Cleaning Up My Kids Pc

Welcome to MajorGeeks!

Now, re-run RogueKiller.exe. (Vista/Windows7/8/10 users should right-click and select "Run as Administrator")
After it finishes the scan, select the following tabs and then select any of the below that exist and then click the Remove Selected button.
¤¤¤ Registry ¤¤¤

[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Conduit -> Found
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} -> Found
[PUP] (X64) HKEY_USERS\S-1-5-21-1206005132-2320787077-2567471192-1002\Software\Conduit -> Found
[PUP] (X86) HKEY_USERS\S-1-5-21-1206005132-2320787077-2567471192-1002\Software\Conduit -> Found
[PUP] (X64) HKEY_USERS\S-1-5-21-1206005132-2320787077-2567471192-1002\Software\AppDataLow\Toolbar -> Found
[PUP] (X86) HKEY_USERS\S-1-5-21-1206005132-2320787077-2567471192-1002\Software\AppDataLow\Toolbar -> Found
[PUP] (X64) HKEY_USERS\S-1-5-21-1206005132-2320787077-2567471192-1002\Software\AppDataLow\Software\Conduit -> Found
[PUP] (X86) HKEY_USERS\S-1-5-21-1206005132-2320787077-2567471192-1002\Software\AppDataLow\Software\Conduit -> Found
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6} -> Found
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> Found
[PUP] (X64) HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} : -> Found
[PUP] (X86) HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} : -> Found
[PUP] (X64) HKEY_USERS\S-1-5-21-1206005132-2320787077-2567471192-1002\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} : -> Found
[PUP] (X86) HKEY_USERS\S-1-5-21-1206005132-2320787077-2567471192-1002\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} : -> Found
[PUP] (X64) HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} : -> Found
[PUP] (X86) HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} : -> Found
​

¤¤¤ Files ¤¤¤

[Hj.Shortcut][File] C:\Users\Aiden\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-6757900.lnk [LNK@] C:\PROGRA~1\INTERN~1\iexplore.exe -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x771a865e -pinnedTimeHigh 0x01ce35ed -securityFlags 0x00000000 -url 0x00000017 http://www.youtube.com/ -> Found
[PUP][Folder] C:\Users\Aiden\AppData\Local\NativeMessaging -> Found
[PUP][Folder] C:\Users\Aiden\AppData\Local\WhiteListing -> Found
​

¤¤¤ Web browsers ¤¤¤

[PUP][CHROME:Addon] Default : Ads Removal [fopdddcinljmpmioaklghcalngfhbaen] -> Found
​

Then immediately reboot your PC.

Now run a new scan with RogueKiller and save a log as in the original instructions and upload that new log.

Now re-scan with Hitman Pro and have it delete everything under the headings of

• Malware
• Potential Unwanted Programs

Ignore all other detections.
Afterwards, click the Next button.
Now reboot the PC in order for the changes to take affect.

After reboot and when you are back in Windows, rescan with HitmanPro and upload the new log.

Now please download Junkware Removal Tool to your desktop.

• Make sure to shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Note: That JRT may reset your home page to a google default so you will need to restore your home page setting if this happens.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Upload JRT.txt to your next message.

Next download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Please uncheck elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[S#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• Upload this log to your next reply.

Please download ZHPcleaner to your desktop.

• Close all applications (including your web browsers and antivirus)
• Double-click on ZHPCleaner to run the tool.
• If you are using Windows Vista, 7/8/10; instead of double-clicking, right-mouse click ZHPCleaner and select "Run as Administrator".
• Please click the "J'accepte/I agree" button.
  • First press the "Scanner" button. Be patient, the scan takes longer than 5mins.
  • Do NOT fix/repair anything yet! Please upload that logfile with your next reply.

Use your installed IOBit Uninstaller to uninstall -

Java 7 Update 17 <-- outdated​

Now install the current version of Sun Java from:

• Go here for 64 bit OS = Sun Java 64 bit Runtime Environment
• Go here for 32 bit OS = Sun Java 32 bit Runtime Environment

NOTE: Please re-read Using MGtools and make sure you accept the TrendMicro HijackThis license agreement by clicking the Accept button twice, as it is missing from your logs and does not show as being installed. Upload an fresh MGLogs.zip, please.

 

You're welcome. Please update to the latest version before following my instructions.

 

Please re-scan with Hitman Pro and have it delete everything under the heading:

• Potential Unwanted Programs

Ignore all other detections.
Afterwards, click the Next button.
Now reboot the PC in order for the changes to take affect.

After reboot and when you are back in Windows, rescan with HitmanPro and upload that new log.

Using AdwCleaner.exe previously downloaded:

• Double click on AdwCleaner.exe to run the tool. (Vista, Win7/8/10 users should right-click and "Run As Administrator")
• Click on the Scan button.
• When the scan has completed, click on the Clean button.
• Press OK when asked to close all programs and follow the on-screen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Upload this log to your next reply.

Now let's clean with ZHPcleaner

• Close all applications (including your web browsers and antivirus)
• Double-click on ZHPCleaner to run the tool.
• If you are using Windows Vista, 7/8/10; instead of double-clicking, right-mouse click ZHPCleaner and select "Run as Administrator".
• Please click the "J'accepte/I agree" button.
  • First press the "Scanner" button. Be patient, the scan takes longer than 5mins.
  • Then press the ''Repair'' button.
• Browsers will automatically shut down.
• A logfile will automatically open after the scan has finished.
• Please upload that logfile with your next reply.

New logs to upload:

HitmanPro.log
AdwCleaner[C#].txt
ZHPcleaner.txt​

Please describe how the pc is running now.

 

Your newfiles.txt log in both MGlogs.zip > "Dumping HKLM Uninstall Programs List" shows Avast Free Antivirus. *How is it now that AVG is the anti-virus???

I want the logs that were generated, as you have been uploading. Transfer them via USB flash drive to the working pc and upload them from there, if need be.

 

Ok, that's solved. The .jpg quality is too poor for me to read. Please provide the actual logs.

 

Please upload the ZHPcleaner log also.

 

Yes!

 

You are logged in an account with Administrator privileges when attempting to change the Avast settings? These are non-malware issues and should be taken up in our software and networking forums.

 

All of that was not necessary - in an account with admin privileges, right-click and "run as admin".

Follow these instructions to restore the Registry Keys. The Web browsers items should remain deleted.

Remove items from ADWcleaner's quarantine folder

• Launch AdwCleaner again
• Click on the Tools tab, then Quarantine manager in the drop-down menu
• Select any items you'd like to move out of Quarantine, then click Restore.
• Close the application then re-boot

 

Please update me on your pc's status.