Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   RUNDLL Fehlermeldung beim Starten des Laptops (https://www.trojaner-board.de/119373-rundll-fehlermeldung-beim-starten-laptops.html)

Pimo 13.07.2012 12:50
RUNDLL Fehlermeldung beim Starten des Laptops
 
Hallo zusammen,
ich bin auf der Suche nach einer Lösung zum o.g. Problem auf das Forum hier gestoßen und bin etwas verunsichert was ich mir da eingefangen habe. Beim Start meines Notebooks kam eine Fehlermeldung "Rundll Fehler ....." Ich habe das zu schnell weggeklickt und dadurch nicht exakt lesen können(mein Fehler).

Ich habe bereits Malwarebytes Anti-Malware heruntergeladen und installiert. Habe dann auch umgehend einen vollständingen Scan begonnen und habe jetzt schon 2 infizierte Objekte.

Was sollte ich nun weiter tun und vorallem beachten?


MfG Pimo

Hier ist der Malware Logbericht:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.13.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Max :: Mustermann-PC [Administrator]

Schutz: Aktiviert

13.07.2012 13:32:13
mbam-log-2012-07-13 (13-32-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 355710
Laufzeit: 1 Stunde(n), 12 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Program Files (x86)\Age of Empires 2\Tools\DirectDraw Patcher\w7ddpatcher.exe (HackTool.Patch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Yannick\AppData\Local\Temp\nsmDBA3.tmp (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus 14.07.2012 16:59
Code:
C:\Program Files (x86)\Age of Empires 2\Tools\DirectDraw Patcher\w7ddpatcher.exe (HackTool.Patch)
Was genau soll das sein, aus welcher Quelle?

Pimo 15.07.2012 10:10
Hallo Cosinus, danke für deine Hilfe!!

Also ich habe vor ein paar Tagen das PC Spiel Age of Empires vom Kumpel draufgespielt bekommen. Ist das eine schädliche Datei gewesen?

Gruß

cosinus 15.07.2012 17:01
Das Teil sieht nach einem Grafikpatch aus, aber ich sollte dich unbedingt warnen: wardas Spiel eine Originalversion bzw. waren da irgendwelche Cracks oder Keygens im Spiel? Cracks/Keygens ausführen ist eine fast 100%ig sichere Methode sich sein Windows zu verseuchen! :pfui:

Pimo 15.07.2012 17:04
Ich kann es dir nicht sagen, habe es aber umgehend entfernt.
Was sagst du zu den anderen infizierten Objekten die ich gepostet habe? Habe nun bei Neustarts keine Fehlermeldung mehr.

Danke:daumenhoc

cosinus 15.07.2012 18:27
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Pimo 15.07.2012 18:45
Ne, das was oben steht war bisher mein einziger Scan und daher auch Log. Ich habe mich nach der Fehlermeldung im Internet umgeschaut und bin dadurch halt hier im Forum gelandet. Daher habe ich vorab schon einen Vollscan durchgeführt und die drei infizierten Dateien gemeldet bekommen.

Danke für deine Hilfe cosinus!!

cosinus 15.07.2012 20:04
Führ bitte auch ESET aus, danach sehen wir weiter.

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button http://img695.imageshack.us/img695/1599/eset1l.jpg (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Haken bei Yes, i accept the Terms of Use.
  • Drücke den http://img707.imageshack.us/img707/687/starteg.jpg Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives".
  • Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
  • http://img707.imageshack.us/img707/687/starteg.jpg drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und kopiere folgenden Text in das Ausführen Fenster.
Code:
"%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Code:
"%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
Poste nun den Inhalt der log.txt.

Pimo 15.07.2012 23:02
Hier der Inhalt der Logdatei:

ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c06271e71c9584409605a8b2697bcdab
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-15 09:59:51
# local_time=2012-07-15 11:59:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 12349629 12349629 0 0
# compatibility_mode=5893 16776573 100 94 16447 94015133 0 0
# compatibility_mode=8192 67108863 100 0 801 801 0 0
# compatibility_mode=9217 16777214 75 66 12275605 64658913 0 0
# scanned=163923
# found=0
# cleaned=0
# scan_time=4308



danke

cosinus 16.07.2012 15:59
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Pimo 16.07.2012 17:55
Nochmals vielen Dank cosinus für deine Hilfe, ich kann das nicht häufig genug sagen!! :)

# AdwCleaner v1.702 - Logfile created 07/16/2012 at 18:51:33
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Max - Mustermann-PC
# Running from : C:\Users\Mustermann\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Mustermann\AppData\Local\Babylon
Folder Found : C:\Users\Mustermann\AppData\Local\Conduit
Folder Found : C:\Users\Mustermann\AppData\Local\Linkury
Folder Found : C:\Users\Mustermann\AppData\Local\TempDir
Folder Found : C:\Users\Mustermann\AppData\Local\Temp\BabylonToolbar
Folder Found : C:\Users\Mustermann\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Mustermann\AppData\LocalLow\Conduit
Folder Found : C:\Users\Mustermann\AppData\LocalLow\ZoneAlarm-Sicherheit
Folder Found : C:\Users\Mustermann\AppData\Roaming\Babylon
Folder Found : C:\Users\Mustermann\AppData\Roaming\loadtbs
Folder Found : C:\Users\Mustermann\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Mustermann\AppData\Roaming\pdfforge
Folder Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\ConduitCommon
Folder Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\Smartbar
Folder Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ZoneAlarm-Sicherheit
File Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\Conduit.xml
File Found : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\Linkury Smartbar Search.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2319825[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\ZoneAlarm-Sicherheit
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
[x64] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=fa79c3e20000000000000022fbab5e38
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\prefs.js

Found : user_pref("CT2319825.1000082.currentList", "[{\"stationId\":\"11949532\",\"url\":\"hxxp://gffstream.[...]
Found : user_pref("CT2319825.1000082.isPlayDisplay", "true");
Found : user_pref("CT2319825.1000082.localStations", "[{\"stationId\":\"8546\",\"url\":\"hxxp://stream.radio[...]
Found : user_pref("CT2319825.1000082.nowPlaying", "{\"stationId\":\"11949532\",\"url\":\"hxxp://gffstream.ic[...]
Found : user_pref("CT2319825.1000082.publisherStations", "[{\"stationId\":\"11949532\",\"url\":\"hxxp://gffs[...]
Found : user_pref("CT2319825.1000082.state", "{\"state\":\"stopped\",\"text\":\"1Live\",\"description\":\"1L[...]
Found : user_pref("CT2319825.1000234.TWC_TMP_city", "BERLIN");
Found : user_pref("CT2319825.1000234.TWC_TMP_country", "DE");
Found : user_pref("CT2319825.128898076802619659.isToggled_item0_11", "true");
Found : user_pref("CT2319825.129714600517272937.APP_WIN_FEATURES", "resizable=no,scrollbars=no,titlebar=no,o[...]
Found : user_pref("CT2319825.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2319825.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"fal[...]
Found : user_pref("CT2319825.FirstTime", "true");
Found : user_pref("CT2319825.FirstTimeFF3", "true");
Found : user_pref("CT2319825.ID", "40526066");
Found : user_pref("CT2319825.UserID", "UN22821896514431572");
Found : user_pref("CT2319825.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2319825.autoDisableScopes", -1);
Found : user_pref("CT2319825.autocompletepro_enable", "1");
Found : user_pref("CT2319825.autocompletepro_enable_auto", "1");
Found : user_pref("CT2319825.browser.search.defaultthis.engineName", true);
Found : user_pref("CT2319825.defaultSearch", "true");
Found : user_pref("CT2319825.embeddedsData", "[{\"appId\":\"128898076802619666\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT2319825.enableAlerts", "always");
Found : user_pref("CT2319825.enableFix404", "true");
Found : user_pref("CT2319825.enableSearchFromAddressBar", "true");
Found : user_pref("CT2319825.firstTimeDialogOpened", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT2319825.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2319825.fixUrls", true);
Found : user_pref("CT2319825.installId", "ConduitNSISIntegration");
Found : user_pref("CT2319825.installType", "ConduitXPEIntegration");
Found : user_pref("CT2319825.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2319825.isNewTabEnabled", false);
Found : user_pref("CT2319825.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2319825.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2319825.keyword", true);
Found : user_pref("CT2319825.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Found : user_pref("CT2319825.openThankYouPage", "false");
Found : user_pref("CT2319825.openUninstallPage", "true");
Found : user_pref("CT2319825.search.searchAppId", "128898076802619666");
Found : user_pref("CT2319825.search.searchCount", "0");
Found : user_pref("CT2319825.searchInNewTabEnabled", "false");
Found : user_pref("CT2319825.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2319825.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Found : user_pref("CT2319825.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2319825.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2319825.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2319825.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT2319825.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1332799862732");
Found : user_pref("CT2319825.serviceLayer_services_appTracking_lastUpdate", "1332799864587");
Found : user_pref("CT2319825.serviceLayer_services_appsMetadata_lastUpdate", "1332799862599");
Found : user_pref("CT2319825.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1332799863085");
Found : user_pref("CT2319825.serviceLayer_services_login_10.10.20.14_lastUpdate", "1342388425834");
Found : user_pref("CT2319825.serviceLayer_services_login_10.7.6.2_lastUpdate", "1332834632530");
Found : user_pref("CT2319825.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1332799862815");
Found : user_pref("CT2319825.serviceLayer_services_searchAPI_lastUpdate", "1332799862615");
Found : user_pref("CT2319825.serviceLayer_services_serviceMap_lastUpdate", "1342374024758");
Found : user_pref("CT2319825.serviceLayer_services_toolbarContextMenu_lastUpdate", "1332799862792");
Found : user_pref("CT2319825.serviceLayer_services_toolbarSettings_lastUpdate", "1342384477328");
Found : user_pref("CT2319825.serviceLayer_services_translation_lastUpdate", "1342374025548");
Found : user_pref("CT2319825.settingsINI", true);
Found : user_pref("CT2319825.shouldFirstTimeDialog", "false");
Found : user_pref("CT2319825.smartbar.CTID", "CT2319825");
Found : user_pref("CT2319825.smartbar.Uninstall", "0");
Found : user_pref("CT2319825.smartbar.isHidden", true);
Found : user_pref("CT2319825.smartbar.toolbarName", "Winload ");
Found : user_pref("CT2319825.startPage", "userChanged");
Found : user_pref("CT2319825.toolbarBornServerTime", "27-3-2012");
Found : user_pref("CT2319825.toolbarCurrentServerTime", "16-7-2012");
Found : user_pref("CT2613550..clientLogIsEnabled", false);
Found : user_pref("CT2613550..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2613550..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2613550.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2613550.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2613550.CTID", "CT2613550");
Found : user_pref("CT2613550.CurrentServerDate", "7-3-2012");
Found : user_pref("CT2613550.DSChangedManually", false);
Found : user_pref("CT2613550.DSInstall", true);
Found : user_pref("CT2613550.DSProtectChoice", true);
Found : user_pref("CT2613550.DSProtectCount", 1);
Found : user_pref("CT2613550.DialogsAlignMode", "LTR");
Found : user_pref("CT2613550.DialogsGetterLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.DownloadReferralCookieData", "");
Found : user_pref("CT2613550.EMailNotifierPollDate", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.FirstServerDate", "24-2-2012");
Found : user_pref("CT2613550.FirstTime", true);
Found : user_pref("CT2613550.FirstTimeFF3", true);
Found : user_pref("CT2613550.FixPageNotFoundErrors", true);
Found : user_pref("CT2613550.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2613550.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2613550.HPInstall", false);
Found : user_pref("CT2613550.HPProtectChoice", true);
Found : user_pref("CT2613550.HPProtectCount", 1);
Found : user_pref("CT2613550.HasUserGlobalKeys", true);
Found : user_pref("CT2613550.HomePageProtectorEnabled", false);
Found : user_pref("CT2613550.HomepageBeforeUnload", "hxxp://www.google.de/");
Found : user_pref("CT2613550.Initialize", true);
Found : user_pref("CT2613550.InitializeCommonPrefs", true);
Found : user_pref("CT2613550.InstallationAndCookieDataSentCount", 2);
Found : user_pref("CT2613550.InstallationType", "UnknownIntegration");
Found : user_pref("CT2613550.InstalledDate", "Fri Feb 24 2012 21:03:39 GMT+0100");
Found : user_pref("CT2613550.IsAlertDBUpdated", true);
Found : user_pref("CT2613550.IsGrouping", false);
Found : user_pref("CT2613550.IsInitSetupIni", true);
Found : user_pref("CT2613550.IsMulticommunity", false);
Found : user_pref("CT2613550.IsOpenThankYouPage", false);
Found : user_pref("CT2613550.IsOpenUninstallPage", true);
Found : user_pref("CT2613550.IsProtectorsInit", true);
Found : user_pref("CT2613550.LanguagePackLastCheckTime", "Wed Mar 07 2012 21:08:50 GMT+0100");
Found : user_pref("CT2613550.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2613550.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2613550.LastLogin_3.9.0.3", "Wed Mar 07 2012 21:08:50 GMT+0100");
Found : user_pref("CT2613550.LatestVersion", "3.9.0.3");
Found : user_pref("CT2613550.Locale", "de-de");
Found : user_pref("CT2613550.MCDetectTooltipHeight", "83");
Found : user_pref("CT2613550.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2613550.MCDetectTooltipWidth", "295");
Found : user_pref("CT2613550.MyStuffEnabledAtInstallation", false);
Found : user_pref("CT2613550.OriginalFirstVersion", "3.9.0.3");
Found : user_pref("CT2613550.SearchCaption", "ZoneAlarm-Sicherheit Customized Web Search");
Found : user_pref("CT2613550.SearchEngineBeforeUnload", "ZoneAlarm-Sicherheit Customized Web Search");
Found : user_pref("CT2613550.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2613550.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Found : user_pref("CT2613550.SearchInNewTabEnabled", true);
Found : user_pref("CT2613550.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2613550.SearchInNewTabLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2613550.SearchProtectorEnabled", true);
Found : user_pref("CT2613550.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2613550.SendProtectorDataViaLogin", true);
Found : user_pref("CT2613550.ServiceMapLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.SettingsLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.SettingsLastUpdate", "1321973076");
Found : user_pref("CT2613550.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2613550&SearchSource=13");
Found : user_pref("CT2613550.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2613550.ThirdPartyComponentsLastCheck", "Fri Feb 24 2012 21:03:30 GMT+0100");
Found : user_pref("CT2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Found : user_pref("CT2613550.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2613550.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2613550");
Found : user_pref("CT2613550.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2613550.Uninstall", true);
Found : user_pref("CT2613550.UserID", "UN17207794001450359");
Found : user_pref("CT2613550.alertChannelId", "1006347");
Found : user_pref("CT2613550.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2613550.globalFirstTimeInfoLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2613550.initDone", true);
Found : user_pref("CT2613550.isAppTrackingManagerOn", true);
Found : user_pref("CT2613550.myStuffEnabled", true);
Found : user_pref("CT2613550.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2613550.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2613550.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2613550.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2613550.oldAppsList", "129171076488700693,129171076488856944,111,129171076488856945,129[...]
Found : user_pref("CT2613550.revertSettingsEnabled", true);
Found : user_pref("CT2613550.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2613550.searchProtectorEnableByLogin", true);
Found : user_pref("CT2613550.testingCtid", "");
Found : user_pref("CT2613550.toolbarAppMetaDataLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CT2613550.toolbarContextMenuLastCheckTime", "Fri Feb 24 2012 21:03:39 GMT+0100");
Found : user_pref("CT2613550.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitSearchList", "ZoneAlarm-Sicherheit Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2613550/CT2613550[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1006347/1002062/DE", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2613550", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2613550",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/50/261/CT2613550/Images/6340849712463612[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Yannick\\AppData\\Roaming\\Mozilla\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2613550");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2613550");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2613550");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "1e725ed5-5717-44e5-9863-96e9f6dc6b17");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613550");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 24 2012 21:03:3[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Feb 24 2012 21:03:45 GMT+010[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 24 2012 21:03:33 GMT+0100");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "3e31fefe-a4cc-442e-a7b1-c25d03c7a980");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.de/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110141");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "fa79c3e20000000000000022fbab5e38");
Found : user_pref("extensions.BabylonToolbar_i.id", "fa79c3e20000000000000022fbab5e38");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15426");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.ovrDmn", "isearch.babylon.com");
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:22:40");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB3&ctid=CT2319825&Search[...]
Found : user_pref("tfp.CT2319825", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mustermann\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26704 octets] - [16/07/2012 18:51:33]

########## EOF - C:\AdwCleaner[R1].txt - [26833 octets] ##########

cosinus 16.07.2012 22:11
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Pimo 16.07.2012 22:29
# AdwCleaner v1.702 - Logfile created 07/16/2012 at 23:25:07
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Mustermann - Mustermann-PC
# Running from : C:\Users\Mustermann\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Mustermann\AppData\Local\Babylon
Folder Deleted : C:\Users\Mustermann\AppData\Local\Conduit
Folder Deleted : C:\Users\Mustermann\AppData\Local\Linkury
Folder Deleted : C:\Users\Mustermann\AppData\Local\TempDir
Folder Deleted : C:\Users\Mustermann\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Mustermann\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Mustermann\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mustermann\AppData\LocalLow\ZoneAlarm-Sicherheit
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\loadtbs
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\ConduitCommon
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\Smartbar
Folder Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ZoneAlarm-Sicherheit
File Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\Linkury Smartbar Search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2319825[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ZoneAlarm-Sicherheit

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=fa79c3e20000000000000022fbab5e38 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\prefs.js

C:\Users\Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\user.js ... Deleted !

Deleted : user_pref("CT2319825.1000082.currentList", "[{\"stationId\":\"11949532\",\"url\":\"hxxp://gffstream.[...]
Deleted : user_pref("CT2319825.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT2319825.1000082.localStations", "[{\"stationId\":\"8546\",\"url\":\"hxxp://stream.radio[...]
Deleted : user_pref("CT2319825.1000082.nowPlaying", "{\"stationId\":\"11949532\",\"url\":\"hxxp://gffstream.ic[...]
Deleted : user_pref("CT2319825.1000082.publisherStations", "[{\"stationId\":\"11949532\",\"url\":\"hxxp://gffs[...]
Deleted : user_pref("CT2319825.1000082.state", "{\"state\":\"stopped\",\"text\":\"1Live\",\"description\":\"1L[...]
Deleted : user_pref("CT2319825.1000234.TWC_TMP_city", "BERLIN");
Deleted : user_pref("CT2319825.1000234.TWC_TMP_country", "DE");
Deleted : user_pref("CT2319825.128898076802619659.isToggled_item0_11", "true");
Deleted : user_pref("CT2319825.129714600517272937.APP_WIN_FEATURES", "resizable=no,scrollbars=no,titlebar=no,o[...]
Deleted : user_pref("CT2319825.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2319825.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"fal[...]
Deleted : user_pref("CT2319825.FirstTime", "true");
Deleted : user_pref("CT2319825.FirstTimeFF3", "true");
Deleted : user_pref("CT2319825.ID", "40526066");
Deleted : user_pref("CT2319825.UserID", "UN22821896514431572");
Deleted : user_pref("CT2319825.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2319825.autoDisableScopes", -1);
Deleted : user_pref("CT2319825.autocompletepro_enable", "1");
Deleted : user_pref("CT2319825.autocompletepro_enable_auto", "1");
Deleted : user_pref("CT2319825.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT2319825.defaultSearch", "true");
Deleted : user_pref("CT2319825.embeddedsData", "[{\"appId\":\"128898076802619666\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2319825.enableAlerts", "always");
Deleted : user_pref("CT2319825.enableFix404", "true");
Deleted : user_pref("CT2319825.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2319825.firstTimeDialogOpened", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT2319825.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2319825.fixUrls", true);
Deleted : user_pref("CT2319825.installId", "ConduitNSISIntegration");
Deleted : user_pref("CT2319825.installType", "ConduitXPEIntegration");
Deleted : user_pref("CT2319825.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2319825.isNewTabEnabled", false);
Deleted : user_pref("CT2319825.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2319825.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2319825.keyword", true);
Deleted : user_pref("CT2319825.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT2319825.openThankYouPage", "false");
Deleted : user_pref("CT2319825.openUninstallPage", "true");
Deleted : user_pref("CT2319825.search.searchAppId", "128898076802619666");
Deleted : user_pref("CT2319825.search.searchCount", "0");
Deleted : user_pref("CT2319825.searchInNewTabEnabled", "false");
Deleted : user_pref("CT2319825.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2319825.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Deleted : user_pref("CT2319825.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2319825.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2319825.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2319825.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2319825.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT2319825.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1332799862732");
Deleted : user_pref("CT2319825.serviceLayer_services_appTracking_lastUpdate", "1332799864587");
Deleted : user_pref("CT2319825.serviceLayer_services_appsMetadata_lastUpdate", "1332799862599");
Deleted : user_pref("CT2319825.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1332799863085");
Deleted : user_pref("CT2319825.serviceLayer_services_login_10.10.20.14_lastUpdate", "1342471704347");
Deleted : user_pref("CT2319825.serviceLayer_services_login_10.7.6.2_lastUpdate", "1332834632530");
Deleted : user_pref("CT2319825.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1332799862815");
Deleted : user_pref("CT2319825.serviceLayer_services_searchAPI_lastUpdate", "1332799862615");
Deleted : user_pref("CT2319825.serviceLayer_services_serviceMap_lastUpdate", "1342460425200");
Deleted : user_pref("CT2319825.serviceLayer_services_toolbarContextMenu_lastUpdate", "1332799862792");
Deleted : user_pref("CT2319825.serviceLayer_services_toolbarSettings_lastUpdate", "1342471703645");
Deleted : user_pref("CT2319825.serviceLayer_services_translation_lastUpdate", "1342460425845");
Deleted : user_pref("CT2319825.settingsINI", true);
Deleted : user_pref("CT2319825.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2319825.smartbar.CTID", "CT2319825");
Deleted : user_pref("CT2319825.smartbar.Uninstall", "0");
Deleted : user_pref("CT2319825.smartbar.isHidden", true);
Deleted : user_pref("CT2319825.smartbar.toolbarName", "Winload ");
Deleted : user_pref("CT2319825.startPage", "userChanged");
Deleted : user_pref("CT2319825.toolbarBornServerTime", "27-3-2012");
Deleted : user_pref("CT2319825.toolbarCurrentServerTime", "16-7-2012");
Deleted : user_pref("CT2613550..clientLogIsEnabled", false);
Deleted : user_pref("CT2613550..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2613550..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2613550.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2613550.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2613550.CTID", "CT2613550");
Deleted : user_pref("CT2613550.CurrentServerDate", "7-3-2012");
Deleted : user_pref("CT2613550.DSChangedManually", false);
Deleted : user_pref("CT2613550.DSInstall", true);
Deleted : user_pref("CT2613550.DSProtectChoice", true);
Deleted : user_pref("CT2613550.DSProtectCount", 1);
Deleted : user_pref("CT2613550.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2613550.DialogsGetterLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.DownloadReferralCookieData", "");
Deleted : user_pref("CT2613550.EMailNotifierPollDate", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.FirstServerDate", "24-2-2012");
Deleted : user_pref("CT2613550.FirstTime", true);
Deleted : user_pref("CT2613550.FirstTimeFF3", true);
Deleted : user_pref("CT2613550.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2613550.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2613550.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2613550.HPInstall", false);
Deleted : user_pref("CT2613550.HPProtectChoice", true);
Deleted : user_pref("CT2613550.HPProtectCount", 1);
Deleted : user_pref("CT2613550.HasUserGlobalKeys", true);
Deleted : user_pref("CT2613550.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2613550.HomepageBeforeUnload", "hxxp://www.google.de/");
Deleted : user_pref("CT2613550.Initialize", true);
Deleted : user_pref("CT2613550.InitializeCommonPrefs", true);
Deleted : user_pref("CT2613550.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT2613550.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2613550.InstalledDate", "Fri Feb 24 2012 21:03:39 GMT+0100");
Deleted : user_pref("CT2613550.IsAlertDBUpdated", true);
Deleted : user_pref("CT2613550.IsGrouping", false);
Deleted : user_pref("CT2613550.IsInitSetupIni", true);
Deleted : user_pref("CT2613550.IsMulticommunity", false);
Deleted : user_pref("CT2613550.IsOpenThankYouPage", false);
Deleted : user_pref("CT2613550.IsOpenUninstallPage", true);
Deleted : user_pref("CT2613550.IsProtectorsInit", true);
Deleted : user_pref("CT2613550.LanguagePackLastCheckTime", "Wed Mar 07 2012 21:08:50 GMT+0100");
Deleted : user_pref("CT2613550.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2613550.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2613550.LastLogin_3.9.0.3", "Wed Mar 07 2012 21:08:50 GMT+0100");
Deleted : user_pref("CT2613550.LatestVersion", "3.9.0.3");
Deleted : user_pref("CT2613550.Locale", "de-de");
Deleted : user_pref("CT2613550.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2613550.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2613550.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2613550.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT2613550.OriginalFirstVersion", "3.9.0.3");
Deleted : user_pref("CT2613550.SearchCaption", "ZoneAlarm-Sicherheit Customized Web Search");
Deleted : user_pref("CT2613550.SearchEngineBeforeUnload", "ZoneAlarm-Sicherheit Customized Web Search");
Deleted : user_pref("CT2613550.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2613550.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Deleted : user_pref("CT2613550.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2613550.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2613550.SearchInNewTabLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2613550.SearchProtectorEnabled", true);
Deleted : user_pref("CT2613550.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2613550.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2613550.ServiceMapLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.SettingsLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.SettingsLastUpdate", "1321973076");
Deleted : user_pref("CT2613550.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2613550&SearchSource=13");
Deleted : user_pref("CT2613550.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2613550.ThirdPartyComponentsLastCheck", "Fri Feb 24 2012 21:03:30 GMT+0100");
Deleted : user_pref("CT2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Deleted : user_pref("CT2613550.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2613550.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2613550");
Deleted : user_pref("CT2613550.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2613550.Uninstall", true);
Deleted : user_pref("CT2613550.UserID", "UN17207794001450359");
Deleted : user_pref("CT2613550.alertChannelId", "1006347");
Deleted : user_pref("CT2613550.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2613550.globalFirstTimeInfoLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2613550.initDone", true);
Deleted : user_pref("CT2613550.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2613550.myStuffEnabled", true);
Deleted : user_pref("CT2613550.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2613550.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2613550.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2613550.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2613550.oldAppsList", "129171076488700693,129171076488856944,111,129171076488856945,129[...]
Deleted : user_pref("CT2613550.revertSettingsEnabled", true);
Deleted : user_pref("CT2613550.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2613550.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2613550.testingCtid", "");
Deleted : user_pref("CT2613550.toolbarAppMetaDataLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CT2613550.toolbarContextMenuLastCheckTime", "Fri Feb 24 2012 21:03:39 GMT+0100");
Deleted : user_pref("CT2613550.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "ZoneAlarm-Sicherheit Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2613550/CT2613550[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1006347/1002062/DE", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2613550", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2613550",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/50/261/CT2613550/Images/6340849712463612[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Yannick\\AppData\\Roaming\\Mozilla\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2613550");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2613550");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2613550");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Mar 07 2012 21:08:49 GMT+0100");
Deleted : user_pref("CommunityToolbar.globalUserId", "1e725ed5-5717-44e5-9863-96e9f6dc6b17");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613550");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 24 2012 21:03:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Feb 24 2012 21:03:45 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 24 2012 21:03:33 GMT+0100");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "3e31fefe-a4cc-442e-a7b1-c25d03c7a980");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.de/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110141");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "fa79c3e20000000000000022fbab5e38");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "fa79c3e20000000000000022fbab5e38");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15426");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.ovrDmn", "isearch.babylon.com");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:22:40");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB3&ctid=CT2319825&Search[...]
Deleted : user_pref("tfp.CT2319825", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mustermann\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26795 octets] - [16/07/2012 18:51:33]
AdwCleaner[S1].txt - [25817 octets] - [16/07/2012 23:25:07]

########## EOF - C:\AdwCleaner[S1].txt - [25946 octets] ##########


danke!

cosinus 17.07.2012 13:35
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Pimo 17.07.2012 19:35
1.) mir ist nichts anderes aufgefallen, die rundll Fehlermeldung kam nach dem malware gearbeitet hat nicht mehr

2.)eigtl ist alles unverändert


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:46 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129