11 blocked webpages/files after scans

[Michael (alan1998)]

The MBAM log file is not in your post. Please Re-attach

[nowizard]

had just realized that myself and modified the post to include the MBAM log. Sorry about that.

[Valinorum]

Yes, you can remove ESET via Control Panel.

• Step #8 Scan with RogueKiller
  
  • Download Rogue Killer from one of the suitable links below to your Desktop.
    Download link for 32 bit system
    Download link for 64 bit system
    
  • Let the pre-scan finish. After that click on Scan;
    
  • The scan won't take long;
  • A log has been created on your Desktop;
    
  • Attach the content of the log in your next reply.

• Required Log(s):
  
  • RogueKiller Log

Regards,
Valinorum

[nowizard]

Problems...
The Laptop in discussion could not maintain connectivity this afternoon AND now it won't connect at all.
Have been experiencing the intermittent connections for the past two days.

The RogueKiller link (64 bit) does not work. On the Laptop if I right click to open in new tab or window I get "could not establish connection" to localhost/RogueKillerX64.exe. To open in existing window I get the same but to page adlice.com tools.

I went to my desktop PC and right clicking gives me a blank tab. Open in existing window gives me the "could not establish connection" (adlice.com tools).

Also, I set display type to 125% on the Laptop but the font size on this forum is barely readable as in like 6 pt size, but other webpages are normal for the percentage set. Why is this forum so small?

Summary
1) what is causing the connectivity issue
2) hyperlink not working for RogueKiller
3) Small font on forum

[Valinorum]

1) what is causing the connectivity issue

Did you consult with your ISP?

2) hyperlink not working for RogueKiller

The link is down. Use the following instead --
http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe

3) Small font on forum

While on the forum press Ctrl++ to increase the display size.

[Valinorum]

Do you still require help?

[nowizard]

Sorry for the delay. I was out of town.

Connectivity is isolated to the Presario being discussed here. 3 other PCs and two smartphones in the home have no problem connecting. Connectivity was intermittent after the last ComboFix scan and the day after ESET ran i was able to connect for a short time but have not been able to connect since.

The touch pad isn't working properly either. Sometimes I can't get it to do anything, other times I get a small box ... like a scroll box.

Do you want me to go ahead and run RogueKiller or wait until the connectivity issue is resolved?

[Valinorum]

Hi nowizard,

Yes, proceed with RogueKiller scan. In addition perform the following steps as well and attach the logs.

• Step #9 Scan with Farbar Service Scanner
  
  • Please download Farbar Service Scanner by Farbar to your Desktop from the link below.
    Download Link
    
  • Right-click and choose Run as Administrator;
    
  • Make sure the following options are checked:
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center
    
  • Windows Update
  • Press "Scan".
    
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

• Step #10 SystemLook Search
  
  • Please download SystemLook by jpshortstuff to your Desktop from the suitable link below.
    
    • Download Link for 32-bit System.
      
    • Download Link for 64-bit System
  • Right-click and choose Run as administrator;
    
  • In the search box, copy and pasted the following code in the code-box.

Code: [Select]

:filefind
afd.sys


• Click on Look;
  
• After the scan a log will be opened;
• Attach the log in your next reply.

• Required Log(s):
  
  • FSS.txt;
  • SystemLook Log

Regards,
Valinorum

[nowizard]

Ok...three scans I must do. RogueKiller, Farbar and System Look.

I will not be able to run them and post back until Tuesday late afternoon. 

In the meantime, can you tell me if all three will run without error if they are downloaded to a Flash Drive from a working PC and then copied to the Presario desktop?

Thanks in advance, Valinorum, and for your patience too.

[Valinorum]

In the meantime, can you tell me if all three will run without error if they are downloaded to a Flash Drive from a working PC and then copied to the Presario desktop?

Yes.

[nowizard]

RogueKiller scan complete -- items were found but I did not delete them as I was not sure if you wanted me to. Log is attached. Please advise if I should delete the items found.

System Look complete -- log attached

Farbar -- cannot download Farbar Service Scanner. Avast! blocks it -- Win32:Evo-gen. quarantines the file. I turned off Avast and was able to save it to a Flash Drive but Avast blocked it again when transferring to the desktop (threat detected before execution). The funny thing is that I ran a scan with Malwarebytes and Avast after downloading and before transferring to the desktop and both scans were clean. I did a little research on Bleeping Computer and can't find any solid answers. The closest I came was that it has to be downloaded directly to the desktop. By any other means it stores in a temp folder and it will not run.

At any rate, where do I go from here in order to run the scan? I have an FSS icon on the desktop now but I can't delete it...says the file/path cannot be located. 

[Valinorum]

Hi nowizard,

• Step #11 Fix with RogueKiller
  
  • Re-run RogueKiller.
    
  • Let the pre-scan finish. After that click on Scan and wait for the scan to finish;
    
  • Click on Delete;
    
  • Now again click on Scan and wait for the scan to finish;
    
  • Click on Report and a log file will open;
    
  • Attach the report in your next reply.

• Step #12 Fix with OTL
  
  • Re-run OTL by right clicking and choosing Run as administrator;
    
  • Under the Custom Scans/Fixes Box copy and paste the following contents inside the code box.
    

Code: [Select]

:Commands
[createrestorepoint]

:Files
ipconfig /release /c
ipconfig /renew /c
ipconfig /flushdns /c
netsh winsock reset /c

:Commands
[reboot]


• Click on "Run Fix" and let the program run unhindered;
  
• Your PC will reboot automatically and a log will be opened;
• Please attach it in your next reply.

• Required Log(s):
  
  • RogueKiller Report;
  • OTL Fix Log

Regards,
Valinorum

[nowizard]

OTL did not open a log after reboot. The attached is what I found in the program folder.
Desktop now shows 4 additional icons ... administrator (margaret) folder, computer, and...

two (2) desktop.ini ----> what are these?

Was I to go through all tabs in RogueKiller and delete everything that was found? One item remains, in the third tab I believe.

Thanks for your continued support and help.

[Valinorum]

How is your internet?

[nowizard]

managed to connect AND stay connected for 6 minutes.

reconnected, and tried to download Farbar Service Scanner ----> FAILED. Webshield is blocking http://....FSS.exe, Win 32:Evo-gen [Susp]. Each attempt quarantines a different file name from the local folder. Download aborts.

lost connection again ... approximately 10 minutes. It seems to me, ComboFix might have something to do with the connectivity issue as I had the same problem with another PC last year. Could be wrong, tho, but it is coincidental all the same.  Don't recall what the fix was on that PC unfortunately.

What are the desktop.ini icons that are now appearing on the desktop? Can they be deleted?

Thanks Valinorum. Hope your day is going well...not too stressful.