spitfir3x Posted July 28, 2019 ID:1325757 Share Posted July 28, 2019 Hi there, I'm dumb and wasn't paying attention and now I have IdledBuddy woes. I found a post where Ron requested information from a user and I thought I might try to streamline the process by presenting this information upfront. It might be helpful to mention that I am running Malware Bytes Premium v 3.8.3 Thanks for any help you can provide in advance! Step 2 output: # ------------------------------- # Malwarebytes AdwCleaner 7.4.0.0 # ------------------------------- # Build: 07-23-2019 # Database: 2019-07-22.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 07-27-2019 # Duration: 00:00:00 # OS: Windows 10 Home # Cleaned: 0 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** Not Deleted palikan.com ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [2594 octets] - [27/07/2019 19:11:38] AdwCleaner[C00].txt - [2595 octets] - [27/07/2019 19:14:23] AdwCleaner[S01].txt - [1459 octets] - [27/07/2019 19:35:42] AdwCleaner[S02].txt - [1520 octets] - [27/07/2019 19:36:05] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ########## step1.txt step3.1.txt step3.2.txt Link to post Share on other sites More sharing options...
kevinf80 Posted July 28, 2019 ID:1325780 Share Posted July 28, 2019 Hello spitfir3x and welcome to Malwarebytes, I do not see any reference to IdledBuddy in your logs, do this please... Run FRST one more time: Type or copy/paste the following into the edit box after "Search:". *IdledBuddy* Click Search Registry button and post the log (Search.txt) it makes to your reply. Thank you, Kevin.. Link to post Share on other sites More sharing options...
spitfir3x Posted July 29, 2019 Author ID:1325899 Share Posted July 29, 2019 Hey Kevin- Thanks for taking a look! I have been able to remove most entries of IdledBuddy from my registry (took a long time and a few reboots-- the idlebuddyserver was the hardest), but something always pops back up when I reboot. It's nested in A LOT of different places...hot damn! Anyway, here is the search result (I also attached it): Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01 Ran by Shadow (28-07-2019 19:32:08) Running from C:\Users\Shadow\Downloads Boot Mode: Normal ================== Search Registry: "IdledBuddy" =========== [HKEY_USERS\S-1-5-21-959147878-177299395-986142918-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07282019192650937\Software\IdledBuddy] ====== End of Search ====== Thanks again! SearchReg.txt Link to post Share on other sites More sharing options...
kevinf80 Posted July 29, 2019 ID:1325925 Share Posted July 29, 2019 Hello spifir3x, Thanks for that log, continue: Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix" NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Open FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Let me know if there are any remaining issues or concerns.... Thank you, Kevin... fixlist.txt Link to post Share on other sites More sharing options...
spitfir3x Posted July 29, 2019 Author ID:1326006 Share Posted July 29, 2019 Ran the fix successfully! I ran a quick search of my registry and it didn't find any entries for IdledBuddy. Thanks so much for you help!! Fix result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019 Ran by Shadow (29-07-2019 10:17:15) Run:1 Running from C:\Users\Shadow\Downloads Loaded Profiles: Shadow (Available Profiles: defaultuser0 & Shadow) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: Unlock: HKEY_USERS\S-1-5-21-959147878-177299395-986142918-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07282019192650937\Software\IdledBuddy reg: reg delete HKEY_USERS\S-1-5-21-959147878-177299395-986142918-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07282019192650937\Software\IdledBuddy ***************** Restore point was successfully created. Processes closed successfully. Unlock: HKEY_USERS\S-1-5-21-959147878-177299395-986142918-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07282019192650937\Software\IdledBuddy => Error: No automatic fix found for this entry. reg: reg delete HKEY_USERS\S-1-5-21-959147878-177299395-986142918-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07282019192650937\Software\IdledBuddy => Error: No automatic fix found for this entry. The system needed a reboot. ==== End of Fixlog 10:17:27 ==== Link to post Share on other sites More sharing options...
kevinf80 Posted July 29, 2019 ID:1326022 Share Posted July 29, 2019 Ok, if issue is cleared clean up as follows: Right click on FRST here: C:\Users\Shadow\Downloads\FRST64.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator" If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST64 to uninstall That action will remove FRST and all created files and folders... Next, Run Windows Disk Clean Up Utility - https://neosmart.net/wiki/disk-cleanup/ From there you should be good to go... Next, Read the following links to fully understand PC Security and Best Practices, you may find them useful....Answers to Common Security Questions and best PracticesDo I need a Registry Cleaner? Take care and surf safe Kevin... Link to post Share on other sites More sharing options...
kevinf80 Posted July 30, 2019 ID:1326369 Share Posted July 30, 2019 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks Link to post Share on other sites More sharing options...
Recommended Posts