blackled/info, reddie net and eluded/info warnings

[REDACTED]

Hello
I have been trying to clean my nephews laptop from spyware, trojans etc. After boot scans of avast, malwarebytes and spybot from desktop it found many problems.. pc optimiser, shopper pro, fake chrome browsers..and on and on. Every cleaner now reports it is clean but when a network connection is established I get avast pop ups warning of blackled, blackfight, eluded and a couple of others.

Trawling this forum for possible solutions it seems this problem is more complicated than I had first thought and no regular scanning will fix it. I have followed the advice given to others with a similar problem and included the 3 scan logs that are usually needed for the gurus to have a look at. I hope this isn't jumping the gun.

If anybody can help me I would be most grateful, I'm stumped.

ETA oh and reddie.net as well.

CD

[essexboy]

Could you let me know how the computer is after this

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM-x32\...\RunOnce: [Takelemis] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Connor\AppData\Local\6AFC54~1\Gabanof.dat"
2015-04-24 12:41 - 2015-04-24 19:55 - 00003174 _____ () C:\Windows\System32\Tasks\{709627D2-CA06-4002-BE77-8774AC68D587}
2015-04-23 09:06 - 2015-04-23 09:06 - 00000000 ____D () C:\ProgramData\5b756c3d0000547b
2015-04-23 09:06 - 2015-04-23 09:06 - 00000000 ____D () C:\ProgramData\2dcded2000000727
2015-04-23 07:47 - 2015-04-23 11:38 - 00000000 ____D () C:\ProgramData\{5a703664-10e6-e17a-5a70-0366410ed990}
2015-04-22 12:43 - 2015-04-22 12:43 - 00000000 ___HD () C:\Users\Connor\AppData\Local\6afc548716c3c6a8
2015-04-19 20:59 - 2015-04-23 16:09 - 00000000 ____D () C:\ProgramData\{a2ef717a-3f9f-b525-a2ef-f717a3f9c5e8}
2015-04-01 19:16 - 2015-04-01 19:16 - 00274045 _____ () C:\Users\Connor\AppData\Local\dsi1.dat
2015-04-01 19:16 - 2015-04-01 19:16 - 00161916 _____ () C:\Users\Connor\AppData\Local\dsi2.dat
2015-03-30 23:25 - 2015-03-30 23:25 - 00000000 ____D () C:\Users\Connor\AppData\Local\speed browser
2015-03-29 17:55 - 2015-03-29 17:55 - 00000000 ____D () C:\ProgramData\{4795AF56-1717-7ED0-A691-0E527613DDDC}
2015-03-29 17:44 - 2015-04-24 10:53 - 00003174 _____ () C:\Windows\System32\Tasks\Run_Browser
2015-03-29 17:40 - 2015-03-29 17:40 - 00000000 _____ () C:\Users\Connor\Downloads\microsoft publisher.exe.0gkxh2g.partial
Task: {1E3D2874-C5C6-4449-8A70-D6E42CC66470} - \avast! Emergency Update No Task File <==== ATTENTION
Task: {4333BA90-C9E8-4E55-9C7B-ADC55E742687} - System32\Tasks\Run_Browser => C:\Users\Connor\AppData\Local\UnicoBrowser\Application\unicobrowser.exe <==== ATTENTION
Task: {457C2A1A-EC52-46BB-AD49-8AFAA8F6C7E8} - \NetEngine No Task File <==== ATTENTION
Task: {576947E9-5D6D-4B3F-A275-A710D3051A60} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {6D890144-A0E1-414C-9C45-81A07F49DA32} - \gtaUpt No Task File <==== ATTENTION
Task: {70266331-51E5-4A5D-8F25-3FBA64180C85} - \YMJULZV No Task File <==== ATTENTION
Task: {8DEBAB08-858A-4007-99CD-725F89A2C94B} - \82b2b799-a02e-485b-bea1-9001eb5fd038-10_user No Task File <==== ATTENTION
Task: {B0E21C5F-4549-4F63-8B1F-40DB56D6EF8B} - \WebBarUpdateTask No Task File <==== ATTENTION
Task: {B43BACD2-BE0F-4402-83FF-E66341675FC7} - \WebBarLaunchTask No Task File <==== ATTENTION
Task: {B55511AF-9749-4CF5-8DBF-D312DD9686F6} - \82b2b799-a02e-485b-bea1-9001eb5fd038-5 No Task File <==== ATTENTION
Task: {D15F9BDA-F160-4924-99F1-59E3215661CD} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {EC5407CA-DC46-4CC3-B5C0-6D05A75E3ADF} - \LaunchSignup No Task File <==== ATTENTION
C:\Users\Connor\AppData\Local\6AFC54~1
C:\Users\Connor\AppData\Local\UnicoBrowser
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S0].txt as well.
  

[REDACTED]

Thank you for your speedy reply and help. So far so good  no warnings 
I am running the Adwcleaner at the moment and will post the log for that but here is the log for FRST64.

You are a star!!

[REDACTED]

And here is the log for Adwcleaner.
Thank you 

So far so good.

[REDACTED]

i am having literally the same exact problem. it seems quite a few people are looking at the forum board. no fix for me yet :/a

[essexboy]

 kalanhenson could you start your own topic please

claydust  any further problems ?

[REDACTED]

Everything's great, thank you for your time and expertise. You have saved a young lads saved course work going down the digital drain.

 

[essexboy]

Subject to no further problems   

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems 

Now the best part of the day ----- Your log now appears clean  :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset  System Restore points:

Remove tools

Download and run Delfix
Select the options as shown


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme 

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide  Best security practices Keep safe  :wave: