Fine for me and thanks for understanding for my policy
Please generate a fresh FRST report.
Fine for me and thanks for understanding for my policy
Please generate a fresh FRST report.
Files as requested.
Hi
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/remove%20outdated.jpg
Uninstall some programs
We need to uninstall some programs.
[*]Press the
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/WindowsKey.png
[b]The list of programs to uninstall:[b]
[*]Idle~_~Crawler
After completing uninstalls, please manually reboot your machine!
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[b] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/b]
Press the
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/WindowsKey.png
[*]Copy the entire content of the codebox below and paste into the Notepad document:
start
() C:\Users\Neil\AppData\Local\Idle~_~Crawler\Idle~_~Crawler.exe
(The Chromium Authors) C:\Users\Neil\AppData\Local\Idle~_~Crawler\Chrome-bin\chrome.exe
HKLM-x32\...\Run: [] => [X]
C:\Users\Neil\AppData\Roaming\TornTV.com
Startup: C:\Users\Neil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Neil\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
S3 WacomVKHid; system32\DRIVERS\WacomVKHid.sys [X]
C:\Users\Neil\AppData\Local\Idle~_~Crawler
C:\Windows\System32\Tasks\Idle~_~Crawler Runner
HKU\S-1-5-21-157278496-3844868656-3785133182-1000\...\Run: [Only-search] => C:\Users\Neil\AppData\Local\onlysearch\onlysearch\1.3.12.4\onlysearch.exe
C:\Users\Neil\AppData\Local\onlysearch
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:0FD841FF
Hosts:
Task: {80A73CD4-797B-412B-A4AD-12E5C208ABC3} - System32\Tasks\Idle~_~Crawler Runner => %LOCALAPPDATA%\Idle~_~Crawler\Idle~_~Crawler.exe <==== ATTENTION
Task: {A4D3415D-6E80-470E-A172-CE3DF1E4F78A} - System32\Tasks\Microsoft\Windows\Maintenance\Idle~_~Crawler Update => %LOCALAPPDATA%\Idle~_~Crawler\Idle~_~Crawler.exe <==== ATTENTION
EmptyTemp:
end
[*]Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
XP users click run after receipt of Windows Security Warning - Open File.
8 users will be prompted about Windows SmartScreen protection - click More information and Run.
[*]Press the Fix button just once and wait.
[*]If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
[*]When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please include it in your reply.
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool.
[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
XP users click run after receipt of Windows Security Warning - Open File.
8 users will be prompted about Windows SmartScreen protection - click More information and Run.
[*]Make sure that Addition option is checked.
[*]Press Scan button and wait.
[*]The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
I have un-installed the programs. I have also started FRST running with the fixlist.txt file. It produced a Fixlog.txt file almost immediately but it is still running after nearly an hour. Does this sound right?
After an hour and a half FRST stopped working. I have attached the fixlog.txt file that it generated.
Also attached are the files generated when rerunning FRST.
The main part is done, but the EmptyTemp: command couldn’t finish.
Let’s try this one instead:
https://sites.google.com/site/cannedfixes/tfc/5204fb054866c-TFC_nieuw_25x25.png
Clean Temporary Files with TFC
Please download TFC by OldTimer and save it to your desktop.
[*]Right-click on
https://sites.google.com/site/cannedfixes/tfc/5204fb054866c-TFC_nieuw_25x25.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[*]Close any open programs and save your current work.
[*]Click the Start button to begin. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a couple of minutes.
[*]Once it’s finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
This tool doesn’t generate any report. Instead I recommend to keep it for good maintenance of your machine.
I’ve run TFC. I tend to keep on top of temporary files on my account but it cleaned up a lot of space from the other user accounts.
Do you think the PC is clean now? The have been no further re-occurences of the clickred.com warning for a few days now.
Thanks
Neil
Hi
Yes, I think we’re heading to finish. Just a general scan to see if everything is ok.
https://sites.google.com/site/cannedfixes/activescan/panda-av.jpg
Scan with Panda Cloud Cleaner
This type of scan often produces false positives. In any case do not remove on your own any of its findings! Removal will be made after the careful analysis of the scan results.
Please download Panda Cloud Cleaner and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
[*]Install the scanner by right-click on
https://sites.google.com/site/cannedfixes/activescan/panda-av.jpg
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator.
[*]It should start itself automaticaly after the installation.
[*]In the main console click Accept and Scan.
[*]This scan won’t take long, about several minutes (depending on your system specs). Let it run uninterrupted.
[*]At the last stage you will see a couple of messages about veryfying & analyzing results. Wait patiently.
[*]Upon completion you will see detections window. Enter one of them and click there View Report at the bottom right side.
[*]A notepad window named PCloudCleaner.log will open. Save it to your desktop.
Please include the contents of that file in your next reply.
Don’t forget to re-enable your switched-off protection software!
After that you may uninstall Panda Cloud Cleaner from your machine, if you wish to.
I have attached the log.
In panda Cloud Cleaner choose this two for deletion:
REGKEY: HKCU\SOFTWARE\TORNTV DOWNLOADER. Key to be deleted..
REGKEY: HKCU\SOFTWARE\TORNTV DOWNLOADER. Key to be deleted.
https://sites.google.com/site/cannedfixes/security-check/51c9d14017fa0-SecurityCheck.PNG
Scan with Security Check
Please download Security Check by Screen317 and save it to your desktop.
[*]Right-click on
https://sites.google.com/site/cannedfixes/security-check/51c9d14017fa0-SecurityCheck.PNG
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[*]Follow onscreen instructions inside the black box. This scan won’t take long.
[*]Soon a notepad document called checkup.txt will open automaticaly.
Please include the content of that document.
checkup.txt attached as requested.
Neil
Hi
https://sites.google.com/site/cannedfixes/updating-software/updates.png
Update outdated software
Staying always updated is crucial, not only for your operating system, but also for any third-party installed software.
Your logs clearly indicate that some of your software needs updating.
https://sites.google.com/site/cannedfixes/updating-software/Adobe_Reader_v9-0_icon.png
Updating Adobe manually
[*]Visit Adobe website.
[*]You will see a download option there for the newest Adobe Acrobat version.
[*]In the center part you will be prompted to install McAfee Security Scan Plus as a free program. This is foistware. Remember to leave the box for McAfee UNCHECKED.
[*]Click on Install, save the file to a convenient location, double-click it and follow the prompts.
Please remember to keep it always updated.
https://sites.google.com/site/cannedfixes/delfix/51a5ce45263de-delfix.png
Clean with DelFix
Please download DelFix by Xplode and save it to your desktop.
[*]Right-click on
https://sites.google.com/site/cannedfixes/delfix/51a5ce45263de-delfix.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[*]Ensure that Remove disinfection tools, Purge system restore and Reset system settings are checked.
[*]Push Run.
[*]When finished, it will display a notepad report.
Include it for my review.
Please also manually reboot your machine after posting your logfile.
Acrobat updated and DelFix run.
I am sorry for the delay, had working Sunday.
I think that you are ready to go.
Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.
Recommended reading:
http://forum.programosy.pl/images/smilies/icon_exclaim.gif
MUST READ - security tips: Computer Security - a short guide to staying safer online.
http://forum.programosy.pl/images/smilies/icon_exclaim.gif
MUST READ - general maintenance: What to do if your Computer is running slowly?
Recommended additional software:
http://forum.programosy.pl/images/smilies/icon_arrow.gif
TFC - to clean unneeded temporary files.
http://forum.programosy.pl/images/smilies/icon_arrow.gif
Malwarebytes’ Anti-Malware - to scan your system from time to time in search for malware.
http://forum.programosy.pl/images/smilies/icon_arrow.gif
Malwarebytes’ Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
http://forum.programosy.pl/images/smilies/icon_arrow.gif
McShield - to prevent infections spread by removable media.
http://forum.programosy.pl/images/smilies/icon_arrow.gif
CryptoPrevent - to secure yourself from very severe CryptoLocker infection.
http://forum.programosy.pl/images/smilies/icon_arrow.gif
Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.
My help is always free, but if you are happy with the help provided and wish to help my fight against malware, please consider making a donation.
All donations are to refund a new HDD to replace the old one, which recently passed away!
https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif
Now if you have any other questions, feel free to ask me. Otherwise simply acknowledge my recommendations and this topic will be closed.
https://sites.google.com/site/cannedfixes/closing/Minion-Bye-smaller.jpg
Stay safe,
Naat
Hi Naat,
Thanks for spending the time and effort to sort this out for me. Your help has really been appreciated and I have made a donation.
Best regards,
Neil
Thank you very much.
If you’d ever have any other issues hopefully not) - you know that you’ll be helped here
Cheers,
Naat