Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google chrome keeps on starting up with proxy


  • Please log in to reply
3 replies to this topic

#1 ntchoy

ntchoy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 24 September 2014 - 10:53 PM

Hi,

 

Recently, whenever i open google chrome, it opens using the proxy server.  No matter how many times I change the setting, whenever I reopen google chrome it always reverts back to it's original setting.  I suspect that it is a malware since I have searched on the forums and found that other people have the same problem.  I have already used adwcleaner to clean everything yet the setting always goes back to what it was before.  What should i do now?  I have even tried TDSSKiller and here are the logs. 

 

20:23:45.0775 0x4744  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
20:23:45.0775 0x4744  UEFI system
20:23:49.0807 0x4744  ============================================================
20:23:49.0807 0x4744  Current date / time: 2014/09/24 20:23:49.0807
20:23:49.0807 0x4744  SystemInfo:
20:23:49.0807 0x4744  
20:23:49.0807 0x4744  OS Version: 6.3.9600 ServicePack: 0.0
20:23:49.0807 0x4744  Product type: Workstation
20:23:49.0807 0x4744  ComputerName: NELSON-LAPTOP
20:23:49.0807 0x4744  UserName: Nelson Choy
20:23:49.0807 0x4744  Windows directory: C:\WINDOWS
20:23:49.0807 0x4744  System windows directory: C:\WINDOWS
20:23:49.0807 0x4744  Running under WOW64
20:23:49.0807 0x4744  Processor architecture: Intel x64
20:23:49.0807 0x4744  Number of processors: 4
20:23:49.0807 0x4744  Page size: 0x1000
20:23:49.0807 0x4744  Boot type: Normal boot
20:23:49.0807 0x4744  ============================================================
20:23:50.0789 0x4744  KLMD registered as C:\WINDOWS\system32\drivers\09137112.sys
20:23:54.0893 0x4744  System UUID: {FE312026-D392-9911-A07D-C547EE0A8B09}
20:23:55.0851 0x4744  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:55.0863 0x4744  ============================================================
20:23:55.0863 0x4744  \Device\Harddisk0\DR0:
20:23:55.0863 0x4744  GPT partitions:
20:23:55.0864 0x4744  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A708A82D-4151-11E2-81C2-ED2796CA146F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
20:23:55.0864 0x4744  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A708A833-4151-11E2-81C2-ED2796CA146F}, Name: Basic data partition, StartLBA 0xE1800, BlocksNum 0x82000
20:23:55.0864 0x4744  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A708A835-4151-11E2-81C2-ED2796CA146F}, Name: Basic data partition, StartLBA 0x163800, BlocksNum 0x40000
20:23:55.0864 0x4744  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A708A83D-4151-11E2-81C2-ED2796CA146F}, Name: Basic data partition, StartLBA 0x1A3800, BlocksNum 0x55D29800
20:23:55.0864 0x4744  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4A02C195-0FA3-469E-AFE7-EBE0E13DC512}, Name: , StartLBA 0x55ECD000, BlocksNum 0xAF000
20:23:55.0864 0x4744  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {72E3760C-95C6-4313-9FD1-A680856F4BB3}, Name: Basic data partition, StartLBA 0x55F7C000, BlocksNum 0x15CA000
20:23:55.0864 0x4744  MBR partitions:
20:23:55.0864 0x4744  ============================================================
20:23:55.0902 0x4744  C: <-> \Device\Harddisk0\DR0\Partition4
20:23:55.0902 0x4744  ============================================================
20:23:55.0902 0x4744  Initialize success
20:23:55.0902 0x4744  ============================================================
20:30:30.0920 0x4db4  KLMD registered as C:\WINDOWS\system32\drivers\43706049.sys
20:30:31.0723 0x4db4  Deinitialize success
 
thank you in advance

 



BC AdBot (Login to Remove)

 


#2 gavinseabrook

gavinseabrook

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:21 AM

Posted 25 September 2014 - 01:16 AM

Check your Internet Options in your control panel. Go to connections/connectivity tab and look under LAN settings. Make sure proxy server is not checked in there.


Gavin Seabrook

 


#3 david.coffman

david.coffman

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Malabar, FL
  • Local time:09:21 AM

Posted 25 September 2014 - 05:36 AM

gavinseabrook is correct most times this setting is the one causing the issue. I would also recommend downloading Malwarebytes and running a scan on the system. Most of the time at work when people are having this problem we run the scan and find malware that is causing it. Hope this helps.



#4 gavinseabrook

gavinseabrook

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:21 AM

Posted 27 September 2014 - 01:52 AM

Agreed. Malwarebytes is one of the best anti-virus softwares in my opinion. Its what I use whenever I get a pc to repair that is infected with any form of virus.


Gavin Seabrook

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users