Need help getting rid of Malware hidden in one of my torrents.

Viruses and worms
1

Dear Forums,

I am currently having the following issue.

Whenever I start downloading with Utorrent. Avast keeps saying it blocked a threat that involves one of my torrents. But I have no idea how to get rid of it nor do I know how to know which torrent it is that contains the threat.

I’ve scanned with Spybot, Malwarebytes Anti-malware and Avast and I am still having this issue. I’ve followed the guide that involves the usage of Farbar Recovery Scan Tool and aswMBR just as the guide suggested. Maybe you guys can help me how to solve this issue.

I’ll enclose a screenshot with the exact error Avast has been giving me as well as the files that need to be enclosed of Farbar Recovery Scan Tool and aswMBR. I hope you guys can help me with this issue. Thanks in advance.

Kind Regards,

P.S. I couldn’t enclose the screenshot regarding my Avast error as I was limited to 4 files. So I’ll just quote the error here:

URL: http://extremlytorrents.com/scrape.php?info_hash=a�~c���h7�… (Link is longer but that’s all I can provide)

Infection: URL:Mal

Process: C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe

2

you have only attached one Farbar log … there should be one called frst.txt also

3

Somehow it didn’t upload everything idk how.

P.S. Won’t let me upload MBR.data file

4
P.S. Won't let me upload MBR.data file
we dont need it .... only logs are interesting ;)

essexboy will be online in a few hours and check your logs

5

Great I’ll check every now and then. Been very busy so might take awhile before I respond.

6

One of your seeds is infected and there is no way I can tell which one. The only option is to delete them all

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: AppInit_DLLs: C:\Program Files => C:\Program Files [0 2015-01-20] () AppInit_DLLs-x32: c:\program files => c:\program files [0 2015-01-20] () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

7

So what does this do?

8

The fix will remove some orphans is all