Something keeps setting my proxy server to http://127.0.0.1:13828. Have run Malwarebytes, ComboFix, RKill, ESET and Panda online scanners, I did not save the ComboFix logs.
Attached are DDS and Attach files.
Jump to content
Posted 19 April 2014 - 02:17 PM
Hi and Welcome!!
My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.
Having said that.... Let's get going!!
You said that you ran ComboFix already? Please go to C:\ComboFix.txt and post this log.
Is this a work/business computer by chance?
Please download TDSSKiller
Please download AdwCleaner by Xplode and save to your Desktop.
Edited by jeffce, 19 April 2014 - 02:18 PM.
Posted 19 April 2014 - 08:54 PM
Posted 19 April 2014 - 09:29 PM
Thanks for the logs that I requested.
You never did mention though...is this a work/business computer?
Posted 21 April 2014 - 07:50 PM
Ok...I must ask before we continue, do you have permission to make changes to this system? If it is a work system, it would be better if your IT department did the work so if there are any proxy configuration settings that need to be made it can be done.
Posted 22 April 2014 - 06:50 AM
Don't you love being the IT guy?
uInternet Settings,ProxyServer = http=127.0.0.1:13828
"DisableCAD"= 0 (0x0)
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Double click on AdwCleaner.exe to run the tool again.
Post the new logs that are made and also let me know how your system is running.
Posted 22 April 2014 - 11:44 AM
Posted 22 April 2014 - 06:44 PM
Have you been able to run ComboFix with the instructions I provided and then get the corresponding log?
Posted 23 April 2014 - 09:10 PM
Unfortunately, the proxy is still getting redirected. I remove the re-direction in IE, but it comes back after every reboot.
Posted 24 April 2014 - 06:26 AM
And this is only happening in IE?
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
0 members, 0 guests, 0 anonymous users