Do you recognise the following installed programme? KMSpico

[Porotto]

Yeah 100% know what that is

[LiquidTension]

Hello, 
 

Yeah 100% know what that is

Please refer to this site's Terms of Use on illegal/cracked software, and information on the dangers of such software below. 
 

Cracked Software

------------------------------

One or more of the identified issues may be a result of downloading cracked/pirated/illegal software. Participating in the use of such software is a security risk. We do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread malware. I strongly recommend you refrain from participating in this activity; your computer will be re-exposed to malware otherwise. Simply visiting a cracked software site often result in exposure to malware. In some instances malware may cause so much damage to your system that removal is not possible and the only option is to reformat your hard drive and reinstall your Operating System. Please refer to the following articles for more information.

• The Hidden Risks of Using Pirated Software
• IDC White paper: The Dangersous World of Counterfeit and Pirated Software
• Software Piracy on the Internet: A Threat To Your Securiy
• File Sharing, Piracy, and Malware
• Pirated software carries malware payload that can cost billions
• File Sharing (P2P), Torrents, Keygens, Cracks, Warez, and Pirated Software are a Security Risk

 
I would suggest considering a reformat of your computer and installing a legitimate copy of Windows, or looking into a free open-source alternative such as one of the many Linux distributions. Information on Linux can be found here, and in the Linux section of this forum.

[LiquidTension]

Since this issue appears to be resolved ... this Topic has been closed. 

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.