| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "PROXY" Einträge in der RegistrierungsdatenbankWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.05.2015, 17:42
| #3 |
| |  "PROXY" Einträge in der Registrierungsdatenbank Hallo,
__________________ich bin jetzt mal nach dem Lösungsvorschlag von Jürgen gegangen. hier das fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-05-2015
Ran by Sophie at 2015-05-03 18:25:01 Run:1
Running from C:\Users\Sophie\Downloads
Loaded Profiles: Sophie & UpdatusUser (Available profiles: Sophie & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CloseProcesses:
RemoveProxy:
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-795088716-3225698515-1859665541-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
SearchScopes: HKU\S-1-5-21-795088716-3225698515-1859665541-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
SearchScopes: HKU\S-1-5-21-795088716-3225698515-1859665541-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
SearchScopes: HKU\S-1-5-21-795088716-3225698515-1859665541-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S2 lusotocu; C:\Users\Sophie\AppData\Roaming\DC8131B1-1430558212-4F9A-C680-001FC6136CD0\jnsgF8DF.tmp [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
EmptyTemp:
*****************
Processes closed successfully.
========= RemoveProxy: =========
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-795088716-3225698515-1859665541-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-795088716-3225698515-1859665541-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
========= End of RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-795088716-3225698515-1859665541-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => Key deleted successfully.
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found.
"HKU\S-1-5-21-795088716-3225698515-1859665541-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => Key deleted successfully.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found.
"HKU\S-1-5-21-795088716-3225698515-1859665541-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKU\S-1-5-21-795088716-3225698515-1859665541-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
lusotocu => Service deleted successfully.
esgiguard => Service deleted successfully.
EmptyTemp: => Removed 352.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog 18:34:02 ====
EDIT: AdwCleaner zeigt das Problem jetzt auch nicht mehr an.  Geändert von Haselocke (03.05.2015 um 17:47 Uhr) |
| Themen zu "PROXY" Einträge in der Registrierungsdatenbank |
| antivirus, defender, fehlercode 28, fehlercode windows, iexplore.exe, installation, internet, internet explorer, photoshop, proxy adwcleaner, registry, safer networking, security, services.exe, software, spyhunter, spyhunter entfernen, svchost.exe, win32/adware.convertad.lj, win32/elex.bm, win32/elex.cy, win32/toolbar.tnt2.i, win32/toolbar.visicom.a |
Baum-Darstellung