Hallo t´john,
Sorry, hatte nur die aktuellsten gepostet.
Hier sind 4 LOG-Files. Drei sind mit Funden, eines
seit kein Fund mehr deklariert wird.
Nach dem Scannen hatte ich jeweils die Funde
entfernen lassen und den PC neu gestartet.
Liebe Grüsse
halmar
--------------
PUP.MyWebSearchHKCR\CLSID\{14d02517-c8be-4735-a344-3c8366c77aa0}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14D02517-C8BE-4735-A344-3C8366C77AA0}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{14D02517-C8BE-4735-A344-3C8366C77AA0}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{14D02517-C8BE-4735-A344-3C8366C77AA0}
HKCR\CLSID\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebFace_5abar Uninstall
HKCR\CLSID\{b1df253a-9e7a-480d-b6a5-7a435b520dbb}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1DF253A-9E7A-480D-B6A5-7A435B520DBB}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B1DF253A-9E7A-480D-B6A5-7A435B520DBB}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B1DF253A-9E7A-480D-B6A5-7A435B520DBB}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebFace Search Scope Monitor
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339}
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339}
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aSrchMn.exe
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aSrcAs.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5abar.dll
HKCR\CLSID\{498c8ec2-2aba-4f18-a415-e8661aeaf515}
HKCR\TypeLib\{ca039ce1-eee2-4f9f-b2bf-b602ef19d4d3}
HKCR\Interface\{BD91F60F-0512-49B3-9F1F-B60B57341F3D}
HKCR\CLSID\{ec6fab8b-2417-4b2b-813b-e70bbbadf666}
HKCR\TypeLib\{427b96ae-0668-44ba-a694-7966194311e0}
HKCR\Interface\{92523350-85C2-46F3-8B56-8A2B6E3B2E50}
HKCR\MyWebFace_5a.HTMLPanel.1
HKCR\MyWebFace_5a.HTMLPanel
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EC6FAB8B-2417-4B2B-813B-E70BBBADF666}
HKCR\CLSID\{0a9d317b-2882-4bf7-a5ae-9f696d177328}
HKCR\TypeLib\{0b9410d4-adcb-408f-bb37-e3020f64da4a}
HKCR\Interface\{F0D0A65C-6AD4-41D1-8D7D-E189D82DAEAB}
HKCR\MyWebFace_5a.RadioSettings.1
HKCR\MyWebFace_5a.RadioSettings
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aauxstb.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5adlghk.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5ahighin.exe
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5ahkstub.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5ahtml.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aieovr.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5amedint.exe
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aPlugin.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aradio.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aregfft.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5areghk.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aregiet.dll
C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\NP5aStub.dll
Trojan.Phex.THAGen6C:\Users\[Username]\AppData\Local\{73294F5F-6AA6-DD21-F78C-59F6D7473450}\syshost.exe
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|syshost32
C:\Users\[Username]\AppData\Local\Temp\a93acbcc.tmp
C:\Users\[Username]\AppData\Local\Temp\ewcnjxbjsfsaqowlipgmc.exe
C:\Users\[Username]\AppData\Local\Temp\ygkkensmxmmqklhmlahkng.exe
C:\Users\[Username]\AppData\Local\Temp\zfvhjqdgfzi.exe
29.08.2012, 10:03
Baum-Darstellung