Dead Rising 3 softonic viruses

I used adwcleaner to clean these viruses but they just keep on returning after boot-up.

Here are the names:

-Registry- [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wiz

-Web browser- [-] [utorrent.en.softonic.com] [Search Provider] Deleted: utorrent.en.softonic.com [-] [dead-rising-3.en.softonic.com] [Search Provider] Deleted: dead-rising-3.en.softonic.co...

Re: AdwCleaner has stopped me from booting into safe mode

Ahh yes, my mistake. Here are the two logfiles from a scan I just ran in Debug mode.

AdwCleaner_debug:

2016-09-03 18:38:49 :     <INFO>    [main] - Saving current options to the configuration file 2016-09-03 18:38:50 :     <INFO>    [main.gui] - Scan requested 2016-09-03 18:38:50 :     <INFO>    [scan] - Running from: C:\AdwCleaner 2016-09-03 18:38:50 :     <INFO>    [scan] - Progress: 0% 20...

Re: AdwCleaner has stopped me from booting into safe mode

Good morning! So I re-ran AdwCleaner in Safe Mode, pressed Clean when it found 30 threats, and was once again prevented from a boot menu upon pressing F8 at startup. Argh!  

There is not a file called C:\AdwCleaner\AdwCleaner_Debug.log.

AdwCleaner[C2] looks like this:

# AdwCleaner v6.010 - Logfile created 03/09/2016 at 09:13:48 # Updated on 12/08/2016 by ToolsLib # Database : 2016-09-03.1 [S...

Re: AdwCleaner has stopped me from booting into safe mode

Hey there,

I'm damn lucky because I had backed up my registry 2 days ago (I forgot until coming across another forum thread.) I just imported it into my registry and although the import did not fully complete (as some elements were currently in use), I WAS able to access the boot menu with F8 and choose Safe Mode after. Whew!

Next thing: AdwCleaner crashed on me at the end as I said, and it h...

Re: AdwCleaner has stopped me from booting into safe mode

Hello,

You can keep the quarantined elements from now, we'll see to delete them when the problems will be solved.

You can make the test to restore the registry elements from AdwCleaner. I doubt it will restore your access to the safe-mode, but we'll see and we'll proceed according to your results.

Best regards,

Re: AdwCleaner has stopped me from booting into safe mode

Hi, thanks for responding.

Well that should be good news!

Is the log file the same as the application file in Malwarebytes? It is not very detailed....

 

Here is the last file of the last scan I did (of several):

Malwarebytes Anti-Malware www.malwarebytes.org

Scan Date: 31/08/2016 Scan Time: 3:25:56 PM Logfile: mbam.txt Administrator: Yes

Version: 2.2.1.1043 Malware Database: v2016.08.31...

Re: AdwCleaner has stopped me from booting into safe mode

Here is the logfile. Two were actually made, 15 minutes apart. This is the later one:

# AdwCleaner v6.010 - Logfile created 01/09/2016 at 19:26:40 # Updated on 12/08/2016 by ToolsLib # Database : 2016-09-01.2 [Server] # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (X86) # Username : # Running from : C:\Users\Downloads\adwcleaner_6.010.exe # Mode: Clean # Support : https://...

Re: AdwCleaner can't remove Program Files (x86)\MPC Cleaner

on AdwCleaner by ****

Fortunately, I kept backups of CCleaner's registry deletions, some of which are clearly nothing to do with this adware:

MBAM later found StartGo123, which had been hijacking Chrome.

I imagine the malware writers reading our conversation and learning too, but HTH.

Re: What are these registry keys

It's not really clear, but IOBit is usually considered as PUP, so you can remove them, especially if you do not have installed the software yourself.

Re: AdwCleaner can't remove Program Files (x86)\MPC Cleaner

on AdwCleaner by ****

Have now run CCleaner to clean Registry and remove many, but not all, references to BrowserAir.

Windows: Settings: System: Default apps: Choose default applications by file type: .htm no longer shows BrowserAir.