here is the notes for superantispyware. ive completed the quick scan which took over an hour. i misread the directions about doing the full scan and looked ahead. i will continue to post and redo the full scan. currently malwarebytes is scanning and i will redo superantispyware full scan aftewards.
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 03/09/2009 at 04:24 AM
Application Version : 4.25.1014
Core Rules Database Version : 3788
Trace Rules Database Version: 1745
Scan type : Quick Scan
Total Scan Time : 01:24:55
Memory items scanned : 1004
Memory threats detected : 0
Registry items scanned : 507
Registry threats detected : 10
File items scanned : 27995
File threats detected : 3
Adware.Vundo Variant
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{85DD4E0D-2B01-4D4D-9E66-3A165AB6EDA4}
HKCR\CLSID\{85DD4E0D-2B01-4D4D-9E66-3A165AB6EDA4}
HKCR\CLSID\{85DD4E0D-2B01-4D4D-9E66-3A165AB6EDA4}\InprocServer32
HKCR\CLSID\{85DD4E0D-2B01-4D4D-9E66-3A165AB6EDA4}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSWOW64\FCCBYQPI.DLL
HKCR\CLSID\{85DD4E0D-2B01-4D4D-9E66-3A165AB6EDA4}
Adware.Tracking Cookie
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\
[email protected][1].txt
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\
[email protected][2].txt
Adware.Vundo Variant/Rel
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#MSServer [ rundll32.exe C:\Windows\system32\fccbYqPi.dll,#1 ]
HKLM\SOFTWARE\Microsoft\RemoveRP
Rogue.Component/Trace
HKLM\Software\Microsoft\02BA766D
HKLM\Software\Microsoft\02BA766D#02ba766d
HKLM\Software\Microsoft\02BA766D#Version