SUPER AntiSpyware sucessfully dowloaded and installed. All was seeming good, two hours of scanning returned 66 Errors (20+ of which were trojans).
All items were checked and ready to be sent to the quarantine & removal step. When I pressed next Windows crashed and the system restarted.
I am currently trying it one more time again.
??
(One Hour Later)
This time SUPERAntiSpyware scanned and returned the files and placed them into quarantine. Program asked to reboot, and did. This did not cure the problem.
Here is the logs from my 5 seperate scans using SUPER AntiSpyware
Generated 07/31/2009 at 10:24 PMSUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 07/31/2009 at 09:04 PM
Application Version : 4.27.1000
Core Rules Database Version : 4031
Trace Rules Database Version: 1971
Scan type : Complete Scan
Total Scan Time : 01:36:58
Memory items scanned : 467
Memory threats detected : 3
Registry items scanned : 5835
Registry threats detected : 10
File items scanned : 93234
File threats detected : 54
Trojan.Unclassified/C00-WL/G
C:\WINDOWS\SYSTEM32\__C0051F76.DAT
C:\WINDOWS\SYSTEM32\__C0051F76.DAT
C:\WINDOWS\SYSTEM32\__C00C1C3E.DAT
C:\WINDOWS\SYSTEM32\__C00C1C3E.DAT
Trojan.Agent/Gen-NumTemp
C:\WINDOWS\SYSTEM32\24.TMP
C:\WINDOWS\SYSTEM32\24.TMP
Trojan.Unclassified/C00-Installer
[A00F58E9CB8.exe] C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F58E9CB8.EXE
C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F58E9CB8.EXE
[A00FBC5CB.exe] C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00FBC5CB.EXE
C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00FBC5CB.EXE
[A00F58AC3.exe] C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F58AC3.EXE
C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F58AC3.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\_A00F58AC3.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\_A00F58E9CB8.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\_A00FBC5CB.EXE
C:\WINDOWS\Prefetch\_A00F58E9CB8.EXE-2C40FE17.pf
Trojan.Unclassified/C00-WL/B
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\__c0051F76
C:\WINDOWS\SYSTEM32\__C00FD16C.DAT
Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@cms.trafficmp[1].txt
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt
C:\Documents and Settings\Owner\Cookies\owner@atdmt[1].txt
C:\Documents and Settings\Owner\Cookies\owner@rambler[1].txt
C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt
C:\Documents and Settings\Owner\Cookies\owner@ads.bleepingcomputer[2].txt
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
C:\Documents and Settings\Grama\Cookies\grama@2o7[1].txt
C:\Documents and Settings\Grama\Cookies\grama@a1.interclick[2].txt
C:\Documents and Settings\Grama\Cookies\grama@ad.yieldmanager[2].txt
C:\Documents and Settings\Grama\Cookies\grama@ads.adap[1].txt
C:\Documents and Settings\Grama\Cookies\grama@ads.bridgetrack[2].txt
C:\Documents and Settings\Grama\Cookies\grama@ads.funadvice[2].txt
C:\Documents and Settings\Grama\Cookies\grama@ads.veoh[1].txt
C:\Documents and Settings\Grama\Cookies\grama@advertising[2].txt
C:\Documents and Settings\Grama\Cookies\grama@apmebf[1].txt
C:\Documents and Settings\Grama\Cookies\grama@atdmt[2].txt
C:\Documents and Settings\Grama\Cookies\grama@chitika[2].txt
C:\Documents and Settings\Grama\Cookies\grama@collective-media[2].txt
C:\Documents and Settings\Grama\Cookies\grama@content.yieldmanager[3].txt
C:\Documents and Settings\Grama\Cookies\grama@doubleclick[1].txt
C:\Documents and Settings\Grama\Cookies\grama@fastclick[2].txt
C:\Documents and Settings\Grama\Cookies\grama@hc2.humanclick[3].txt
C:\Documents and Settings\Grama\Cookies\grama@imrworldwide[2].txt
C:\Documents and Settings\Grama\Cookies\grama@interclick[1].txt
C:\Documents and Settings\Grama\Cookies\grama@invitemedia[2].txt
C:\Documents and Settings\Grama\Cookies\grama@lfstmedia[2].txt
C:\Documents and Settings\Grama\Cookies\grama@macu.122.2o7[1].txt
C:\Documents and Settings\Grama\Cookies\grama@media.medhelp[1].txt
C:\Documents and Settings\Grama\Cookies\grama@media6degrees[1].txt
C:\Documents and Settings\Grama\Cookies\grama@petfinder[2].txt
C:\Documents and Settings\Grama\Cookies\grama@richmedia.yahoo[1].txt
C:\Documents and Settings\Grama\Cookies\grama@sales.liveperson[3].txt
C:\Documents and Settings\Grama\Cookies\grama@socialmedia[2].txt
C:\Documents and Settings\Grama\Cookies\grama@specificmedia[2].txt
C:\Documents and Settings\Grama\Cookies\grama@windowsmedia[1].txt
C:\Documents and Settings\Grama\Cookies\grama@www.googleadservices[1].txt
C:\Documents and Settings\Grama\Cookies\grama@www.googleadservices[2].txt
C:\Documents and Settings\Grama\Cookies\grama@www.googleadservices[3].txt
C:\Documents and Settings\Grama\Cookies\grama@www.socialtrack[1].txt
Trojan.Unclassified/C00-WL
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#Asynchronous
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#DllName
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#Impersonate
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#Startup
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#Logon
Trace.Known Threat Sources
C:\Documents and Settings\Grama\Local Settings\Temporary Internet Files\Content.IE5\34C1C2IT\FeatTab_Twista_v1[1].gif
C:\Documents and Settings\Grama\Local Settings\Temporary Internet Files\Content.IE5\1XXQRHJ4\mmt[1].htm
C:\Documents and Settings\Grama\Local Settings\Temporary Internet Files\Content.IE5\WJJIKAW8\twista_marquee1[1].swf
Application Version : 4.27.1000
Core Rules Database Version : 4031
Trace Rules Database Version: 1971
Scan type : Complete Scan
Total Scan Time : 00:33:17
Memory items scanned : 437
Memory threats detected : 0
Registry items scanned : 5820
Registry threats detected : 7
File items scanned : 17225
File threats detected : 5
Trojan.Unclassified/C00-WL/A
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\__c00581A0
C:\WINDOWS\SYSTEM32\__C00581A0.DAT
Trojan.Unclassified/C00-WL
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C00581A0
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C00581A0#Asynchronous
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C00581A0#DllName
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C00581A0#Impersonate
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C00581A0#Startup
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C00581A0#Logon
Trojan.Unclassified/C00-Installer
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\_A00F88DA2.EXE
Trace.Known Threat Sources
C:\Documents and Settings\Grama\Local Settings\Temporary Internet Files\Content.IE5\34C1C2IT\FeatTab_Twista_v1[1].gif
C:\Documents and Settings\Grama\Local Settings\Temporary Internet Files\Content.IE5\1XXQRHJ4\mmt[1].htm
C:\Documents and Settings\Grama\Local Settings\Temporary Internet Files\Content.IE5\WJJIKAW8\twista_marquee1[1].swf
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 07/31/2009 at 09:43 PM
Application Version : 4.27.1000
Core Rules Database Version : 4031
Trace Rules Database Version: 1971
Scan type : Quick Scan
Total Scan Time : 00:10:52
Memory items scanned : 434
Memory threats detected : 0
Registry items scanned : 546
Registry threats detected : 0
File items scanned : 6446
File threats detected : 35
Adware.Tracking Cookie
C:\Documents and Settings\Grama\Cookies\grama@advertising[2].txt
C:\Documents and Settings\Grama\Cookies\grama@invitemedia[2].txt
C:\Documents and Settings\Grama\Cookies\grama@sales.liveperson[3].txt
C:\Documents and Settings\Grama\Cookies\grama@petfinder[2].txt
C:\Documents and Settings\Grama\Cookies\grama@windowsmedia[1].txt
C:\Documents and Settings\Grama\Cookies\grama@imrworldwide[2].txt
C:\Documents and Settings\Grama\Cookies\grama@richmedia.yahoo[1].txt
C:\Documents and Settings\Grama\Cookies\grama@ads.veoh[1].txt
C:\Documents and Settings\Grama\Cookies\grama@atdmt[2].txt
C:\Documents and Settings\Grama\Cookies\grama@content.yieldmanager[3].txt
C:\Documents and Settings\Grama\Cookies\grama@ads.bridgetrack[2].txt
C:\Documents and Settings\Grama\Cookies\grama@lfstmedia[2].txt
C:\Documents and Settings\Grama\Cookies\grama@specificmedia[2].txt
C:\Documents and Settings\Grama\Cookies\grama@ad.yieldmanager[2].txt
C:\Documents and Settings\Grama\Cookies\grama@2o7[1].txt
C:\Documents and Settings\Grama\Cookies\grama@chitika[2].txt
C:\Documents and Settings\Grama\Cookies\grama@media.medhelp[1].txt
C:\Documents and Settings\Grama\Cookies\grama@fastclick[2].txt
C:\Documents and Settings\Grama\Cookies\grama@socialmedia[2].txt
C:\Documents and Settings\Grama\Cookies\grama@doubleclick[1].txt
C:\Documents and Settings\Grama\Cookies\grama@www.socialtrack[1].txt
C:\Documents and Settings\Grama\Cookies\grama@interclick[1].txt
C:\Documents and Settings\Grama\Cookies\grama@www.googleadservices[1].txt
C:\Documents and Settings\Grama\Cookies\grama@www.googleadservices[2].txt
C:\Documents and Settings\Grama\Cookies\grama@collective-media[2].txt
C:\Documents and Settings\Grama\Cookies\grama@a1.interclick[2].txt
C:\Documents and Settings\Grama\Cookies\grama@ads.adap[1].txt
C:\Documents and Settings\Grama\Cookies\grama@ads.funadvice[2].txt
C:\Documents and Settings\Grama\Cookies\grama@apmebf[1].txt
C:\Documents and Settings\Grama\Cookies\grama@hc2.humanclick[3].txt
C:\Documents and Settings\Grama\Cookies\grama@macu.122.2o7[1].txt
C:\Documents and Settings\Grama\Cookies\grama@media6degrees[1].txt
C:\Documents and Settings\Grama\Cookies\grama@www.googleadservices[3].txt
Trojan.Unclassified/C00-WL/B
C:\WINDOWS\SYSTEM32\__C00C1C3E.DAT
C:\WINDOWS\SYSTEM32\__C00FD16C.DAT
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 07/31/2009 at 09:25 PM
Application Version : 4.27.1000
Core Rules Database Version : 4031
Trace Rules Database Version: 1971
Scan type : Complete Scan
Total Scan Time : 00:04:36
Memory items scanned : 435
Memory threats detected : 1
Registry items scanned : 5822
Registry threats detected : 14
File items scanned : 432
File threats detected : 12
Trojan.Unclassified/C00-WL/G
C:\WINDOWS\SYSTEM32\__C0082921.DAT
C:\WINDOWS\SYSTEM32\__C0082921.DAT
Trojan.Unclassified/C00-Installer
[A00F4562B.exe] C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F4562B.EXE
C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F4562B.EXE
Trojan.Unclassified/C00-WL/B
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\__c0082921
Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@ads.undertone[2].txt
C:\Documents and Settings\Owner\Cookies\owner@cms.trafficmp[1].txt
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt
C:\Documents and Settings\Owner\Cookies\owner@atdmt[1].txt
C:\Documents and Settings\Owner\Cookies\owner@rambler[1].txt
C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt
C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt
C:\Documents and Settings\Owner\Cookies\owner@ads.bleepingcomputer[2].txt
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt
Trojan.Unclassified/C00-WL
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#Asynchronous
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#DllName
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#Impersonate
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#Startup
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0051F76#Logon
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0082921
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0082921#Asynchronous
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0082921#DllName
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0082921#Impersonate
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0082921#Startup
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0082921#Logon
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 07/31/2009 at 09:13 PM
Application Version : 4.27.1000
Core Rules Database Version : 4031
Trace Rules Database Version: 1971
Scan type : Complete Scan
Total Scan Time : 00:01:06
Memory items scanned : 475
Memory threats detected : 3
Registry items scanned : 666
Registry threats detected : 4
File items scanned : 0
File threats detected : 7
Trojan.Unclassified/C00-WL/A
C:\WINDOWS\SYSTEM32\__C0051F76.DAT
C:\WINDOWS\SYSTEM32\__C0051F76.DAT
Trojan.Unclassified/C00-WL/G
C:\WINDOWS\SYSTEM32\__C0094C4.DAT
C:\WINDOWS\SYSTEM32\__C0094C4.DAT
Trojan.Agent/Gen-NumTemp
C:\WINDOWS\SYSTEM32\24.TMP
C:\WINDOWS\SYSTEM32\24.TMP
Trojan.Unclassified/C00-Installer
[A00F58E9CB8.exe] C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F58E9CB8.EXE
C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F58E9CB8.EXE
[A00FBC5CB.exe] C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00FBC5CB.EXE
C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00FBC5CB.EXE
[A00F58AC3.exe] C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F58AC3.EXE
C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F58AC3.EXE
[A00F4EDE6.exe] C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F4EDE6.EXE
C:\DOCUME~1\OWNER\LOCALS~1\TEMP\_A00F4EDE6.EXE
Edited by ChrisMN, 31 July 2009 - 11:46 PM.