Author Topic: PUM.Proxy even after Format + full Windows Re-Installation  (Read 4709 times)

0 Members and 1 Guest are viewing this topic.

July 12, 2016, 12:29:56 pm

Boulz

  • Newbie

  • Offline
  • *

  • 4
  • Reputation:
    0
    • View Profile
PUM.Proxy even after Format + full Windows Re-Installation
« on: July 12, 2016, 12:29:56 pm »
Hi,

Yesterday evening I saw this PUM.Proxy for the first time on win10 (see attachment)

If I delete them at the end of the scan and re-scan, they disappear.

But once I reboot, they come back...

So I format the drive and reinstall Windows 8. At the end of the installation, Roguekiller find them again...I update to Windows 10. and they are still here ....

Please help me. I am in France, we can discuss by phone if you want. Thanks



« Last Edit: July 12, 2016, 12:35:13 pm by Boulz »

Reply #1July 12, 2016, 01:36:09 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2331
  • Reputation:
    82
    • View Profile
Re: PUM.Proxy even after Format + full Windows Re-Installation
« Reply #1 on: July 12, 2016, 01:36:09 pm »
Hi Boulz,

Welcome to Adlice.com Forum and thanks for supporting our product.
It may be a false positive.

Please follow the following process :
1) Launch the command prompt windows (cmd) with admin rights and copy/paste the following command :
Code: [Select]
reg export "HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" "%USERPROFILE%\Desktop\WPAD.txt"
Do not close the command prompt until it says "Operation Completed

2) A new file named WPAD.txt should has been created on your desktop. Please attach it with your next reply.

Regards.

Note : This thread has been moved to the "RogueKiller PREMIUM" section for clarity.

Reply #2July 12, 2016, 01:48:33 pm

Boulz

  • Newbie

  • Offline
  • *

  • 4
  • Reputation:
    0
    • View Profile
Re: PUM.Proxy even after Format + full Windows Re-Installation
« Reply #2 on: July 12, 2016, 01:48:33 pm »
Hi Curson,

Many thanks for your support :)

I attach the WPAD.txt  - UPDATE, I PUT THE CORRECT FILE ---

Sorry..



« Last Edit: July 12, 2016, 02:19:13 pm by Boulz »

Reply #3July 12, 2016, 02:48:04 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2331
  • Reputation:
    82
    • View Profile
Re: PUM.Proxy even after Format + full Windows Re-Installation
« Reply #3 on: July 12, 2016, 02:48:04 pm »
Hi Boulz,

The WPAD key doesn't contains any malicious content.
There must be an application on your system that restore it on startup.
I advice you to ignore it for now.

Regards.

Reply #4July 12, 2016, 02:55:38 pm

Boulz

  • Newbie

  • Offline
  • *

  • 4
  • Reputation:
    0
    • View Profile
Re: PUM.Proxy even after Format + full Windows Re-Installation
« Reply #4 on: July 12, 2016, 02:55:38 pm »
What I dont understand is :

I formated my 2 x HDD + re-install Windows.
As soon as Windows install finish, I run Roguekiller and it found me these PUP.proxy

I have the original CD Windows 8 = directly find me these PUP after fresh install.
I upgrade to Windows 10 = same

I tried on each HDD and disconnect the 2nd

How is it possible ?
« Last Edit: July 12, 2016, 02:57:33 pm by Boulz »

Reply #5July 12, 2016, 03:00:24 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2331
  • Reputation:
    82
    • View Profile
Re: PUM.Proxy even after Format + full Windows Re-Installation
« Reply #5 on: July 12, 2016, 03:00:24 pm »
Hi Boulz,

On my personal computer, the WPAD key is empty.
It's maybe related to your network configuration, but there is no way to be sure.

Regards.

Reply #6July 12, 2016, 03:22:42 pm

Boulz

  • Newbie

  • Offline
  • *

  • 4
  • Reputation:
    0
    • View Profile
Re: PUM.Proxy even after Format + full Windows Re-Installation
« Reply #6 on: July 12, 2016, 03:22:42 pm »
ok

Could you tell me how to remove these WPAD keys? please ?

I notice, my max download is stuck at 750 KB/s max 810 with this new Windows install and this PUP-Proxy problem.

Normally it's stable at 900-950

This is why I want to remove these WPAD keys


Reply #7July 12, 2016, 04:12:53 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2331
  • Reputation:
    82
    • View Profile
Re: PUM.Proxy even after Format + full Windows Re-Installation
« Reply #7 on: July 12, 2016, 04:12:53 pm »
Hi Boulz,

These keys should not mess with your download speed.
Anyway, if you want to delete them, please follow the following process.

1) Download attached reg.txt and save it on your desktop.
2) Launch the command prompt windows (cmd) with admin rights and copy/paste the following command :
Code: [Select]
reg import "%USERPROFILE%\Desktop\reg.txt" Please keep in mind there is a high probably these keys will be restored on reboot.

Regards.
« Last Edit: July 12, 2016, 04:20:48 pm by Curson »