AfterAd-Aware SEremoval, still appears

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

+sorry just repost in the appropriate OS newsgroup

Ran the Ad-Aware SE scan found and deleted it. So it says but when I rescan
it, Win32 AdWare.Cinmus still show up (either in Normal ot Safe mode).
Its location CLSID \{385ABBC-FB22-4D17-8834-064E2BA0A6F0}

which when I go to the registry/location and expand there are 2 items
+ InprocServer32 - hightlight and right pan shows
default REG_SZ C:\DOC & SettING\ALL USERS\APPLICATION
DATA\MICROSOFT\PCTOOLS\PCTOOLS.DLL
Threading Model REG_SZ Apartment

+TypeLib and hightlight and right pan shows
the default REG_SZ {385ABBC-FB22-4D17-8834-064E2BA0A6F0}

can some advice what shall I do here? On item 1 do I hightlight the
Threading Model on the right pan and delete this item or instead of
'Apartment' leave it blank o

Many thanks for your education.
 
Hello labfuji,

What posting are you talking about? Subject: Heur/Malware?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm
 
In the broad sense, guess they are related as the pc is infected. On the
second posting is really how can I remove the infection manually of the
Ad-Aware SE scan result which shows "Win32 AdWare.Cinmus "
Hope this clarify your point and thanks
 
labfuji said:
+sorry just repost in the appropriate OS newsgroup

Ran the Ad-Aware SE scan found and deleted it. So it says but when I rescan
it, Win32 AdWare.Cinmus still show up (either in Normal ot Safe mode).
Its location CLSID \{385ABBC-FB22-4D17-8834-064E2BA0A6F0}

which when I go to the registry/location and expand there are 2 items
+ InprocServer32 - hightlight and right pan shows
default REG_SZ C:\DOC & SettING\ALL USERS\APPLICATION
DATA\MICROSOFT\PCTOOLS\PCTOOLS.DLL
Threading Model REG_SZ Apartment

+TypeLib and hightlight and right pan shows
the default REG_SZ {385ABBC-FB22-4D17-8834-064E2BA0A6F0}

can some advice what shall I do here? On item 1 do I hightlight the
Threading Model on the right pan and delete this item or instead of
'Apartment' leave it blank o
It sounds like it's part of a download from Microsoft. I suggest this is
not a necessary part of Win2k, unless you intentionally downloaded some
update from MS. First back up your registry. Open registry, starting at
the top, go to edit/find then type in pc toools and delete every
instance of it, but be careful not to delete anything else. I'd also
delete the pctools folder and the files it contains from the C: drive.
Reboot the PC and see what happens.
 
Back
Top