Eddy
26
==========================================================================
ANALYZER INFORMATION
bad.dat version : 15
good.dat version : 15
rec.dat version : 8
dasb.dat version : 1
sus.dat version : 3
==========================================================================
VERSION INFORMATION
==========================================================================
GENERAL INFORMATION
All items in the log file which are not shown here
as to be deleted or safe to keep need to be investigated.
This website has a link to a tutorial on the hijackthislog:
http://members.home.nl/acred/cleaning.htm
Also use www.google.com to find out more on items not listed here.
==========================================================================
THESE ITEMS SHOULD BE REMOVED:
\windows\system32\resetservice.exe
\program files\ttxg\atnmtgo.exe
\program files\windupdates\winupdt.exe
o2 - bho: v3boh class - {76eae03c-f2b1-4397-97e8-390920b7c2dc} - c:\program files\ahnlab\v3\v3bar.dll (file missing)
o2 - bho: nls urlcatcher class - {aeecbfda-12fa-4881-bdce-8c3e1ce4b344} - c:\windows\system32\nvms.dll
o2 - bho: (no name) - {c18517da-ca70-46ce-86f4-882f6b62e975} - c:\windows\system32\drivers\user\bms.dll
o4 - hklm..\run: [windupdates] c:\program files\windupdates\winupdt.exe
o8 - extra context menu item: web savings - file://c:\program files\websavingsfromebates\system\temp\ebateswebsavings_script0.htm
o16 - dpf: {15ad4789-cdb4-47e1-a9da-992ee8e6bad6} - http://public.windupdates.com/get_file.php?bt=ie&p=d25687639c9299a76b6a9158ac30f213893caa80138c732235a7f84005dbbdff536e8347975315f82756783740bad9cd433dd9:7e9a9bb989c56a97bbde5ad8573197fa
o16 - dpf: {1de9bb01-b121-401d-8877-bcd5ed5b7ee5} (tpwin control) - http://www.crezio.com/test/leeyunho/alwayson/alwayson.cab
o16 - dpf: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (yinststarter class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
o16 - dpf: {51c99f40-9e0e-4bf1-a92a-77121cc01ad0} (imbcclient control) - http://touch.imbc.com/ocx/touch.cab
o16 - dpf: {62475759-9e84-458e-a1ab-5d2c442adfde} - http://a1540.g.akamai.net/7/1540/52/20040427/qtinstall.info.apple.com/saba/us/win/quicktimeinstaller.exe
o16 - dpf: {6414512b-b978-451d-a0d8-fcfdf33e833c} (wuwebcontrol class) - http://v5.windowsupdate.microsoft.com/v5consumer/v5controls/en/x86/client/wuweb_site.cab?1093175798015
o16 - dpf: {66b30ea0-c033-4d4b-9f90-ea0af07363af} (bugsmediaplayer control) - http://so.bugs.co.kr/bugsoggplay_11.cab
o16 - dpf: {74d05d43-3236-11d4-bdcd-00c04f9a3b61} (housecall control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
o16 - dpf: {7c9edeb2-a2e8-417a-85ec-fc10e9d64e1f} (stonemakeiconctrl class) - http://inc-image.stoneradio.com/activex/stoneicon/stoneradioicon.cab
o16 - dpf: {90231c0e-765e-4429-8f70-f4e9a0f8d348} (webctrl class) - http://www.mukebox.com/mukeplayer/p3aodsvr.cab
o16 - dpf: {a1cccff4-0df9-4ffc-99a3-a37a0f3d8e18} (p3bgset class) - http://player.bugs.co.kr/install/bugsloader20040811.cab
o16 - dpf: {cf362bdb-4ea2-11d5-ab47-000102913414} (setglb control) - http://so.bugs.co.kr/setglb.cab
o16 - dpf: {d8f001c6-43b1-4cfd-9daf-c8beae0e2b6d} (touch control) - http://touch.imbc.com/ocx/online.cab
==========================================================================
THESE ITEMS ARE NOT NEEDED TO LOAD AT BOOTTIME FOR
THE SYSTEM TO WORK, IT IS RECOMMENDED TO REMOVE THEM:
o4 - hklm..\run: [tkbellexe] “c:\program files\common files\real\update_ob\realsched.exe” -osboot
o4 - hkcu..\run: [rsd_hddthermo] c:\program files\hdd thermometer\hdd thermometer.exe
o4 - hkcu..\run: [msmsgs] “c:\program files\messenger\msmsgs.exe” /background
==========================================================================
THE FOLLOWING ITEMS ARE NOT KNOWN. IF YOU HAVE ANY
INFORMATION ABOUT THEM, PLEASE LET US KNOW.
\mykeyword.exe
\program files\mvq\dgc.exe
o2 - bho: cb urlcatcher class - {ce188402-6ee7-4022-8868-ab25173a3e14} - c:\windows\system32\mscb.dll
o2 - bho: adp urlcatcher class - {f4e04583-354e-4076-be7d-ed6a80fd66da} - c:\windows\system32\msbe.dll
o4 - hklm..\run: [hncupdate] c:\windows\system32\hncupdate.exe /a
o4 - hklm..\run: [idv] c:\program files\ttxg\atnmtgo.exe
o4 - hklm..\run: [winagent] c:\mykeyword.exe
o4 - hklm..\run: [nea] c:\program files\mvq\dgc.exe