jkihljdtssd.exe

loads during startup, captures keyboard and mouse so any clicks go to screen that you have been infected and should buy their product, and often pops up otherwise warning you of the same, while running a bogus scan to tell you about more infections.
It sits in *\local data\application\gqlakiass
I expect it to come back from some other entry.
It first popped up while reading an article at the american.com but that may have been delayed from some earlier sites…
If you click on it, it will show the web site that it’s going to so you can pay to shut it up. I’ve got one computer and am not exploring that myself or I’d record the name and use a very old denial of service trick from the 80’s. It’s slow but steady - he’s got to paying for bandwidth…

Hi Nouse,

Have you try to do a boot-time scan with avast! 5.0?

Then you may combine with dr.Web Scanner to do a scanning.

cheers,