Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: RUNDLL Fehlermeldung beim Starten des Laptops

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.07.2012, 12:50   #1
Pimo
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Hallo zusammen,
ich bin auf der Suche nach einer Lösung zum o.g. Problem auf das Forum hier gestoßen und bin etwas verunsichert was ich mir da eingefangen habe. Beim Start meines Notebooks kam eine Fehlermeldung "Rundll Fehler ....." Ich habe das zu schnell weggeklickt und dadurch nicht exakt lesen können(mein Fehler).

Ich habe bereits Malwarebytes Anti-Malware heruntergeladen und installiert. Habe dann auch umgehend einen vollständingen Scan begonnen und habe jetzt schon 2 infizierte Objekte.

Was sollte ich nun weiter tun und vorallem beachten?


MfG Pimo

Hier ist der Malware Logbericht:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.13.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Max :: Mustermann-PC [Administrator]

Schutz: Aktiviert

13.07.2012 13:32:13
mbam-log-2012-07-13 (13-32-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 355710
Laufzeit: 1 Stunde(n), 12 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Program Files (x86)\Age of Empires 2\Tools\DirectDraw Patcher\w7ddpatcher.exe (HackTool.Patch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Yannick\AppData\Local\Temp\nsmDBA3.tmp (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Alt 14.07.2012, 16:59   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Code:
ATTFilter
C:\Program Files (x86)\Age of Empires 2\Tools\DirectDraw Patcher\w7ddpatcher.exe (HackTool.Patch)
         
Was genau soll das sein, aus welcher Quelle?
__________________

__________________

Alt 15.07.2012, 10:10   #3
Pimo
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Hallo Cosinus, danke für deine Hilfe!!

Also ich habe vor ein paar Tagen das PC Spiel Age of Empires vom Kumpel draufgespielt bekommen. Ist das eine schädliche Datei gewesen?

Gruß
__________________

Alt 15.07.2012, 17:01   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Das Teil sieht nach einem Grafikpatch aus, aber ich sollte dich unbedingt warnen: wardas Spiel eine Originalversion bzw. waren da irgendwelche Cracks oder Keygens im Spiel? Cracks/Keygens ausführen ist eine fast 100%ig sichere Methode sich sein Windows zu verseuchen!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.07.2012, 17:04   #5
Pimo
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Ich kann es dir nicht sagen, habe es aber umgehend entfernt.
Was sagst du zu den anderen infizierten Objekten die ich gepostet habe? Habe nun bei Neustarts keine Fehlermeldung mehr.

Danke


Alt 15.07.2012, 18:27   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.
__________________
--> RUNDLL Fehlermeldung beim Starten des Laptops

Alt 15.07.2012, 18:45   #7
Pimo
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Ne, das was oben steht war bisher mein einziger Scan und daher auch Log. Ich habe mich nach der Fehlermeldung im Internet umgeschaut und bin dadurch halt hier im Forum gelandet. Daher habe ich vorab schon einen Vollscan durchgeführt und die drei infizierten Dateien gemeldet bekommen.

Danke für deine Hilfe cosinus!!

Alt 15.07.2012, 20:04   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Führ bitte auch ESET aus, danach sehen wir weiter.

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner

Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Haken bei Yes, i accept the Terms of Use.
  • Drücke den Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives".
  • Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
  • drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
Drücke bitte die + R Taste und kopiere folgenden Text in das Ausführen Fenster.
Code:
ATTFilter
"%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
         
Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Code:
ATTFilter
"%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
         
Poste nun den Inhalt der log.txt.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.07.2012, 23:02   #9
Pimo
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Hier der Inhalt der Logdatei:

ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c06271e71c9584409605a8b2697bcdab
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-15 09:59:51
# local_time=2012-07-15 11:59:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 12349629 12349629 0 0
# compatibility_mode=5893 16776573 100 94 16447 94015133 0 0
# compatibility_mode=8192 67108863 100 0 801 801 0 0
# compatibility_mode=9217 16777214 75 66 12275605 64658913 0 0
# scanned=163923
# found=0
# cleaned=0
# scan_time=4308



danke

Alt 16.07.2012, 15:59   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.07.2012, 17:55   #11
Pimo
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Nochmals vielen Dank cosinus für deine Hilfe, ich kann das nicht häufig genug sagen!!

# AdwCleaner v1.702 - Logfile created 07/16/2012 at 18:51:33
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Max - Mustermann-PC
# Running from : C:\Users\Mustermann\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Mustermann\AppData\Local\Babylon
Folder Found : C:\Users\Mustermann\AppData\Local\Conduit
Folder Found : C:\Users\Mustermann\AppData\Local\Linkury
Folder Found : C:\Users\Mustermann\AppData\Local\TempDir
Folder Found : C:\Users\Mustermann\AppData\Local\Temp\BabylonToolbar
Folder Found : C:\Users\Mustermann\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Mustermann\AppData\LocalLow\Conduit
Folder Found : C:\Users\Mustermann\AppData\LocalLow\ZoneAlarm-Sicherheit
Folder Found : C:\Users\Mustermann\AppData\Roaming\Babylon
Folder Found : C:\Users\Mustermann\AppData\Roaming\loadtbs
Folder Found : C:\Users\Mustermann\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Mustermann\AppData\Roaming\pdfforge
Folder Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\ConduitCommon
Folder Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\Smartbar
Folder Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ZoneAlarm-Sicherheit
File Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\Conduit.xml
File Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\Linkury Smartbar Search.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2319825[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\ZoneAlarm-Sicherheit
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
[x64] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=fa79c3e20000000000000022fbab5e38
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\prefs.js

Found : user_pref("CT2319825.1000082.currentList", "[{\"stationId\":\"11949532\",\"url\":\"hxxp://gffstream.[...]
Found : user_pref("CT2319825.1000082.isPlayDisplay", "true");
Found : user_pref("CT2319825.1000082.localStations", "[{\"stationId\":\"8546\",\"url\":\"hxxp://stream.radio[...]
Found : user_pref("CT2319825.1000082.nowPlaying", "{\"stationId\":\"11949532\",\"url\":\"hxxp://gffstream.ic[...]
Found : user_pref("CT2319825.1000082.publisherStations", "[{\"stationId\":\"11949532\",\"url\":\"hxxp://gffs[...]
Found : user_pref("CT2319825.1000082.state", "{\"state\":\"stopped\",\"text\":\"1Live\",\"description\":\"1L[...]
Found : user_pref("CT2319825.1000234.TWC_TMP_city", "BERLIN");
Found : user_pref("CT2319825.1000234.TWC_TMP_country", "DE");
Found : user_pref("CT2319825.128898076802619659.isToggled_item0_11", "true");
Found : user_pref("CT2319825.129714600517272937.APP_WIN_FEATURES", "resizable=no,scrollbars=no,titlebar=no,o[...]
Found : user_pref("CT2319825.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2319825.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"fal[...]
Found : user_pref("CT2319825.FirstTime", "true");
Found : user_pref("CT2319825.FirstTimeFF3", "true");
Found : user_pref("CT2319825.ID", "40526066");
Found : user_pref("CT2319825.UserID", "UN22821896514431572");
Found : user_pref("CT2319825.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2319825.autoDisableScopes", -1);
Found : user_pref("CT2319825.autocompletepro_enable", "1");
Found : user_pref("CT2319825.autocompletepro_enable_auto", "1");
Found : user_pref("CT2319825.browser.search.defaultthis.engineName", true);
Found : user_pref("CT2319825.defaultSearch", "true");
Found : user_pref("CT2319825.embeddedsData", "[{\"appId\":\"128898076802619666\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT2319825.enableAlerts", "always");
Found : user_pref("CT2319825.enableFix404", "true");
Found : user_pref("CT2319825.enableSearchFromAddressBar", "true");
Found : user_pref("CT2319825.firstTimeDialogOpened", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT2319825.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2319825.fixUrls", true);
Found : user_pref("CT2319825.installId", "ConduitNSISIntegration");
Found : user_pref("CT2319825.installType", "ConduitXPEIntegration");
Found : user_pref("CT2319825.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2319825.isNewTabEnabled", false);
Found : user_pref("CT2319825.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2319825.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2319825.keyword", true);
Found : user_pref("CT2319825.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Found : user_pref("CT2319825.openThankYouPage", "false");
Found : user_pref("CT2319825.openUninstallPage", "true");
Found : user_pref("CT2319825.search.searchAppId", "128898076802619666");
Found : user_pref("CT2319825.search.searchCount", "0");
Found : user_pref("CT2319825.searchInNewTabEnabled", "false");
Found : user_pref("CT2319825.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2319825.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Found : user_pref("CT2319825.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2319825.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2319825.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2319825.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT2319825.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1332799862732");
Found : user_pref("CT2319825.serviceLayer_services_appTracking_lastUpdate", "1332799864587");
Found : user_pref("CT2319825.serviceLayer_services_appsMetadata_lastUpdate", "1332799862599");
Found : user_pref("CT2319825.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1332799863085");
Found : user_pref("CT2319825.serviceLayer_services_login_10.10.20.14_lastUpdate", "1342388425834");
Found : user_pref("CT2319825.serviceLayer_services_login_10.7.6.2_lastUpdate", "1332834632530");
Found : user_pref("CT2319825.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1332799862815");
Found : user_pref("CT2319825.serviceLayer_services_searchAPI_lastUpdate", "1332799862615");
Found : user_pref("CT2319825.serviceLayer_services_serviceMap_lastUpdate", "1342374024758");
Found : user_pref("CT2319825.serviceLayer_services_toolbarContextMenu_lastUpdate", "1332799862792");
Found : user_pref("CT2319825.serviceLayer_services_toolbarSettings_lastUpdate", "1342384477328");
Found : user_pref("CT2319825.serviceLayer_services_translation_lastUpdate", "1342374025548");
Found : user_pref("CT2319825.settingsINI", true);
Found : user_pref("CT2319825.shouldFirstTimeDialog", "false");
Found : user_pref("CT2319825.smartbar.CTID", "CT2319825");
Found : user_pref("CT2319825.smartbar.Uninstall", "0");
Found : user_pref("CT2319825.smartbar.isHidden", true);
Found : user_pref("CT2319825.smartbar.toolbarName", "Winload ");
Found : user_pref("CT2319825.startPage", "userChanged");
Found : user_pref("CT2319825.toolbarBornServerTime", "27-3-2012");
Found : user_pref("CT2319825.toolbarCurrentServerTime", "16-7-2012");
Found : user_pref("CT2613550..clientLogIsEnabled", false);
Found : user_pref("CT2613550..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2613550..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2613550.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2613550.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2613550.CTID", "CT2613550");
Found : user_pref("CT2613550.CurrentServerDate", "7-3-2012");
Found : user_pref("CT2613550.DSChangedManually", false);
Found : user_pref("CT2613550.DSInstall", true);
Found : user_pref("CT2613550.DSProtectChoice", true);
Found : user_pref("CT2613550.DSProtectCount", 1);
Found : user_pref("CT2613550.DialogsAlignMode", "LTR");
Found : user_pref("CT2613550.DialogsGetterLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.DownloadReferralCookieData", "");
Found : user_pref("CT2613550.EMailNotifierPollDate", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.FirstServerDate", "24-2-2012");
Found : user_pref("CT2613550.FirstTime", true);
Found : user_pref("CT2613550.FirstTimeFF3", true);
Found : user_pref("CT2613550.FixPageNotFoundErrors", true);
Found : user_pref("CT2613550.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2613550.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2613550.HPInstall", false);
Found : user_pref("CT2613550.HPProtectChoice", true);
Found : user_pref("CT2613550.HPProtectCount", 1);
Found : user_pref("CT2613550.HasUserGlobalKeys", true);
Found : user_pref("CT2613550.HomePageProtectorEnabled", false);
Found : user_pref("CT2613550.HomepageBeforeUnload", "hxxp://www.google.de/");
Found : user_pref("CT2613550.Initialize", true);
Found : user_pref("CT2613550.InitializeCommonPrefs", true);
Found : user_pref("CT2613550.InstallationAndCookieDataSentCount", 2);
Found : user_pref("CT2613550.InstallationType", "UnknownIntegration");
Found : user_pref("CT2613550.InstalledDate", "Fri Feb 24 2012 21:03:39 GMT+0100");
Found : user_pref("CT2613550.IsAlertDBUpdated", true);
Found : user_pref("CT2613550.IsGrouping", false);
Found : user_pref("CT2613550.IsInitSetupIni", true);
Found : user_pref("CT2613550.IsMulticommunity", false);
Found : user_pref("CT2613550.IsOpenThankYouPage", false);
Found : user_pref("CT2613550.IsOpenUninstallPage", true);
Found : user_pref("CT2613550.IsProtectorsInit", true);
Found : user_pref("CT2613550.LanguagePackLastCheckTime", "Wed Mar 07 2012 21:08:50 GMT+0100");
Found : user_pref("CT2613550.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2613550.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2613550.LastLogin_3.9.0.3", "Wed Mar 07 2012 21:08:50 GMT+0100");
Found : user_pref("CT2613550.LatestVersion", "3.9.0.3");
Found : user_pref("CT2613550.Locale", "de-de");
Found : user_pref("CT2613550.MCDetectTooltipHeight", "83");
Found : user_pref("CT2613550.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2613550.MCDetectTooltipWidth", "295");
Found : user_pref("CT2613550.MyStuffEnabledAtInstallation", false);
Found : user_pref("CT2613550.OriginalFirstVersion", "3.9.0.3");
Found : user_pref("CT2613550.SearchCaption", "ZoneAlarm-Sicherheit Customized Web Search");
Found : user_pref("CT2613550.SearchEngineBeforeUnload", "ZoneAlarm-Sicherheit Customized Web Search");
Found : user_pref("CT2613550.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2613550.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Found : user_pref("CT2613550.SearchInNewTabEnabled", true);
Found : user_pref("CT2613550.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2613550.SearchInNewTabLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2613550.SearchProtectorEnabled", true);
Found : user_pref("CT2613550.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2613550.SendProtectorDataViaLogin", true);
Found : user_pref("CT2613550.ServiceMapLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.SettingsLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.SettingsLastUpdate", "1321973076");
Found : user_pref("CT2613550.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2613550&SearchSource=13");
Found : user_pref("CT2613550.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2613550.ThirdPartyComponentsLastCheck", "Fri Feb 24 2012 21:03:30 GMT+0100");
Found : user_pref("CT2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Found : user_pref("CT2613550.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2613550.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2613550");
Found : user_pref("CT2613550.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2613550.Uninstall", true);
Found : user_pref("CT2613550.UserID", "UN17207794001450359");
Found : user_pref("CT2613550.alertChannelId", "1006347");
Found : user_pref("CT2613550.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2613550.globalFirstTimeInfoLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2613550.initDone", true);
Found : user_pref("CT2613550.isAppTrackingManagerOn", true);
Found : user_pref("CT2613550.myStuffEnabled", true);
Found : user_pref("CT2613550.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2613550.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2613550.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2613550.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2613550.oldAppsList", "129171076488700693,129171076488856944,111,129171076488856945,129[...]
Found : user_pref("CT2613550.revertSettingsEnabled", true);
Found : user_pref("CT2613550.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2613550.searchProtectorEnableByLogin", true);
Found : user_pref("CT2613550.testingCtid", "");
Found : user_pref("CT2613550.toolbarAppMetaDataLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.toolbarContextMenuLastCheckTime", "Fri Feb 24 2012 21:03:39 GMT+0100");
Found : user_pref("CT2613550.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitSearchList", "ZoneAlarm-Sicherheit Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2613550/CT2613550[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1006347/1002062/DE", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2613550", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2613550",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/50/261/CT2613550/Images/6340849712463612[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Yannick\\AppData\\Roaming\\Mozilla\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2613550");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2613550");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2613550");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "1e725ed5-5717-44e5-9863-96e9f6dc6b17");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613550");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 24 2012 21:03:3[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Feb 24 2012 21:03:45 GMT+010[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 24 2012 21:03:33 GMT+0100");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "3e31fefe-a4cc-442e-a7b1-c25d03c7a980");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.de/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110141");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "fa79c3e20000000000000022fbab5e38");
Found : user_pref("extensions.BabylonToolbar_i.id", "fa79c3e20000000000000022fbab5e38");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15426");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.ovrDmn", "isearch.babylon.com");
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:22:40");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB3&ctid=CT2319825&Search[...]
Found : user_pref("tfp.CT2319825", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mustermann\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26704 octets] - [16/07/2012 18:51:33]

########## EOF - C:\AdwCleaner[R1].txt - [26833 octets] ##########

Alt 16.07.2012, 22:11   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.07.2012, 22:29   #13
Pimo
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



# AdwCleaner v1.702 - Logfile created 07/16/2012 at 23:25:07
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Mustermann - Mustermann-PC
# Running from : C:\Users\Mustermann\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Mustermann\AppData\Local\Babylon
Folder Deleted : C:\Users\Mustermann\AppData\Local\Conduit
Folder Deleted : C:\Users\Mustermann\AppData\Local\Linkury
Folder Deleted : C:\Users\Mustermann\AppData\Local\TempDir
Folder Deleted : C:\Users\Mustermann\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Mustermann\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Mustermann\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mustermann\AppData\LocalLow\ZoneAlarm-Sicherheit
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\loadtbs
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\ConduitCommon
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\Smartbar
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ZoneAlarm-Sicherheit
File Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\Linkury Smartbar Search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2319825[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ZoneAlarm-Sicherheit

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=fa79c3e20000000000000022fbab5e38 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\prefs.js

C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\user.js ... Deleted !

Deleted : user_pref("CT2319825.1000082.currentList", "[{\"stationId\":\"11949532\",\"url\":\"hxxp://gffstream.[...]
Deleted : user_pref("CT2319825.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT2319825.1000082.localStations", "[{\"stationId\":\"8546\",\"url\":\"hxxp://stream.radio[...]
Deleted : user_pref("CT2319825.1000082.nowPlaying", "{\"stationId\":\"11949532\",\"url\":\"hxxp://gffstream.ic[...]
Deleted : user_pref("CT2319825.1000082.publisherStations", "[{\"stationId\":\"11949532\",\"url\":\"hxxp://gffs[...]
Deleted : user_pref("CT2319825.1000082.state", "{\"state\":\"stopped\",\"text\":\"1Live\",\"description\":\"1L[...]
Deleted : user_pref("CT2319825.1000234.TWC_TMP_city", "BERLIN");
Deleted : user_pref("CT2319825.1000234.TWC_TMP_country", "DE");
Deleted : user_pref("CT2319825.128898076802619659.isToggled_item0_11", "true");
Deleted : user_pref("CT2319825.129714600517272937.APP_WIN_FEATURES", "resizable=no,scrollbars=no,titlebar=no,o[...]
Deleted : user_pref("CT2319825.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2319825.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"fal[...]
Deleted : user_pref("CT2319825.FirstTime", "true");
Deleted : user_pref("CT2319825.FirstTimeFF3", "true");
Deleted : user_pref("CT2319825.ID", "40526066");
Deleted : user_pref("CT2319825.UserID", "UN22821896514431572");
Deleted : user_pref("CT2319825.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2319825.autoDisableScopes", -1);
Deleted : user_pref("CT2319825.autocompletepro_enable", "1");
Deleted : user_pref("CT2319825.autocompletepro_enable_auto", "1");
Deleted : user_pref("CT2319825.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT2319825.defaultSearch", "true");
Deleted : user_pref("CT2319825.embeddedsData", "[{\"appId\":\"128898076802619666\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2319825.enableAlerts", "always");
Deleted : user_pref("CT2319825.enableFix404", "true");
Deleted : user_pref("CT2319825.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2319825.firstTimeDialogOpened", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT2319825.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2319825.fixUrls", true);
Deleted : user_pref("CT2319825.installId", "ConduitNSISIntegration");
Deleted : user_pref("CT2319825.installType", "ConduitXPEIntegration");
Deleted : user_pref("CT2319825.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2319825.isNewTabEnabled", false);
Deleted : user_pref("CT2319825.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2319825.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2319825.keyword", true);
Deleted : user_pref("CT2319825.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT2319825.openThankYouPage", "false");
Deleted : user_pref("CT2319825.openUninstallPage", "true");
Deleted : user_pref("CT2319825.search.searchAppId", "128898076802619666");
Deleted : user_pref("CT2319825.search.searchCount", "0");
Deleted : user_pref("CT2319825.searchInNewTabEnabled", "false");
Deleted : user_pref("CT2319825.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2319825.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Deleted : user_pref("CT2319825.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2319825.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2319825.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2319825.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT2319825.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1332799862732");
Deleted : user_pref("CT2319825.serviceLayer_services_appTracking_lastUpdate", "1332799864587");
Deleted : user_pref("CT2319825.serviceLayer_services_appsMetadata_lastUpdate", "1332799862599");
Deleted : user_pref("CT2319825.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1332799863085");
Deleted : user_pref("CT2319825.serviceLayer_services_login_10.10.20.14_lastUpdate", "1342471704347");
Deleted : user_pref("CT2319825.serviceLayer_services_login_10.7.6.2_lastUpdate", "1332834632530");
Deleted : user_pref("CT2319825.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1332799862815");
Deleted : user_pref("CT2319825.serviceLayer_services_searchAPI_lastUpdate", "1332799862615");
Deleted : user_pref("CT2319825.serviceLayer_services_serviceMap_lastUpdate", "1342460425200");
Deleted : user_pref("CT2319825.serviceLayer_services_toolbarContextMenu_lastUpdate", "1332799862792");
Deleted : user_pref("CT2319825.serviceLayer_services_toolbarSettings_lastUpdate", "1342471703645");
Deleted : user_pref("CT2319825.serviceLayer_services_translation_lastUpdate", "1342460425845");
Deleted : user_pref("CT2319825.settingsINI", true);
Deleted : user_pref("CT2319825.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2319825.smartbar.CTID", "CT2319825");
Deleted : user_pref("CT2319825.smartbar.Uninstall", "0");
Deleted : user_pref("CT2319825.smartbar.isHidden", true);
Deleted : user_pref("CT2319825.smartbar.toolbarName", "Winload ");
Deleted : user_pref("CT2319825.startPage", "userChanged");
Deleted : user_pref("CT2319825.toolbarBornServerTime", "27-3-2012");
Deleted : user_pref("CT2319825.toolbarCurrentServerTime", "16-7-2012");
Deleted : user_pref("CT2613550..clientLogIsEnabled", false);
Deleted : user_pref("CT2613550..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2613550..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2613550.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2613550.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2613550.CTID", "CT2613550");
Deleted : user_pref("CT2613550.CurrentServerDate", "7-3-2012");
Deleted : user_pref("CT2613550.DSChangedManually", false);
Deleted : user_pref("CT2613550.DSInstall", true);
Deleted : user_pref("CT2613550.DSProtectChoice", true);
Deleted : user_pref("CT2613550.DSProtectCount", 1);
Deleted : user_pref("CT2613550.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2613550.DialogsGetterLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.DownloadReferralCookieData", "");
Deleted : user_pref("CT2613550.EMailNotifierPollDate", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.FirstServerDate", "24-2-2012");
Deleted : user_pref("CT2613550.FirstTime", true);
Deleted : user_pref("CT2613550.FirstTimeFF3", true);
Deleted : user_pref("CT2613550.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2613550.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2613550.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2613550.HPInstall", false);
Deleted : user_pref("CT2613550.HPProtectChoice", true);
Deleted : user_pref("CT2613550.HPProtectCount", 1);
Deleted : user_pref("CT2613550.HasUserGlobalKeys", true);
Deleted : user_pref("CT2613550.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2613550.HomepageBeforeUnload", "hxxp://www.google.de/");
Deleted : user_pref("CT2613550.Initialize", true);
Deleted : user_pref("CT2613550.InitializeCommonPrefs", true);
Deleted : user_pref("CT2613550.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT2613550.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2613550.InstalledDate", "Fri Feb 24 2012 21:03:39 GMT+0100");
Deleted : user_pref("CT2613550.IsAlertDBUpdated", true);
Deleted : user_pref("CT2613550.IsGrouping", false);
Deleted : user_pref("CT2613550.IsInitSetupIni", true);
Deleted : user_pref("CT2613550.IsMulticommunity", false);
Deleted : user_pref("CT2613550.IsOpenThankYouPage", false);
Deleted : user_pref("CT2613550.IsOpenUninstallPage", true);
Deleted : user_pref("CT2613550.IsProtectorsInit", true);
Deleted : user_pref("CT2613550.LanguagePackLastCheckTime", "Wed Mar 07 2012 21:08:50 GMT+0100");
Deleted : user_pref("CT2613550.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2613550.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2613550.LastLogin_3.9.0.3", "Wed Mar 07 2012 21:08:50 GMT+0100");
Deleted : user_pref("CT2613550.LatestVersion", "3.9.0.3");
Deleted : user_pref("CT2613550.Locale", "de-de");
Deleted : user_pref("CT2613550.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2613550.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2613550.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2613550.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT2613550.OriginalFirstVersion", "3.9.0.3");
Deleted : user_pref("CT2613550.SearchCaption", "ZoneAlarm-Sicherheit Customized Web Search");
Deleted : user_pref("CT2613550.SearchEngineBeforeUnload", "ZoneAlarm-Sicherheit Customized Web Search");
Deleted : user_pref("CT2613550.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2613550.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Deleted : user_pref("CT2613550.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2613550.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2613550.SearchInNewTabLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2613550.SearchProtectorEnabled", true);
Deleted : user_pref("CT2613550.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2613550.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2613550.ServiceMapLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.SettingsLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.SettingsLastUpdate", "1321973076");
Deleted : user_pref("CT2613550.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2613550&SearchSource=13");
Deleted : user_pref("CT2613550.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2613550.ThirdPartyComponentsLastCheck", "Fri Feb 24 2012 21:03:30 GMT+0100");
Deleted : user_pref("CT2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Deleted : user_pref("CT2613550.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2613550.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2613550");
Deleted : user_pref("CT2613550.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2613550.Uninstall", true);
Deleted : user_pref("CT2613550.UserID", "UN17207794001450359");
Deleted : user_pref("CT2613550.alertChannelId", "1006347");
Deleted : user_pref("CT2613550.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2613550.globalFirstTimeInfoLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2613550.initDone", true);
Deleted : user_pref("CT2613550.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2613550.myStuffEnabled", true);
Deleted : user_pref("CT2613550.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2613550.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2613550.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2613550.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2613550.oldAppsList", "129171076488700693,129171076488856944,111,129171076488856945,129[...]
Deleted : user_pref("CT2613550.revertSettingsEnabled", true);
Deleted : user_pref("CT2613550.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2613550.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2613550.testingCtid", "");
Deleted : user_pref("CT2613550.toolbarAppMetaDataLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.toolbarContextMenuLastCheckTime", "Fri Feb 24 2012 21:03:39 GMT+0100");
Deleted : user_pref("CT2613550.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "ZoneAlarm-Sicherheit Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2613550/CT2613550[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1006347/1002062/DE", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2613550", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2613550",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/50/261/CT2613550/Images/6340849712463612[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Yannick\\AppData\\Roaming\\Mozilla\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2613550");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2613550");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2613550");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CommunityToolbar.globalUserId", "1e725ed5-5717-44e5-9863-96e9f6dc6b17");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613550");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 24 2012 21:03:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Feb 24 2012 21:03:45 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 24 2012 21:03:33 GMT+0100");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "3e31fefe-a4cc-442e-a7b1-c25d03c7a980");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.de/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110141");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "fa79c3e20000000000000022fbab5e38");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "fa79c3e20000000000000022fbab5e38");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15426");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.ovrDmn", "isearch.babylon.com");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:22:40");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB3&ctid=CT2319825&Search[...]
Deleted : user_pref("tfp.CT2319825", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mustermann\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26795 octets] - [16/07/2012 18:51:33]
AdwCleaner[S1].txt - [25817 octets] - [16/07/2012 23:25:07]

########## EOF - C:\AdwCleaner[S1].txt - [25946 octets] ##########


danke!

Alt 17.07.2012, 13:35   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.07.2012, 19:35   #15
Pimo
 
RUNDLL Fehlermeldung beim Starten des Laptops - Standard

RUNDLL Fehlermeldung beim Starten des Laptops



1.) mir ist nichts anderes aufgefallen, die rundll Fehlermeldung kam nach dem malware gearbeitet hat nicht mehr

2.)eigtl ist alles unverändert

Antwort

Themen zu RUNDLL Fehlermeldung beim Starten des Laptops
anti-malware, beachten, beim starten, ctfmon.lnk, dinge, dll, eingefangen, fehlermeldung, fehlermeldung beim starten, forum, gefangen, gen, hallo zusammen, heuristiks/extra, heuristiks/shuriken, infizierte, laptop, laptops, lösung, malwarebytes, problem, pup.bundleinstaller.bi, rundll, scan, schnell, start, starte, starten, suche, zusammen



Ähnliche Themen: RUNDLL Fehlermeldung beim Starten des Laptops


  1. Fehlermeldung beim booten. RunDLL Problem beim starten von ... Das angegebene Modul wurde nicht gefunden.
    Plagegeister aller Art und deren Bekämpfung - 31.05.2016 (23)
  2. Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter
    Alles rund um Windows - 04.10.2015 (13)
  3. Fehlermeldung RunDLL Problem beim Starten von
    Plagegeister aller Art und deren Bekämpfung - 11.04.2015 (20)
  4. Fehlermeldung beim Start des Laptops
    Plagegeister aller Art und deren Bekämpfung - 05.03.2014 (23)
  5. Fehlermeldung RunDll : Problem beim Starten C Program files (x86) HomeTab TB Updater.dll.
    Log-Analyse und Auswertung - 15.01.2014 (7)
  6. Fehlermeldung beim starten meines Laptops.
    Plagegeister aller Art und deren Bekämpfung - 07.01.2014 (7)
  7. Fehlermeldung von RUNDLL: Problem beim Starten von ....TBHostSupport.dll
    Log-Analyse und Auswertung - 06.01.2014 (15)
  8. Fehlermeldung beim booten. RunDLL Problem beim starten von C:\ProgrammFiles\HomeTab\TBUpdater.dll Das angegebene Modul wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (21)
  9. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Log-Analyse und Auswertung - 22.10.2013 (16)
  10. Fehlermeldung: RunDLL - Problem beim Starten von C:\Users\a.....\AppData\Local\Temp\ch810.exe Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 05.10.2013 (10)
  11. Fehlermeldung: RunDLL - Problem beim Starten von C:\Users\C..\AppData\...\enhancedNT.dll Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 02.10.2013 (6)
  12. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (19)
  13. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (7)
  14. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Plagegeister aller Art und deren Bekämpfung - 13.09.2013 (13)
  15. Fehlermeldung beim Starten des Rechners RunDll c:.... wgsdgsdgsgsd.exe nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.12.2012 (13)
  16. Rundll fehlermeldung beim starten , locgdi.dat nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.03.2010 (3)
  17. RunDLL Fehlermeldung beim starten von WIN7
    Plagegeister aller Art und deren Bekämpfung - 05.02.2010 (6)

Zum Thema RUNDLL Fehlermeldung beim Starten des Laptops - Hallo zusammen, ich bin auf der Suche nach einer Lösung zum o.g. Problem auf das Forum hier gestoßen und bin etwas verunsichert was ich mir da eingefangen habe. Beim Start - RUNDLL Fehlermeldung beim Starten des Laptops...
Archiv
Du betrachtest: RUNDLL Fehlermeldung beim Starten des Laptops auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.