reverett Posted May 6, 2009 Hello, SAS is finding the following. I've tried running a normal scan followed by an immediate reboot and a safe mode scan followed by an immediate reboot. Either way I get the same result on the next scan. I've scanned using Spybot and it does not find anything. Would this be considered a false positive or do I need to do something different to remove. Thanks, Randall SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 05/05/2009 at 02:04 PM Application Version : 4.26.1002 Core Rules Database Version : 3878 Trace Rules Database Version: 1826 Scan type : Quick Scan Total Scan Time : 00:11:58 Memory items scanned : 510 Memory threats detected : 0 Registry items scanned : 368 Registry threats detected : 20 File items scanned : 5175 File threats detected : 0 Registry Cleaner Trial HKCR\Install.Install HKCR\Install.Install\CLSID HKCR\Install.Install\CurVer HKCR\Install.Install.1 HKCR\Install.Install.1\CLSID HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013} HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\InprocServer32 HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\InprocServer32#ThreadingModel HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\ProgID HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Programmable HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\TypeLib HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\VersionIndependentProgID Adware.Elite Media HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3} HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}\ProxyStubClsid HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}\ProxyStubClsid32 HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}\TypeLib HKCR\Interface\{EFDFE6EE-8888-422E-AB3C-B48589338AE3}\TypeLib#Version Share this post Link to post Share on other sites
reverett Posted May 6, 2009 Defs were updated at run time. I will try complete scan in safe mode. Harmless trace or not, complete scan or not, shouldn't they be removed? The program says they will be removed upon reboot and they are not. Share this post Link to post Share on other sites
reverett Posted November 16, 2009 Never did get back to you on this. It wasn't removing because the permissions on the registry entries were bad. Added user account to permissions, full control, and set ownership to that account and manually deleted (I'm sure SAS would have been able to remove at that point but I was right there). Ran SAS again, it was clean. Share this post Link to post Share on other sites
SUPERAntiSpy Posted November 17, 2009 Never did get back to you on this. It wasn't removing because the permissions on the registry entries were bad. Added user account to permissions, full control, and set ownership to that account and manually deleted (I'm sure SAS would have been able to remove at that point but I was right there). Ran SAS again, it was clean. The newer versions of SUPERAntiSpyware (yours is a few months old obviously) will do that for you and you should be all set in the future if it happens again. Share this post Link to post Share on other sites