I ran the following:
ATF Cleaner
System Restore (new restore point)
Adaware
Search and Destroy
AVG
Super AntiSpyware
Panda Activescan
I have the following scan logs at the end of the hijack file
AVG
Super AntiSpyware
Panda
---------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 11:55:17 AM, on 4/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
C:\Program Files\Common Files\AOL\1163211950\ee\AOLSoftware.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Starfish\Sidekick 98\program\sidekick.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ACD Systems\ACDSee\5.0\ACDSee5.exe
C:\Program Files\Common Files\ACD Systems\IDBSvr.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jerry\Desktop\INTERNET\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061103
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061103
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MPFEXE] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1163211950\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://files.member....s/sbc/yinst.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...trl.cab?lmi=100
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
-----------------------------
HiJack uninstall list
ACDSee 5.0 Standard
Ad-Aware SE Personal
Adobe Download Manager 2.2 (Remove Only)
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.9
Adobe Shockwave Player
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Spyware Protection
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
AVG Anti-Spyware 7.5
Backup Plus v7.0
Broadcom Advanced Control Suite
CinepPlayer 30 Update
Corel Paint Shop Pro X
Corel Snapfire Plus
Creative MediaSource
Dell CinePlayer
Dell Driver Reset Tool
Dell Game Console
Dell Media Experience
DellConnect
Digital Content Portal
DISC TITLE PRINTER
Documentation & Support Launcher
Downloader Pro v1.4.2
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVD2one 1.5.1
EasyRecovery Professional
EducateU
Games, Music, & Photos Launcher
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
hp LaserJet-all-in-one
HP Software Update
Internet Service Offers Launcher
J2SE Runtime Environment 5.0 Update 6
LaserAIO
LG USB Modem driver (ver 3.0)
Logitech® Camera Driver
McAfee Uninstaller
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Office Basic Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
MSXML 4.0 SP2 (KB927978)
Nero 6 Ultra Edition
NVIDIA Drivers
OrderReminder hp LaserJet 3015/3020/3030/3380
Outlook Express Quick Backup
Panda ActiveScan
PSPad editor
Quicken 2007
QuickLink Mobile Phonebook
QuickTime
Readiris Pro 9
RealPlayer Basic
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
SearchAssist
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Sidekick 98
Sonic Activation Module
Sonic Advanced Decoder
Sonic Update Manager
Sound Blaster X-Fi
Spybot - Search & Destroy 1.4
SUPERAntiSpyware Free Edition
Time Zone Data Update Tool for Microsoft Office Outlook
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB929338)
Update for Windows XP (KB931836)
URL Assistant
Viewpoint Media Player
Virtual Earth 3D (Beta)
WexTech AnswerWorks
WildTangent Web Driver
Windows Imaging Component
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Yahoo! Install Manager
Yahoo! Music Jukebox
----------------------------------
END OF HIJACK
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 9:47:49 AM 4/22/2007
+ Scan result:
C:\Program Files\Video AX Object\smmon.exe -> Downloader.Zlob.ava : Cleaned.
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP2\A0000014.exe -> Downloader.Zlob.ava : Cleaned.
C:\Program Files\Video AX Object\smunst.exe -> Downloader.Zlob.avb : Cleaned.
C:\Program Files\Video AX Object\spunst.exe -> Downloader.Zlob.bsi : Cleaned.
C:\Program Files\Backup Plus\Backup Sets\Full Backup After New System.bac/Documents and Settings/Jerry/Local Settings/Temp/Cookies/jerry@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Backup Plus\Backup Sets\Full Backup After New System.bac/Documents and Settings/Jerry/Local Settings/Temp/Cookies/[email protected][1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Program Files\Backup Plus\Backup Sets\Full Backup After New System.bac/Documents and Settings/Jerry/Local Settings/Temp/Cookies/jerry@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\Backup Plus\Backup Sets\Full Backup After New System.bac/Documents and Settings/Jerry/Local Settings/Temp/Cookies/jerry@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
::Report end
---------------------
SUPERAntiSpyware Scan Log
Generated 04/22/2007 at 10:45 AM
Application Version : 3.6.1000
Core Rules Database Version : 3222
Trace Rules Database Version: 1233
Scan type : Complete Scan
Total Scan Time : 00:38:45
Memory items scanned : 413
Memory threats detected : 0
Registry items scanned : 6118
Registry threats detected : 30
File items scanned : 55435
File threats detected : 77
Trojan.Media-Codec/V2
HKLM\Software\Classes\CLSID\{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}
HKCR\CLSID\{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}
HKCR\CLSID\{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}
HKCR\CLSID\{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}\InprocServer32
HKCR\CLSID\{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO AX OBJECT\BPVOL.DLL
HKLM\Software\Classes\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}
HKCR\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}
HKCR\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}
HKCR\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}\Implemented Categories
HKCR\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}\InprocServer32
HKCR\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO AX OBJECT\SPLUG.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{F0993251-2512-4710-AF6E-0A13EA199D02}
HKU\S-1-5-21-1592073290-2001170567-2129649398-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{F0993251-2512-4710-AF6E-0A13EA199D02}
HKU\S-1-5-21-1592073290-2001170567-2129649398-1006\Software\Protection Tools
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Protection Volume
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Protection Volume#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Protection Volume#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Plug-in
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Plug-in#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Plug-in#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Messenger
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Messenger#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Messenger#UninstallString
Adware.Tracking Cookie
C:\Documents and Settings\Jerry\Cookies\[email protected][2].txt
C:\Documents and Settings\Jerry\Cookies\jerry@malwarewiped[1].txt
Trojan.Media-Codec
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#user32.dll [ C:\Program Files\Video AX Object\bpmon.exe ]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#rare [ C:\Program Files\Video AX Object\smmain.exe ]
Malware.SpyLocked
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString
Trojan.Unknown Origin
C:\SYSTEM VOLUME INFORMATION\_RESTORE{46DE8921-1D39-44D2-A9E9-64119261F211}\RP2\A0000055.ICO
C:\SYSTEM VOLUME INFORMATION\_RESTORE{46DE8921-1D39-44D2-A9E9-64119261F211}\RP2\A0000057.ICO
Trace.Known Threat Sources
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\slogan[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\navv_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\log2[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\screen[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\btn_buynow[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\how[2].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\icon_help[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\btn_order[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\icon_ignore[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\newspaper[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\btn_freescan[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\bot_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\b_l[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\btn_home[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\b_b[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\box[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\logo_top[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\btn_company[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\bul[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\l[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\h2_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\news_top1[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\btn_features[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\main_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\logotype[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\f_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\t_l[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\blur[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\logo_bot[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\btn_win[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\menu_right[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\h[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\btn_download1[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\b_company[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\nav_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\sep[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\fl_r[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\bot_r[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\b_affiliates[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\what[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\fl_sep[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\btn_features[2].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\nav_r[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\slogan[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\fl_btn[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\btn_support[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\btn_download[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\main_bg[2].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\btn_affiliates[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\fl_l[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\h1_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\btn_company[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\protect[1].png
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\t_r[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\main[1].css
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\flag_fr[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\btn_get[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\main[4].css
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\copy_left[2].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\news_bottom1[2].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\block_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\box[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\btn_buy[2].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\PSOR5TKX\btn_buy[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\btn_overview[1].jpg
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\btn_end[2].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\menu_bg[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\copy_right[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\sep1[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\JNPRJPKW\anim[1].gif
C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\2TBS5KNQ\r[1].jpg
----------------------------------------
Panda Scan Log
Incident Status Location
Potentially unwanted tool:Application/ServUBased.A Not disinfected C:\cave\ServU25f.zip[Setup.exe][SERV-U32.EXE]
Adware:Adware/PestTrap Not disinfected C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\0F77EKH5\aprotectservice[1].htm