A great site to analyze the logs is here: http://hijackthis.de
I've done this for you and ehre are the 'nasty' results.
Code:
C:\PROGRA~1\Toolbar\PIB.exe Check with an antivirus scanner Nasty
Nasty running process. (PIB.exe)
PIB Toolbar Spyware
Visitor's assessment: 1 (Definitively malware) This is a nasty process! You should fix it and try to delete it manually!
C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe Check with an antivirus scanner Nasty
Nasty running process. (WToolsA.exe)
Currently there is no visitor's assessment! This is a nasty process! You should fix it and try to delete it manually!
Probably safe.! According to our database this process runs normally in c:\programme\gemeinsame dateien\wintools\! Check if you know this process and arrange a viruscheck where required.
C:\PROGRA~1\COMMON~1\WinTools\WSup.exe Check with an antivirus scanner Nasty
Nasty running process. (WSup.exe)
Currently there is no visitor's assessment! This is a nasty process! You should fix it and try to delete it manually!
Probably safe.! According to our database this process runs normally in c:\programme\gemeinsame dateien\wintools\! Check if you know this process and arrange a viruscheck where required.
C:\PROGRA~1\Toolbar\TBPS.exe Check with an antivirus scanner Nasty
Nasty running process. (TBPS.exe)
WebSearch toolbar, HuntBar parasite variant
Currently there is no visitor's assessment! This is a nasty process! You should fix it and try to delete it manually!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50212 Nasty
Nasty This entry should be fixed by HijackThis!
Currently there is no visitor's assessment! This entry should be fixed by HijackThis!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50212 Nasty
Nasty This entry should be fixed by HijackThis!
Currently there is no visitor's assessment! This entry should be fixed by HijackThis!
R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\PROGRA~1\Toolbar\toolbar.dll Nasty
Nasty Should be fixed if you do not know the application or if no application is mentioned.
Currently there is no visitor's assessment! This entry should be fixed.
O2 - BHO: F1 Organizer Class - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\System32\ATPART~1.DLL Nasty
Nasty Entries found in this registry zone are potentially nasty. This application ([00000EF1-0786-4633-87C6-1AA7A44296DA] - Result: 00000EF1-0786-4633-87C6-1AA7A44296DA) has been checked. Hit rate: 99 %
Currently there is no visitor's assessment! Must be fixed!
O2 - BHO: Replace Search Ctl - {832BEBED-C3DA-4534-A2C2-B2FFF220C820} - C:\WINDOWS\system32\replaceSearch.dll Nasty
Nasty Entries found in this registry zone are potentially nasty. This application ([832BEBED-C3DA-4534-A2C2-B2FFF220C820] - Result: 832BEBED-C3DA-4534-A2C2-B2FFF220C820) has been checked. Hit rate: 99 %
Currently there is no visitor's assessment! Must be fixed!
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll Nasty
Nasty Entries found in this registry zone are potentially nasty. This application ([87766247-311C-43B4-8499-3D5FEC94A183] - Result: 87766247-311C-43B4-8499-3D5FEC94A183) has been checked. Hit rate: 99 %
Currently there is no visitor's assessment! Must be fixed!
O2 - BHO: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\PROGRA~1\Toolbar\toolbar.dll Nasty
Nasty Entries found in this registry zone are potentially nasty. This application ([8952A998-1E7E-4716-B23D-3DBE03910972] - Result: 8952A998-1E7E-4716-B23D-3DBE03910972) has been checked. Hit rate: 99 %
Currently there is no visitor's assessment! Must be fixed!
O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\PROGRA~1\Toolbar\toolbar.dll Nasty
Nasty Entries found in this registry zone are potentially nasty. This application ([339BB23F-A864-48C0-A59F-29EA915965EC] - Result: 339BB23F-A864-48C0-A59F-29EA915965EC) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %
Currently there is no visitor's assessment! Must be fixed!
O3 - Toolbar: searchforit - {C109664B-CEB1-420b-B353-D55A561536DD} - C:\WINDOWS\system32\sfi2.dll Nasty
Nasty Entries found in this registry zone are potentially nasty. This application ([C109664B-CEB1-420b-B353-D55A561536DD] - Result: C109664B-CEB1-420b-B353-D55A561536DD) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %
Currently there is no visitor's assessment! Must be fixed!
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe" Nasty
Nasty TrojanDownloader.Win32. Agent.y
Hit rate: 99 % (result)
Currently there is no visitor's assessment! Must be fixed!
O4 - HKLM\..\Run: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe Nasty
Nasty WebSearch toolbar, HuntBar parasite variant
Hit rate: 99 % (result)
Visitor's assessment: 1 (Definitively malware) Must be fixed!
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\Update\WToolsA.exe update Nasty
Nasty WinTools adware
Hit rate: 99 % (result)
Currently there is no visitor's assessment! Must be fixed!
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} (F1 Organizer Class) - http://www.addictivetechnologies.ne...ab/Ud3rT0n5.cab Nasty
Nasty This entry is possibly nasty.
Currently there is no visitor's assessment! Should be fixed.
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe Nasty
Nasty This entry is possibly nasty.
Currently there is no visitor's assessment! Should be fixed.
O16 - DPF: {5E8FD788-C323-4357-AB76-7CBCEFBA573C} (SpyBouncer.SBDownloader) - http://www.spybouncer.com/downloader.ocx Nasty
Nasty This entry is possibly nasty.
Currently there is no visitor's assessment! Should be fixed.
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab Nasty
Nasty This entry is possibly nasty.
Visitor's assessment: 5 (Very safe) Should be fixed.
O16 - DPF: {87067F04-DE4C-4688-BC3C-4FCF39D609E7} - http://download.websearch.com/Dnl/T_50212/QDow_AS2.cab Nasty
Nasty This entry is possibly nasty.
Currently there is no visitor's assessment! Should be fixed.
Bookmarks