Jump to content
reverett

Unable to remove

Recommended Posts

Hello,

SAS is finding the following. I've tried running a normal scan followed by an immediate reboot and a safe mode scan followed by an immediate reboot. Either way I get the same result on the next scan. I've scanned using Spybot and it does not find anything. Would this be considered a false positive or do I need to do something different to remove.

Thanks,

Randall

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 05/05/2009 at 02:04 PM

Application Version : 4.26.1002

Core Rules Database Version : 3878

Trace Rules Database Version: 1826

Scan type : Quick Scan

Total Scan Time : 00:11:58

Memory items scanned : 510

Memory threats detected : 0

Registry items scanned : 368

Registry threats detected : 20

File items scanned : 5175

File threats detected : 0

Registry Cleaner Trial

HKCR\Install.Install

HKCR\Install.Install\CLSID

HKCR\Install.Install\CurVer

HKCR\Install.Install.1

HKCR\Install.Install.1\CLSID

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\InprocServer32

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\InprocServer32#ThreadingModel

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\ProgID

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Programmable

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\TypeLib

HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\VersionIndependentProgID

Adware.Elite Media

HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}

HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}\ProxyStubClsid

HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}\ProxyStubClsid32

HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}\TypeLib

HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}\TypeLib#Version

Share this post


Link to post
Share on other sites

Defs were updated at run time. I will try complete scan in safe mode.

Harmless trace or not, complete scan or not, shouldn't they be removed? The program says they will be removed upon reboot and they are not.

Share this post


Link to post
Share on other sites

Never did get back to you on this. It wasn't removing because the permissions on the registry entries were bad. Added user account to permissions, full control, and set ownership to that account and manually deleted (I'm sure SAS would have been able to remove at that point but I was right there). Ran SAS again, it was clean.

Share this post


Link to post
Share on other sites
Never did get back to you on this. It wasn't removing because the permissions on the registry entries were bad. Added user account to permissions, full control, and set ownership to that account and manually deleted (I'm sure SAS would have been able to remove at that point but I was right there). Ran SAS again, it was clean.

The newer versions of SUPERAntiSpyware (yours is a few months old obviously) will do that for you and you should be all set in the future if it happens again. :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×