Re: AdwCleaner has stopped me from booting into safe mode

Good morning! So I re-ran AdwCleaner in Safe Mode, pressed Clean when it found 30 threats, and was once again prevented from a boot menu upon pressing F8 at startup. Argh!  

There is not a file called C:\AdwCleaner\AdwCleaner_Debug.log.

AdwCleaner[C2] looks like this:

# AdwCleaner v6.010 - Logfile created 03/09/2016 at 09:13:48 # Updated on 12/08/2016 by ToolsLib # Database : 2016-09-03.1 [S...

Re: AdwCleaner has stopped me from booting into safe mode

Hey there,

I'm damn lucky because I had backed up my registry 2 days ago (I forgot until coming across another forum thread.) I just imported it into my registry and although the import did not fully complete (as some elements were currently in use), I WAS able to access the boot menu with F8 and choose Safe Mode after. Whew!

Next thing: AdwCleaner crashed on me at the end as I said, and it h...

Re: AdwCleaner has stopped me from booting into safe mode

Hello,

You can keep the quarantined elements from now, we'll see to delete them when the problems will be solved.

You can make the test to restore the registry elements from AdwCleaner. I doubt it will restore your access to the safe-mode, but we'll see and we'll proceed according to your results.

Best regards,

Re: AdwCleaner has stopped me from booting into safe mode

Hi, thanks for responding.

Well that should be good news!

Is the log file the same as the application file in Malwarebytes? It is not very detailed....

 

Here is the last file of the last scan I did (of several):

Malwarebytes Anti-Malware www.malwarebytes.org

Scan Date: 31/08/2016 Scan Time: 3:25:56 PM Logfile: mbam.txt Administrator: Yes

Version: 2.2.1.1043 Malware Database: v2016.08.31...

Re: AdwCleaner has stopped me from booting into safe mode

Here is the logfile. Two were actually made, 15 minutes apart. This is the later one:

# AdwCleaner v6.010 - Logfile created 01/09/2016 at 19:26:40 # Updated on 12/08/2016 by ToolsLib # Database : 2016-09-01.2 [Server] # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (X86) # Username : # Running from : C:\Users\Downloads\adwcleaner_6.010.exe # Mode: Clean # Support : https://...

Re: faux positif base de registre DWGTRUEVIEW

Juste pour prévenir que c'est désormais corrigé.

Désolé pour la gêne occasionnée,

Re: faux positif base de registre DWGTRUEVIEW

Bonjour,

Merci ! Ça sera corrigé dans la journée.

Cordialement,

faux positif base de registre DWGTRUEVIEW

bonjour,

juste pour vous signaler un faux positif dans la détection du registre 

Clé trouvée:  HKU\S-1-5-21-1809650161-3470081474-3047720606-1124\Software\Classes\DWGTrueViewToolCatalog Clé trouvée:  HKCU\Software\Classes\DWGTrueViewToolCatalog

DWG True View est une visionneuse de plan DWG très utilisé dans le monde du dessin :

http://www.autodesk.fr/products/dwg/viewers

merci :)

Re: AdwCleaner can't remove Program Files (x86)\MPC Cleaner

on AdwCleaner by ****

Fortunately, I kept backups of CCleaner's registry deletions, some of which are clearly nothing to do with this adware:

MBAM later found StartGo123, which had been hijacking Chrome.

I imagine the malware writers reading our conversation and learning too, but HTH.

Re: What are these registry keys

It's not really clear, but IOBit is usually considered as PUP, so you can remove them, especially if you do not have installed the software yourself.