AdwCleaner has stopped me from booting into safe mode

user_avatar fixit

Hi,

I had some unwanted popups the other day and seemed to remove them.

As AdwCleaner is recommended for adware/pups, I thought I'd try it out to see if Malwarebytes found everything.

The scan itself was quick, but the removing part took longer, and when it got to the end it crashed (screen went wonky and discoloured, my disabled avira taskbar icon had a big red x through it) and restarted. As soon as it started to reboot I hit F8 to boot into safe mode but it went straight through to full windows. I tried rebooting and hitting F8 twice more. I'm afraid AdwCleaner corrupted more than I can handle.

Can anyone help me with this? Thanks for reading.

Re: AdwCleaner has stopped me from booting into safe mode

Here is the logfile. Two were actually made, 15 minutes apart. This is the later one:

# AdwCleaner v6.010 - Logfile created 01/09/2016 at 19:26:40 # Updated on 12/08/2016 by ToolsLib # Database : 2016-09-01.2 [Server] # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (X86) # Username : # Running from : C:\Users\Downloads\adwcleaner_6.010.exe # Mode: Clean # Support : https://toolslib.net/forum

 

***** [ Services ] *****

 

***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\Avg_Update_0415av [-] Folder deleted: C:\Users\AppData\Roaming\MPC [-] Folder deleted: C:\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineHD.TV [-] Folder deleted: C:\ProgramData\AVG Security Toolbar [#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Security Toolbar

***** [ Files ] *****

 

***** [ DLL ] *****

 

***** [ WMI ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Registry ] *****

[-] Key deleted: HKCU\Software\59e88d9bd3eee14 [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\YahooPartnerToolbar [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\AVG Security Toolbar [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\SweetIM [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Yahoo\Companion [#] Key deleted on reboot: HKCU\Software\YahooPartnerToolbar [-] Key deleted: HKLM\SOFTWARE\Tarma Installer [#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} [#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} [#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com

***** [ Web browsers ] *****

 

*************************

:: "Tracing" keys deleted :: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4772 Bytes] - [01/09/2016 19:26:40] C:\AdwCleaner\AdwCleaner[S0].txt - [4862 Bytes] - [01/09/2016 19:10:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4918 Bytes] ##########

 

Thank you.

Re: AdwCleaner has stopped me from booting into safe mode

Hello,

The logfile seems to be complete, it means that the clean process has been successful, without crashing. Also, I do not see any deleted elements related to safe-mode.

Can you also share the Malwarebytes logfile ?

Best regards,

Re: AdwCleaner has stopped me from booting into safe mode

Hi, thanks for responding.

Well that should be good news!

Is the log file the same as the application file in Malwarebytes? It is not very detailed....

 

Here is the last file of the last scan I did (of several):

Malwarebytes Anti-Malware www.malwarebytes.org

Scan Date: 31/08/2016 Scan Time: 3:25:56 PM Logfile: mbam.txt Administrator: Yes

Version: 2.2.1.1043 Malware Database: v2016.08.31.08 Rootkit Database: v2016.08.15.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled

OS: Windows Vista Service Pack 2 CPU: x86 File System: NTFS User: SSP

Scan Type: Threat Scan Result: Completed Objects Scanned: 288604 Time Elapsed: 31 min, 41 sec

Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Enabled

Processes: 0 (No malicious items detected)

Modules: 0 (No malicious items detected)

Registry Keys: 0 (No malicious items detected)

Registry Values: 0 (No malicious items detected)

Registry Data: 0 (No malicious items detected)

Folders: 0 (No malicious items detected)

Files: 0 (No malicious items detected)

Physical Sectors: 0 (No malicious items detected)

(end)

Here is the first file of the first scan I did when problems arose. Can you tell me if anything looks like anything more than adware? Another question: Avira and Malwarebytes both picked things up and they were quarantined. Should I delete them from the quarantine??

Malwarebytes Anti-Malware www.malwarebytes.org

Scan Date: 29/08/2016 Scan Time: 3:29:20 PM Logfile: mbam1.txt Administrator: Yes

Version: 2.2.1.1043 Malware Database: v2016.08.29.08 Rootkit Database: v2016.08.15.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled

OS: Windows Vista Service Pack 2 CPU: x86 File System: NTFS User: SSP

Scan Type: Threat Scan Result: Completed Objects Scanned: 289486 Time Elapsed: 38 min, 6 sec

Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Enabled

Processes: 0 (No malicious items detected)

Modules: 0 (No malicious items detected)

Registry Keys: 13 PUP.Optional.Incredibar, HKLM\SOFTWARE\CLASSES\APPID\{608D3067-77E8-463D-9084-908966806826}, Quarantined, [ca1255fb8b0f55e1a828bfd725ddba46], Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\APPID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}, Quarantined, [8656a3ad1981ec4a1b406730d82a9868], PUP.Optional.Babylon, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [ae2eea66d1c95ed8acec7c1222e0ea16], PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\DataMngr, Quarantined, [8b5190c041596accc835835ab2518779], PUP.Optional.Iminent, HKLM\SOFTWARE\Iminent, Quarantined, [3f9d113fd0ca9d991e7e4066f112ce32], PUP.Optional.SweetIM, HKLM\SOFTWARE\SweetIM, Quarantined, [0ecefe52e4b623138eff9c1b39ca8d73], PUP.Optional.OnlineHDTV, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dkinklhnkmkhkhofcnapakaoehijaoih, Quarantined, [e4f83e122e6c6ec864b756a6be4555ab], PUP.Optional.SettingsProtector, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pgafcinpmmpklohkojmllohdhomoefph, Quarantined, [855781cf6e2c3ef889dd179d030008f8], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, Quarantined, [c616153ba8f2ed491f4c6178d52d03fd], PUP.Optional.1ClickDownload, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\1ClickDownload, Quarantined, [786478d81288f54135d20492e221b34d], PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\DataMngr, Quarantined, [d606ee621387d75fdd1e1cc15ca78c74], PUP.Optional.SweetIM, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\SweetIM, Quarantined, [fae25af6405a8da95930199e5ea59e62], PUP.Optional.BProtector, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Quarantined, [ab311739a6f404320a2252476e95b14f],

Registry Values: 3 PUP.Optional.BProtector, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [02da81cff1a9350145e8ebeb679c58a8] PUP.Optional.Babylon, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://search.babylon.com/?q={searchTerms}&affID=109220&tt=311012_niche_4412_3&babsrc=SP_ss&mntrId=28f0922e00000000000000027618caac, Quarantined, [30acc68a2d6d93a37875217691724db3] PUP.Optional.Babylon, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, Quarantined, [7b614b05c6d4ea4c36b78512f310e020]

Registry Data: 2 PUP.Optional.Babylon, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://search.babylon.com/?affID=109220&tt=311012_niche_4412_3&babsrc=NT_ss&mntrId=28f0922e00000000000000027618caac, Good: (www.google.com), Bad: (http://search.babylon.com/?affID=109220&tt=311012_niche_4412_3&babsrc=NT_ss&mntrId=28f0922e00000000000000027618caac),Replaced,[95474d03039742f42b947dfade26ff01] PUP.Optional.Babylon, HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://search.babylon.com/?affID=109220&tt=311012_niche_4412_3&babsrc=HP_ss&mntrId=28f0922e00000000000000027618caac, Good: (www.google.com), Bad: (http://search.babylon.com/?affID=109220&tt=311012_niche_4412_3&babsrc=HP_ss&mntrId=28f0922e00000000000000027618caac),Replaced,[f4e888c899019c9a3b838ee9d62ef50b]

Folders: 5 PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [f9e3a6aa6d2d66d0e78aebc0d82aa759], PUP.Optional.OnlineVid, C:\Program Files\OnlineHD.TV, Quarantined, [ba22aea2afeb6fc78b664970936fb848], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer, Quarantined, [706c2828aeec0c2a215befd51be7629e], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}, Quarantined, [706c2828aeec0c2a215befd51be7629e], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache, Quarantined, [706c2828aeec0c2a215befd51be7629e],

Files: 7 PUP.Optional.BProtector, C:\Users\SSP\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences, Quarantined, [06d68bc58b0f87afe9423564a2613cc4], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat, Quarantined, [706c2828aeec0c2a215befd51be7629e], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe, Quarantined, [706c2828aeec0c2a215befd51be7629e], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico, Quarantined, [706c2828aeec0c2a215befd51be7629e], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll, Quarantined, [706c2828aeec0c2a215befd51be7629e], PUP.Optional.BrowserHijack.ShrtCln, C:\Program Files\Internet Explorer\iexplore.bat, Good: (), Bad: (http://www.asearch.online"), Replaced,[0dcf93bd0b8fde58d0109d02ca3ab050] PUP.Optional.BrowserHijack.ShrtCln, C:\Program Files\Mozilla Firefox\firefox.bat, Good: (), Bad: (http://www.asearch.online"), Replaced,[9b41ada3edad85b17a67fea1e81c0ef2]

Physical Sectors: 0 (No malicious items detected)

(end)

Last question: The several (30ish) registry keys that AdwCleaner picked up are just sitting in a folder called "Quarantine". Is it possible or would it be harmful for me to put those back into the registry so that I can access Safe Mode again?

Thanks so much for responding.

Re: AdwCleaner has stopped me from booting into safe mode

Hello,

You can keep the quarantined elements from now, we'll see to delete them when the problems will be solved.

You can make the test to restore the registry elements from AdwCleaner. I doubt it will restore your access to the safe-mode, but we'll see and we'll proceed according to your results.

Best regards,

Re: AdwCleaner has stopped me from booting into safe mode

Hey there,

I'm damn lucky because I had backed up my registry 2 days ago (I forgot until coming across another forum thread.) I just imported it into my registry and although the import did not fully complete (as some elements were currently in use), I WAS able to access the boot menu with F8 and choose Safe Mode after. Whew!

Next thing: AdwCleaner crashed on me at the end as I said, and it has not left an executable file for me to open the program with. Strange? I am still concerned about all the weird stuff it found in the scan such as PUP.Optional.BProtector  and PUP.Optional.Yontoo and C:\ProgramData\Tarma Installer\ that Malwarebytes did not pick up. Would it be safe to uninstall AdwCleaner and reinstall it and run it in safe mode? Would I risk releasing those bugs?

 

Thanks so much again for responding.

Re: AdwCleaner has stopped me from booting into safe mode

Hello,

So, restoring your modifications prior to AdwCleaner processing has re-enabled the safe-mode access ?

Regarding the crash:

Can you launch AdwCleaner (redownload it if needed), click on Tools > Options, and tick "Debug" in "Mode" section. Then, do a scan, and please share the two logfiles:

  • C:\AdwCleaner\AdwCleaner_Debug.log
  • C:\AdwCleaner\AdwCleaner[Sxx].txt (where xx is the greatest number you have)

Best regards,

Re: AdwCleaner has stopped me from booting into safe mode

Good morning! So I re-ran AdwCleaner in Safe Mode, pressed Clean when it found 30 threats, and was once again prevented from a boot menu upon pressing F8 at startup. Argh!  

There is not a file called C:\AdwCleaner\AdwCleaner_Debug.log.

AdwCleaner[C2] looks like this:

# AdwCleaner v6.010 - Logfile created 03/09/2016 at 09:13:48 # Updated on 12/08/2016 by ToolsLib # Database : 2016-09-03.1 [Server] # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (X86) # Username : SSP - JOEY # Running from : C:\Users\SSP\Downloads\adwcleaner_6.010.exe # Mode: Clean # Support : https://toolslib.net/forum

 

***** [ Services ] *****

 

***** [ Folders ] *****

 

***** [ Files ] *****

 

***** [ DLL ] *****

 

***** [ WMI ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Registry ] *****

[-] Key deleted: HKCU\Software\59e88d9bd3eee14 [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\YahooPartnerToolbar [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\AVG Security Toolbar [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\SweetIM [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Yahoo\Companion [#] Key deleted on reboot: HKCU\Software\YahooPartnerToolbar [-] Key deleted: HKLM\SOFTWARE\Tarma Installer [#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} [#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} [#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com

***** [ Web browsers ] *****

 

*************************

:: "Tracing" keys deleted :: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4997 Bytes] - [01/09/2016 19:26:40] C:\AdwCleaner\AdwCleaner[C2].txt - [4496 Bytes] - [03/09/2016 09:13:48] C:\AdwCleaner\AdwCleaner[S0].txt - [4862 Bytes] - [01/09/2016 19:10:46] C:\AdwCleaner\AdwCleaner[S1].txt - [4723 Bytes] - [03/09/2016 09:11:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4715 Bytes] ##########

 

 

 

Re: AdwCleaner has stopped me from booting into safe mode

Hello,

Thanks. I don't really understand: you spoke about a crash, but you have the logfile which shows the clean has completed ?

Can you launch AdwCleaner (redownload it if needed), click on Tools > Options, and tick "Debug" in "Mode" section. Then, do a scan, and please share the two logfiles:

  • C:\AdwCleaner\AdwCleaner_Debug.log
  • C:\AdwCleaner\AdwCleaner[Sxx].txt (where xx is the greatest number you have)

Best regards,

fr33tux, 2016-09-03 04:12:17 (UTC)

Can you share the debug logfile too ?

Re: AdwCleaner has stopped me from booting into safe mode

Ahh yes, my mistake. Here are the two logfiles from a scan I just ran in Debug mode.

AdwCleaner_debug:

2016-09-03 18:38:49 :     <INFO>    [main] - Saving current options to the configuration file 2016-09-03 18:38:50 :     <INFO>    [main.gui] - Scan requested 2016-09-03 18:38:50 :     <INFO>    [scan] - Running from: C:\AdwCleaner 2016-09-03 18:38:50 :     <INFO>    [scan] - Progress: 0% 2016-09-03 18:38:50 :     <INFO>    [database] - Checking for database updates 2016-09-03 18:38:50 :     <INFO>    [main.network] - Updating definitions 2016-09-03 18:38:52 :     <INFO>    [main.network] - Saving the updated definitions 2016-09-03 18:38:53 :     <INFO>    [main.network] - Requesting the lastest database release number 2016-09-03 18:38:54 :     <INFO>    [main.network] - Latest definitions: 5b141ea1dbd0fc9e50b94cc575dfb96e 2016-09-03 18:38:54 :     <INFO>    [database] - Database update succeeded: 5B141EA1DBD0FC9E50B94CC575DFB96E 2016-09-03 18:38:54 :     <INFO>    [scan] - Progress: 5% 2016-09-03 18:38:54 :     <INFO>    [database] - Initialize the database 2016-09-03 18:38:54 :     <INFO>    [database] - Loading sqlite3.dll 2016-09-03 18:39:13 :     <INFO>    [database] - Opening the database 2016-09-03 18:39:13 :     <INFO>    [database] - Querying database's version 2016-09-03 18:39:13 :     <INFO>    [database] - Loading internal data 2016-09-03 18:39:13 :     <INFO>    [database] - Loading detections 2016-09-03 18:39:19 :     <INFO>    [database] - Loading generics 2016-09-03 18:39:19 :     <INFO>    [database] - Closing the database 2016-09-03 18:39:19 :     <INFO>    [database] - Closing database 2016-09-03 18:39:19 :     <INFO>    [database] - Unloading sqlite3.dll 2016-09-03 18:39:19 :     <INFO>    [scan] - Progress: 15% 2016-09-03 18:39:19 :     <INFO>    [scan.generic] - Generating generic detections 2016-09-03 18:39:19 :     <INFO>    [scan.generic] - Generating generic detections [1] 2016-09-03 18:39:19 :     <INFO>    [scan.generic] - Generating generic detections [2] 2016-09-03 18:39:19 :     <INFO>    [scan.generic] - Generating generic detections [3] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [4] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [5] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [6] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [7] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [8] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [9] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [10] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [11] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [12] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [13] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [14] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [15] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [16] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [17] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [18] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [19] 2016-09-03 18:39:20 :     <INFO>    [scan.generic] - Generating generic detections [20] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [21] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [22] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [23] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [24] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [25] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [26] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [27] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [28] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [29] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [30] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [31] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [32] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [33] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [34] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [35] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [36] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [37] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [38] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [39] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [40] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [41] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [42] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [43] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generating generic detections [44] 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Generic detections generated 2016-09-03 18:39:21 :     <INFO>    [scan] - Progress: 20% 2016-09-03 18:39:21 :     <INFO>    [scan.generic] - Starting generic analysis 2016-09-03 18:40:56 :     <WARN>    [scan.generic] - Found HKCU\Software\59e88d9bd3eee14 2016-09-03 18:40:59 :     <INFO>    [scan] - Progress: 30% 2016-09-03 18:40:59 :     <INFO>    [scan.services] - Starting services scan [1] 2016-09-03 18:40:59 :     <INFO>    [scan.services] - Stopping services scan [1] 2016-09-03 18:40:59 :     <INFO>    [scan.services] - Starting services scan [2] 2016-09-03 18:41:00 :     <INFO>    [scan.services] - Stopping services scan [2] 2016-09-03 18:41:00 :     <WARN>    [scan.services] - 0 malicious services found 2016-09-03 18:41:00 :     <INFO>    [scan] - Progress: 40% 2016-09-03 18:41:00 :     <INFO>    [scan.folders] - Starting folders scan 2016-09-03 18:41:14 :     <INFO>    [scan.folders] - Stopping folders scan 2016-09-03 18:41:14 :     <WARN>    [scan.folders] - 0 malicious folders found 2016-09-03 18:41:14 :     <INFO>    [scan] - Progress: 50% 2016-09-03 18:41:14 :     <INFO>    [scan.files] - Starting files scan 2016-09-03 18:41:18 :     <INFO>    [scan.files] - Stopping files scan 2016-09-03 18:41:18 :     <WARN>    [scan.files] - 0 malicious files found 2016-09-03 18:41:18 :     <INFO>    [scan] - Progress: 55% 2016-09-03 18:41:18 :     <INFO>    [scan.dll] - Starting DLL scan 2016-09-03 18:41:19 :     <INFO>    [scan.dll] - Stopping DLL scan 2016-09-03 18:41:19 :     <WARN>    [scan.dll] - 0 malicious DLL found 2016-09-03 18:41:19 :     <INFO>    [scan] - Progress: 60% 2016-09-03 18:41:19 :     <INFO>    [scan.wmi] - Starting WMI scan 2016-09-03 18:41:19 :     <INFO>    [scan.wmi] - Stopping WMI scan 2016-09-03 18:41:19 :     <WARN>    [scan.wmi] - 0 malicious WMI found 2016-09-03 18:41:19 :     <INFO>    [scan] - Progress: 65% 2016-09-03 18:41:19 :     <INFO>    [scan.shortcuts] - Starting shortcuts scan 2016-09-03 18:41:22 :     <ERROR>    [scan.shortcuts] - Cannot scan C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\Netzero Dial-up.lnk 2016-09-03 18:41:22 :     <ERROR>    [scan.shortcuts] - Cannot scan C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\Netzero High-speed.lnk 2016-09-03 18:41:32 :     <INFO>    [scan.shortcuts] - Stopping shortcuts scan 2016-09-03 18:41:32 :     <WARN>    [scan.shortcuts] - 0 malicious shortcuts found 2016-09-03 18:41:32 :     <INFO>    [scan] - Progress: 70% 2016-09-03 18:41:32 :     <INFO>    [scan.tasks] - Starting tasks scan 2016-09-03 18:41:32 :     <INFO>    [scan.tasks] - Stopping tasks scan 2016-09-03 18:41:32 :     <WARN>    [scan.tasks] - 0 malicious tasks found 2016-09-03 18:41:32 :     <INFO>    [scan] - Progress: 75% 2016-09-03 18:41:32 :     <INFO>    [scan.registry] - Starting registry scan [1] 2016-09-03 18:41:36 :     <INFO>    [scan.registry] - Stopping registry scan [1] 2016-09-03 18:41:36 :     <INFO>    [scan.registry] - Starting registry scan [2] 2016-09-03 18:41:40 :     <WARN>    [scan.registry] - Found {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} 2016-09-03 18:41:41 :     <WARN>    [scan.registry] - Found {02478D38-C3F9-4EFB-9B51-7695ECA05670} 2016-09-03 18:41:41 :     <WARN>    [scan.registry] - Found {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} 2016-09-03 18:41:41 :     <WARN>    [scan.registry] - Found {95B7759C-8C7F-4BF1-B163-73684A933233} 2016-09-03 18:41:41 :     <WARN>    [scan.registry] - Found {CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2016-09-03 18:41:41 :     <WARN>    [scan.registry] - Found {EF99BD32-C1FB-11D2-892F-0090271D4F88} 2016-09-03 18:41:41 :     <WARN>    [scan.registry] - Found {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} 2016-09-03 18:41:42 :     <WARN>    [scan.registry] - Found {02478D38-C3F9-4EFB-9B51-7695ECA05670} 2016-09-03 18:41:42 :     <WARN>    [scan.registry] - Found {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} 2016-09-03 18:41:42 :     <WARN>    [scan.registry] - Found {95B7759C-8C7F-4BF1-B163-73684A933233} 2016-09-03 18:41:42 :     <WARN>    [scan.registry] - Found {98889811-442D-49DD-99D7-DC866BE87DBC} 2016-09-03 18:41:42 :     <WARN>    [scan.registry] - Found {EF99BD32-C1FB-11D2-892F-0090271D4F88} 2016-09-03 18:41:42 :     <WARN>    [scan.registry] - Found {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} 2016-09-03 18:41:43 :     <WARN>    [scan.registry] - Found {B2BC04DF-EFBD-409A-95CA-36874E5AB92A} 2016-09-03 18:41:47 :     <INFO>    [scan.registry] - Stopping registry scan [2] 2016-09-03 18:41:47 :     <INFO>    [scan.registry] - Starting registry scan [3] 2016-09-03 18:41:49 :     <WARN>    [scan.registry] - Found YahooPartnerToolbar 2016-09-03 18:41:49 :     <WARN>    [scan.registry] - Found {15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} 2016-09-03 18:41:49 :     <WARN>    [scan.registry] - Found {CD95D125-2992-4858-B3EF-5F6FB52FBAD6} 2016-09-03 18:41:50 :     <WARN>    [scan.registry] - Found AVG Security Toolbar 2016-09-03 18:41:50 :     <WARN>    [scan.registry] - Found SweetIM 2016-09-03 18:41:50 :     <WARN>    [scan.registry] - Found Yahoo\Companion 2016-09-03 18:41:51 :     <WARN>    [scan.registry] - Found YahooPartnerToolbar 2016-09-03 18:41:52 :     <WARN>    [scan.registry] - Found Tarma Installer 2016-09-03 18:41:52 :     <WARN>    [scan.registry] - Found {15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} 2016-09-03 18:41:52 :     <WARN>    [scan.registry] - Found {CD95D125-2992-4858-B3EF-5F6FB52FBAD6} 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [3] 2016-09-03 18:41:53 :     <INFO>    [scan] - Progress: 80% 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [4] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [4] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [5] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [5] 2016-09-03 18:41:53 :     <INFO>    [scan] - Progress: 82% 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [6] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [6] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [7] 2016-09-03 18:41:53 :     <WARN>    [scan.registry] - Found {95B7759C-8C7F-4BF1-B163-73684A933233} 2016-09-03 18:41:53 :     <WARN>    [scan.registry] - Found {CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2016-09-03 18:41:53 :     <WARN>    [scan.registry] - Found {95B7759C-8C7F-4BF1-B163-73684A933233} 2016-09-03 18:41:53 :     <WARN>    [scan.registry] - Found {CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [7] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [8] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [8] 2016-09-03 18:41:53 :     <INFO>    [scan] - Progress: 84% 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [9] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [9] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [10] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [10] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [11] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [11] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [12] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [12] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [13] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [13] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [14] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [14] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [15] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [15] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [16] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [16] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [17] 2016-09-03 18:41:53 :     <WARN>    [scan.registry] - Found babylon.com 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Stopping registry scan [17] 2016-09-03 18:41:53 :     <INFO>    [scan.registry] - Starting registry scan [18] 2016-09-03 18:41:54 :     <INFO>    [scan.registry] - Stopping registry scan [18] 2016-09-03 18:41:54 :     <INFO>    [scan] - Progress: 86% 2016-09-03 18:41:54 :     <INFO>    [scan.registry] - Starting registry scan [19] 2016-09-03 18:41:54 :     <INFO>    [scan.registry] - Stopping registry scan [19] 2016-09-03 18:41:54 :     <INFO>    [scan] - Progress: 88% 2016-09-03 18:41:54 :     <INFO>    [scan.registry] - 30 malicious registry element found 2016-09-03 18:41:54 :     <INFO>    [scan] - Progress: 90% 2016-09-03 18:41:54 :     <INFO>    [main] - Firefox is installed: True 2016-09-03 18:41:54 :     <INFO>    [scan.firefox] - Starting Firefox based browsers scan [1] 2016-09-03 18:42:04 :     <INFO>    [scan.firefox] - Stopping Firefox based browsers scan [1] 2016-09-03 18:42:04 :     <INFO>    [scan.firefox] - Starting Firefox based browsers scan [2] 2016-09-03 18:42:05 :     <INFO>    [scan.firefox] - Stopping Firefox based browsers scan [2] 2016-09-03 18:42:05 :     <INFO>    [scan] - Progress: 92% 2016-09-03 18:42:05 :     <INFO>    [scan.firefox] - Starting Firefox based browsers scan [3] 2016-09-03 18:42:05 :     <INFO>    [scan.firefox] - Reading C:\Users\SSP\AppData\Roaming\Mozilla\Firefox\Profiles\u3hdsjqt.default-1472579803076\prefs.js 2016-09-03 18:42:06 :     <INFO>    [scan.firefox] - Reading C:\Users\SSP\AppData\Roaming\Mozilla\Firefox\Profiles\u3hdsjqt.default-1472579803076\user.js 2016-09-03 18:42:06 :     <WARN>    [scan.firefox] - No profile to scan, skipping 2016-09-03 18:42:06 :     <WARN>    [scan.firefox] - No profile to scan, skipping 2016-09-03 18:42:06 :     <WARN>    [scan.firefox] - No profile to scan, skipping 2016-09-03 18:42:06 :     <INFO>    [scan] - Progress: 94% 2016-09-03 18:42:06 :     <INFO>    [scan.firefox] - Stopping Firefox based browsers scan [3] 2016-09-03 18:42:06 :     <WARN>    [scan.firefox] - 0 malicious Firefox preferences found 2016-09-03 18:42:06 :     <INFO>    [scan] - Progress: 95% 2016-09-03 18:42:06 :     <INFO>    [main] - Chrome is installed: False 2016-09-03 18:42:06 :     <INFO>    [main] - Chrome Canary is installed: False 2016-09-03 18:42:06 :     <INFO>    [main] - Chromium is installed: False 2016-09-03 18:42:06 :     <INFO>    [main] - Dragon is installed: False 2016-09-03 18:42:06 :     <INFO>    [main] - Opera is installed: False 2016-09-03 18:42:06 :     <INFO>    [scan] - Progress: 100% 2016-09-03 18:42:06 :     <INFO>    [scan] - Stopping scan 2016-09-03 18:42:07 :     <INFO>    [main] - Firefox is installed: True 2016-09-03 18:42:07 :     <INFO>    [main] - Chrome is installed: False 2016-09-03 18:42:07 :     <INFO>    [main] - Chrome Canary is installed: False 2016-09-03 18:42:07 :     <INFO>    [main] - Chromium is installed: False 2016-09-03 18:42:07 :     <INFO>    [main] - Dragon is installed: False 2016-09-03 18:42:07 :     <INFO>    [main] - Opera is installed: False 2016-09-03 18:42:08 :     <INFO>    [main] - Firefox is installed: True 2016-09-03 18:42:08 :     <INFO>    [main] - Chrome is installed: False 2016-09-03 18:42:08 :     <INFO>    [main] - Chrome Canary is installed: False 2016-09-03 18:42:08 :     <INFO>    [main] - Chromium is installed: False 2016-09-03 18:42:08 :     <INFO>    [main] - Dragon is installed: False 2016-09-03 18:42:08 :     <INFO>    [main] - Opera is installed: False 2016-09-03 18:42:31 :     <INFO>    [main.gui] - Showing Report window

And, AdwCleaner[S2]:

# AdwCleaner v6.010 - Logfile created 03/09/2016 at 18:42:08
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-09-03.2 [Server]
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (X86)
# Username : SSP - JOEY
# Running from : C:\Users\SSP\Downloads\adwcleaner_6.010.exe
# Mode: Scan
# Support : https://toolslib.net/forum


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious keys found.

***** [ Shortcuts ] *****

No infected shortcut found.

***** [ Scheduled Tasks ] *****

No malicious task found.

***** [ Registry ] *****

Key Found:  HKCU\Software\59e88d9bd3eee14 Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Key Found:  HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\YahooPartnerToolbar Key Found:  HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Found:  HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Found:  HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\AVG Security Toolbar Key Found:  HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\SweetIM Key Found:  HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Yahoo\Companion Key Found:  HKCU\Software\YahooPartnerToolbar Key Found:  HKLM\SOFTWARE\Tarma Installer Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Found:  HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found:  HKU\S-1-5-21-2052785061-3910762923-1482414851-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Key Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com

***** [ Web browsers ] *****

No malicious Firefox based browser items found. No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4997 Bytes] - [01/09/2016 19:26:40] C:\AdwCleaner\AdwCleaner[C2].txt - [4794 Bytes] - [03/09/2016 09:13:48] C:\AdwCleaner\AdwCleaner[S0].txt - [4862 Bytes] - [01/09/2016 19:10:46] C:\AdwCleaner\AdwCleaner[S1].txt - [4723 Bytes] - [03/09/2016 09:11:33] C:\AdwCleaner\AdwCleaner[S2].txt - [4717 Bytes] - [03/09/2016 18:42:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4790 Bytes] ##########

 

And the program ran fine and did not crash this time or last time, sorry for the confusion. It must have crashed because I was not in safe mode the first time. Also, I am not quarantining anything from this scan yet, because it will disable F8 and access to Safe Mode for me again so I will await your input.

 

Thanks!!!!

Re: AdwCleaner has stopped me from booting into safe mode

Hello,

I'm working on it closer, and I'll keep you informed asap (48-72hours).

Sorry for the inconvenience, and thanks for your help :)

Re: AdwCleaner has stopped me from booting into safe mode

Thank you for your attention, I'll check in with you in a few days then! Cheers :)

  1. Home
  2. Forum
  3. AdwCleaner
  4. AdwCleaner has stopped me from booting into safe mode