Okay I was stupid and downloaded a torrent! Needless to say it my computer keeps getting trojans and malware and everything else in between.
I have scanned with Malwarebytes but it keep reproducing hiding in the registry, files, etc. I deleted the torrent but cannot find where it keeps reproducing from.
It also opens up IE and runs my gpu at max speed but doesnt use any resources from the gpu!
I have to fix the registry after it is removed every time using Auto runs.
Malware bytes data: (long file log incoming. sorry)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/7/2016
Scan Time: 12:16 PM
Logfile: virus scan.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.08.07.03
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 10
CPU: x64
File System: NTFS
User: GARRE
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 304899
Time Elapsed: 4 min, 24 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\Cloud.exe, 552, Delete-on-Reboot, [2b14f4543c5e53e332bd2a62ad54af51]
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGChk.exe, 6972, Delete-on-Reboot, [f14e2c1c801a320442f22b3f4fb28977]
Modules: 14
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YbjlPack\Netctr8.dll, Delete-on-Reboot, [ac9366e2940625118644dfffcc35e31d],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGCommon.dll, Delete-on-Reboot, [7fc0291fa0faef470b299cce35ccde22],
Registry Keys: 0
(No malicious items detected)
Registry Values: 1
PUP.Optional.GoldClick, HKU\S-1-5-21-1378962510-1490833838-2733083114-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ProxyGate, C:\Users\GARRE\AppData\Roaming\ProxyGate\MainService.exe, Quarantined, [ae91bd8b9505ec4a7fb53e2c748d8977]
Registry Data: 0
(No malicious items detected)
Folders: 2
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate, Delete-on-Reboot, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\ocx, Quarantined, [75cab7918614033384724b84a45eae52],
Files: 22
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YbjlPack\Netctr8.dll, Delete-on-Reboot, [ac9366e2940625118644dfffcc35e31d],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\Cloud.exe, Delete-on-Reboot, [2b14f4543c5e53e332bd2a62ad54af51],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGCommon.dll, Delete-on-Reboot, [7fc0291fa0faef470b299cce35ccde22],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGChk.exe, Delete-on-Reboot, [f14e2c1c801a320442f22b3f4fb28977],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\MainService.exe, Quarantined, [ae91bd8b9505ec4a7fb53e2c748d8977],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGHelp.exe, Quarantined, [eb543513f1a9e551f73d591107fada26],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGLog.exe, Quarantined, [47f87bcda9f1a78fa490cc9e48b910f0],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGNet.exe, Quarantined, [66d926225842c670b084dd8d57aaf30d],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGUpd.exe, Quarantined, [ce719fa928721b1b201428428d74c937],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\ProxyGate.exe, Quarantined, [7cc3ab9dd7c3e94d23110f5b1ae71be5],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\Socket.exe, Quarantined, [4ef132162278ae8863d1f7738d74659b],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\TrafficMonitor.exe, Quarantined, [211ecb7dd5c5fb3b44f0c4a651b0639d],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\TrafficMonitor.ini, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\conf.dat, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\Config.ini, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\dbghelp.dll, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\dns.dat, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\list.dat, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\msvbvm60.dll, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\Skin.dll, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\ocx\mscomctl.ocx, Quarantined, [75cab7918614033384724b84a45eae52],
Physical Sectors: 0
(No malicious items detected)
(end)
I have scanned with Malwarebytes but it keep reproducing hiding in the registry, files, etc. I deleted the torrent but cannot find where it keeps reproducing from.
It also opens up IE and runs my gpu at max speed but doesnt use any resources from the gpu!
I have to fix the registry after it is removed every time using Auto runs.
Malware bytes data: (long file log incoming. sorry)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/7/2016
Scan Time: 12:16 PM
Logfile: virus scan.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.08.07.03
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 10
CPU: x64
File System: NTFS
User: GARRE
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 304899
Time Elapsed: 4 min, 24 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\Cloud.exe, 552, Delete-on-Reboot, [2b14f4543c5e53e332bd2a62ad54af51]
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGChk.exe, 6972, Delete-on-Reboot, [f14e2c1c801a320442f22b3f4fb28977]
Modules: 14
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YbjlPack\Netctr8.dll, Delete-on-Reboot, [ac9366e2940625118644dfffcc35e31d],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGCommon.dll, Delete-on-Reboot, [7fc0291fa0faef470b299cce35ccde22],
Registry Keys: 0
(No malicious items detected)
Registry Values: 1
PUP.Optional.GoldClick, HKU\S-1-5-21-1378962510-1490833838-2733083114-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ProxyGate, C:\Users\GARRE\AppData\Roaming\ProxyGate\MainService.exe, Quarantined, [ae91bd8b9505ec4a7fb53e2c748d8977]
Registry Data: 0
(No malicious items detected)
Folders: 2
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate, Delete-on-Reboot, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\ocx, Quarantined, [75cab7918614033384724b84a45eae52],
Files: 22
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YhdtPack\Hpzrctr80.dll, Delete-on-Reboot, [5be4d573fd9d4beb62e49d41dc257a86],
Trojan.Miuref.Generic, C:\Users\GARRE\AppData\Local\YbjlPack\Netctr8.dll, Delete-on-Reboot, [ac9366e2940625118644dfffcc35e31d],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\Cloud.exe, Delete-on-Reboot, [2b14f4543c5e53e332bd2a62ad54af51],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGCommon.dll, Delete-on-Reboot, [7fc0291fa0faef470b299cce35ccde22],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGChk.exe, Delete-on-Reboot, [f14e2c1c801a320442f22b3f4fb28977],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\MainService.exe, Quarantined, [ae91bd8b9505ec4a7fb53e2c748d8977],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGHelp.exe, Quarantined, [eb543513f1a9e551f73d591107fada26],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGLog.exe, Quarantined, [47f87bcda9f1a78fa490cc9e48b910f0],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGNet.exe, Quarantined, [66d926225842c670b084dd8d57aaf30d],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\PGUpd.exe, Quarantined, [ce719fa928721b1b201428428d74c937],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\ProxyGate.exe, Quarantined, [7cc3ab9dd7c3e94d23110f5b1ae71be5],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\Socket.exe, Quarantined, [4ef132162278ae8863d1f7738d74659b],
PUP.Optional.GoldClick, C:\Users\GARRE\AppData\Roaming\ProxyGate\TrafficMonitor.exe, Quarantined, [211ecb7dd5c5fb3b44f0c4a651b0639d],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\TrafficMonitor.ini, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\conf.dat, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\Config.ini, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\dbghelp.dll, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\dns.dat, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\list.dat, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\msvbvm60.dll, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\Skin.dll, Quarantined, [75cab7918614033384724b84a45eae52],
PUP.Optional.ProxyGate.PrxySvrRST, C:\Users\GARRE\AppData\Roaming\ProxyGate\ocx\mscomctl.ocx, Quarantined, [75cab7918614033384724b84a45eae52],
Physical Sectors: 0
(No malicious items detected)
(end)