Kyotocon Posted November 2, 2008 ID:33349 Share Posted November 2, 2008 How you doin..................Ran Malwarebyytes as usual yesterday and found 3 infections in the registry which cannot remove even after reboot...Malwarebytes' Anti-Malware 1.30Database version: 1351Windows 6.0.6001 Service Pack 102-11-2008 08:53:28mbam-log-2008-11-02 (08-53-28).txtScan type: Quick ScanObjects scanned: 44707Time elapsed: 5 minute(s), 42 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 3Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CLASSES_ROOT\acroiehelper.acroiehlprobj (Adware.Cinmus) -> Delete on reboot.HKEY_CLASSES_ROOT\acroiehelper.acroiehlprobj.1 (Adware.Cinmus) -> Delete on reboot.HKEY_CLASSES_ROOT\CLSID\{06849e9f-c8d7-4d59-b87d-784b7d6be0b3} (Adware.Cinmus) -> Delete on reboot.Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)I know its only a PUA and not potentially malicious .............but is it possible to get rid of this Adware?I have steganos internet suite installed.....Ad Aware, AVG and SuperAntispyware.....CCleaner & Advanced Windows Care. Link to post Share on other sites More sharing options...
elero Posted November 2, 2008 ID:33350 Share Posted November 2, 2008 http://www.malwarebytes.org/forums/index.php?showtopic=7224 Link to post Share on other sites More sharing options...
Kyotocon Posted November 2, 2008 Author ID:33351 Share Posted November 2, 2008 http://www.malwarebytes.org/forums/index.php?showtopic=7224 sorrry still at a loss..............what action do I need to take??is it because I am running Vista?? Link to post Share on other sites More sharing options...
ky331 Posted November 2, 2008 ID:33352 Share Posted November 2, 2008 the other thread was reporting/indicating that the detection of Adobe Reader entries as "adware.cinmus" in database 1351 was a FP (=False Positive)...meaning that it should NOT have been "detected" by MBAM --- such detection was a mistake --- and MBAM has fixed their error with creation of database 1352.if you quarantined these particular entries, they should be restored from quarantine.if you deleted these entries, check to see if adobe reader is functioning properly... and if you have any problems with it, you might need to reinstall reader. Link to post Share on other sites More sharing options...
Kyotocon Posted November 2, 2008 Author ID:33356 Share Posted November 2, 2008 All is well now.................much appreciated...... Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now