Help with Firewall/Hacker

Open Notepad. Inside Notepad paste the highlighted text inside Notepad


start
C:\Users\Enrique\AppData\Local\Temp\GBLCY.exe
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-04-05] ()
HKCU\...\Run: [Dargon] - C:\Dargon\DargonD.exe [x]
HKCU\...\Run: [WindowsUpdatevisd] - C:\Users\Enrique\OEPTK\HTWAQ.vbs [1382121 2013-07-06] ()
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL =
BHO-x32: Yealt Class - {40C78C4E-5AE5-4762-9B7D-D2DE31B03B77} - C:\Windows\SysWow64\yealt.dll (Yealt)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
cmd: netsh winsock reset
cmd: ipconfig /flush dns
C:\Users\Enrique\AppData\Roaming\JvXsG
C:\Users\Enrique\AppData\Roaming\QMBVL
C:\Users\Enrique\AppData\Roaming\nBLut
C:\Users\Enrique\AppData\Roaming\JEsNE
C:\32788R22FWJFW
C:\Windows\Tasks\SA.DAT
end


Click on File ===> Save As
File Name: Fixlist.txt
Save as type: All Files
Location: Desktop

Click on the Save button

Open FRST64.exe and click on the [Fix] button. Once done it will create a new log called Fixlog.txt Upload the new Fixlog.txt with your reply.

Once done run these two programs next

TDSSKILLER

download link TDSSKiller

Right-click TDSSKILLER.exe select


When the TDSSKiller console opens, click on: Change Parameters
Under Additional Options, place a check in the box next to: Detect TDLFS File System

Click: OK


Press: Start Scan


If a suspicious object is detected, the default action is Skip, leave it as is, and click on: Continue
If malicious objects are found, they show in the Scan results.
Ensure Cure (the default) is selected, then click: Continue > Reboot now, to finish the cleaning process.
(Note: If Cure is not available, select Skip, >>Do not select: Delete<<)


When done, the tool outputs its log to the disk with the Windows Operating System, normally C:\


Logs have a name like:
C:\TDSSKiller.X.X.X_12.04.2013_15.31.43_log.txt


Please post the TDSSKiller log in your reply.

On
Hold down Control and click on ESET Online Scanner to open ESET OnlineScan in a new window
Click the button
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
° Scan potentially unwanted applications
° Scan for potentially unsafe applications
° Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.

On or
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Right click on choose on your desktop
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
° Scan potentially unwanted applications
° Scan for potentially unsafe applications
° Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.

Uninstall these programs

Daemons Tools lite ( reason : causes BSODs on Windows 7 )
McAfee ( BSOD issue and not as good of a antivirus )
RegCleanPro ( don't need a reg cleaner for windows 7 )

After you remove Mcafee run the tool below

MCPR < download link

Don't see any logs uploaded .

Tdsskiller came out clean . Once the ESET is complete restart the PC .

So far its found 4 Win32/BitCoinMiner.p Applications
Its stuck at 56 scanning through steam
5 Trojans at 91% going through cookies

Once ESET is done and you restart the PC . Rerun FSS to see where we stand on the services .

Then run RogueKiller

RogueKiller for 32bit <==== Download Link

RogueKiller for 64bit <==== Download Link

Click on one of the links above that goes with your Windows 7 bit versions

Save to the Desktop.

Close all windows and browsers

Right click on and choose

Press: SCAN

provide the RKreport.txt (Mode: Scan) in your reply.