Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{669751ed-d558-49ae-b01a-3b374cc7910e} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a57e074f-56d8-4a33-8112-aac9693aa909} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8b2393-7a6c-4c76-88ce-6b1f6ff6ffe9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54ebd53a-9bc1-480b-966a-843a333ca162} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0c7c23ef-a848-485b-873c-0ed954731014} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\TBH (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\xprepairpro2007 (Rogue.XPRepairPro2007) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0c7c23ef-a848-485b-873c-0ed954731014} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{669751ed-d558-49ae-b01a-3b374cc7910e} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{a57e074f-56d8-4a33-8112-aac9693aa909} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{db8b2393-7a6c-4c76-88ce-6b1f6ff6ffe9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\stup.exe (Adware.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Edward Leung\My Documents\Adobe\keygen.with.active\PhotoShop CS3 Extended Keygen-1.exe (Trojan.Horst) -> Quarantined and deleted successfully.
C:\Documents and Settings\Edward Leung\My Documents\Adobe\keygen.with.active\Soundbooth CS3 Keygen-1.exe (Trojan.Horst) -> Quarantined and deleted successfully.
C:\Documents and Settings\Edward Leung\My Documents\Adobe\ssg\Dreamweaver CS3 VLK.exe (Trojan.Crax) -> Quarantined and deleted successfully.
C:\Documents and Settings\Edward Leung\My Documents\Adobe\ZWT\Acrobat 8 Keygen-2.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\三國志11\uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully 作者: Little熊貓 時間: 2009-4-20 21:44
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:10:24, on 18/4/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00
Boot mode: Normal