Something keeps trying to access go.wvydeo.com/xxx … xxx and avast keeps blocking it. I don’t have to be using a web browser or have one opened for it to try. Avast says it is a URL:Mal.
I have done all of the scans that avast free offers. I have run Malwarebytes and cleared what it found. It is still trying to access go.wvydeo.com/xxx … xxx.
I have attached the files requested for an evaluation of what to do next.
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-09-2014
Ran by owner at 2014-09-10 22:02:42 Run:1
Running from C:\Users\owner\Desktop\Log Files
Boot Mode: Normal
HKU\S-1-5-21-1411632546-1894154949-1915452839-1000\Software\Microsoft\Windows\CurrentVersion\Run\TornTv Downloader => value deleted successfully.
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk => Moved successfully.
C:\Users\owner\AppData\Roaming\TornTV.com\Torntv Downloader.exe not found.
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}” => Key deleted successfully.
“HKCR\CLSID{9030D464-4C02-4ABF-8ECC-5164760863C6}” => Key not found.
C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh => Moved successfully.
“HKCU\SOFTWARE\Policies\Google” => Key deleted successfully.
“C:\Users\owner\Downloads\Unconfirmed 59986.crdownload” => File/Directory not found.
“C:\Users\owner\Downloads\Unconfirmed 968186.crdownload” => File/Directory not found.
“C:\Users\owner\Downloads\Unconfirmed 737677.crdownload” => File/Directory not found.
“C:\Users\owner\Downloads\Unconfirmed 965146.crdownload” => File/Directory not found.
“C:\Users\owner\Downloads\Unconfirmed 733483.crdownload” => File/Directory not found.
“C:\Users\owner\Downloads\Unconfirmed 141864.crdownload” => File/Directory not found.
“C:\Users\owner\Downloads\Unconfirmed 888421.crdownload” => File/Directory not found.
“C:\Users\owner\Downloads\Unconfirmed 454347.crdownload” => File/Directory not found.
“C:\Users\owner\Downloads\kdadialhpiikehpdeejjeiikopddkjem_37603.crx” => File/Directory not found.
“C:\Users\owner\Downloads\Unconfirmed 837615.crdownload” => File/Directory not found.
C:\Users\owner\AppData\Local\Idle~~Crawler => Moved successfully.
C:\Program Files\globalUpdate => Moved successfully.
C:\Users\owner\AppData\Local\globalUpdate => Moved successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{0A924F21-4445-4198-A421-4CA40919D9C5}” => Key deleted successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{0A924F21-4445-4198-A421-4CA40919D9C5}” => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\Idle~~Crawler Update => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\Idle~~Crawler Update" => Key deleted successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{23AAC458-2662-4DA8-B985-6B1EDDD6CD2A}” => Key deleted successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{23AAC458-2662-4DA8-B985-6B1EDDD6CD2A}” => Key deleted successfully.
C:\Windows\System32\Tasks\LaunchSignup => Moved successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup” => Key deleted successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{EE8AA38A-5984-400D-A574-874CFB14C3C2}” => Key deleted successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{EE8AA38A-5984-400D-A574-874CFB14C3C2}” => Key deleted successfully.
C:\Windows\System32\Tasks\Idle~~Crawler Runner => Moved successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Idle~_~Crawler Runner” => Key deleted successfully.
C:\Users\owner\jobq.dat => Moved successfully.
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
I haven’t been on the computer long enough after doing this to know for sure, but I haven’t seen an alert yet. Thanks! It also appears to be functioning much faster. I think I need to go get some RAM too.
Here is the log from the cleaner:
# AdwCleaner v3.309 - Report created 11/09/2014 at 08:10:02
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : owner - MIRIAMDELL
# Running from : C:\Users\owner\Downloads\AdwCleaner.exe
# Option : Clean
Okay, done. Thanks. So now my computer is fast again and doesn’t freeze up. But when I open Chrome I get an error message. I have to re-sign in to Chrome and tell it to show the book marks bar. And my extensions take a while to load.
I am experiencing the same issue, yet every forum I read in hopes of fixing all say WARNING THIS FIX IS SPECIFICALLY FOR THIS PERSON’S COMPUTER IF YOU TRY IT ON YOURS IT WILL EXPLODE or whatever. Please help. If I hear ding ding ding threat has been detected I might cut someone.