uTorrent

Discussion in 'Malware Help (A Specialist Will Reply)' started by brewticus, Apr 3, 2015.

  1. brewticus

    brewticus Private E-2

    Got a laptop that was infected with uTorrent malware/virus. I cannot install nor run any antispyware tools. I cannot even disable user account controls. When I try to disable UAC an error message appears from this uTorrent software stating something about 'bencoding'. I tried to download tools on another PC and transfer then to infected PC after starting in safemode. The files are all executables but a standard windows opens asking with which program do I want to open any of these files.

    This is the worst infections I have ever seen. Any help would be appreciated.
     
    brewticus, Apr 3, 2015
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Did you install uTorrent yourself??

    You did not tell us what version of Windows you are using so we can decide what we want to do next.

    Also are you able to download/run anything in safe boot mode with networking?
     
    chaslang, Apr 4, 2015
    #2
  3. brewticus

    brewticus Private E-2

    Windows 7. This is my son's laptop. He is not sure where he downloaded it from, but it was an intentional download and install. I can boot in safe mode and download some things, but mostly no. I cannot execute any worthwhile program.

    He currently has a Mcafee installed. I cannot open Mcafee from shortcut or .exe in explorer. I was able to open Mcafee from the toolbar. Several error messages about trying to turn on any active monitoring, but was able to get to and run full scan. currently running...slowly.
     
    brewticus, Apr 4, 2015
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    McAfee will more than likely just get in the way of cleanup and may even be part of the problems you are having. So it would be best if you could uninstall it now..... assuming you have the ability to reinstall it later ( like you have the installer package ).

    If you uninstall McAfee and try rebooting normally do things run better? Either way, please try to do the below.

    Please do the below so that we can boot to System Recovery Options to run a scan.

    For 32-bit (x86) systems download Farbar Recovery Scan Tool and save it to a flash drive.
    For 64-bit (x64) systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    On the System Recovery Options menu you will get the following options:
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please attach this file to your next reply. (See: How to attach)
     
    chaslang, Apr 4, 2015
    #4
  5. brewticus

    brewticus Private E-2

    computer would not recognize flash drive, had to run from hdd. see attached log.
     

    Attached Files:

    brewticus, Apr 7, 2015
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Did you uninstall McAfee as requested? I still see it in your FRST log. If you have not uninstalled it, you must do so now before running the below fix because it will break McAfee anyway.

    Note: I don't see any signs of uTorrent but I do see other junkware.


    Check you installed programs list to see if you see any of the below. If found then uninstall. If they do not uninstall or are not found, just keep going with the fix.
    UniDeaalsi
    UNNiDeealsoi
    SearchProtect


    Download this >> View attachment fixlist.txt


    Save fixlist.txt to your flash drive.
    • You should now have both fixlist.txt and FRST64.exe on your flash drive.
    Now reboot back into the System Recovery Options as you did previously.
    Run FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt).
    Please attach this to your next message. (See how to attach)

    Now boot into normal Windows and explain to me what problems you are still having. Also attach the Fixlog.txt file.
     
    chaslang, Apr 11, 2015
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds