Adlice forum

General Category => Malware removal help => Topic started by: snakebait on November 18, 2014, 01:09:19 AM

Title: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 18, 2014, 01:09:19 AM

windows 8.1 machine.
I cleaned up the pc and everything is fine except the proxy.
It keeps auto filling and no matter what I changed, I cannot fix it. Here is RK scan. I'm not sure is these pum.proxies are correct

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 18, 2014, 08:51:45 AM

Yeah, remove them

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 18, 2014, 04:25:11 PM

Ok, Most of them deleted, and some came back with errors on them. rebooting and going to scan again.

Also what about the Hook under anti-root kit? it seem that those can be legit at times.


edit: after reboot. All are back.

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 19, 2014, 08:13:58 AM

Yeah, antirootkit entry will be whitelisted

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 19, 2014, 07:05:09 PM

still no luck clearing the Proxies. As soon as I unchecked it and hit OK and immediately go back in the are auto-filled. RK doesn't seem to remove the entries.

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 19, 2014, 07:29:43 PM

Or something put them back.
Can you scan with Malwarebytes?

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 19, 2014, 11:31:38 PM

logs and stuff

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 20, 2014, 11:13:07 AM

And after a reboot they are back?

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 20, 2014, 04:12:10 PM

correct. still here.

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 20, 2014, 04:23:37 PM

Are you using a VPN?
Can you install Proces Hacker, then open it
In "Network" tab, could you locate the column "Local Port" that has the value 13081 (you can sort the column) and tell what process is listening on it?

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 20, 2014, 04:34:15 PM

I don't believe that it's even up?

And also no VPN.

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 21, 2014, 08:15:47 AM

I'm not sure the filter works for port, it may but I'm not sure.
When you simply sort the column without filtering, do you find something?
If not, that means the proxy software isn't running, which would be very strange...

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 21, 2014, 03:47:45 PM

yes, when I click on network tab, it shows 75 processes running.

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 21, 2014, 05:57:01 PM

Yeah, but do you find the given port?

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 22, 2014, 05:06:16 PM

No, it goes from 8000 to 26143

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 22, 2014, 07:15:31 PM

Ok, so when i make a new account everything is fine with the proxies. They disappear and stay away. However, the start screen doesnt seem to have all of the info as a new user should, and the store doesn't work at all.

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 24, 2014, 09:41:03 AM

Is it company's PC?

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 24, 2014, 04:15:47 PM

nope

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 24, 2014, 06:54:44 PM

Could you try that? http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

Title: Re: Cannot disable/change/remove the proxy settings
Post by: snakebait on November 24, 2014, 08:37:09 PM

I'm sorry Tigzy. I went ahead and did a reinstall. I spent way to much time on this for my client. He will have to re-install his games and start over.

But thank you very much for your help. It would have been nice to see what actually was causing this.


thanks again.

Title: Re: Cannot disable/change/remove the proxy settings
Post by: Tigzy on November 25, 2014, 07:40:33 AM

No problem, I understand.