Over 1 million tech questions and answers.

Possible proxy server hijack. Unable to change proxy server settings.

Q: Possible proxy server hijack. Unable to change proxy server settings.

I appear to be the victim of some piece of malware or virus that has added a proxy server setting that I am unable to get rid of. The main symptoms are that I am unable to change my proxy server settings in Windows 10. It appears to use this setting http=127.0.0.1:8080;. The result of this is that I am unable to do searches in the omnibar of Google Chrome (just takes me to a blank page) and I can't visit certain webpages, also if I am able to do a Google search the "Search Tools" button is missing.
 
I looked around on the internet and have tried a few fixes, I've deleted or changed the registry entries mentioned in Philip Turner's reply here: https://community.spiceworks.com/topic/446898-can-t-disable-proxy-in-ie10?page=1
 
I also changed the entry mentioned here: https://fixedit.itxpress.biz/2014/10/08/unable-to-disable-windows-proxy-setting/
 
Making these changes allowed me to change the proxy server settings and once I change "Automatically detect settings" to on and "Use a a proxy server" to off then the issue is fixed and everything behaves normally. 
 
The problem is, once I restart my computer the settings revert back and are again unable to be changed unless I delete/change all the above registry entries again. I'm pretty sure that whatever did this is still on my computer somewhere and I need some help finding and eliminating it. Either that, or there is still some hidden registry entry that I am unable to find.
 
I have tried running Malwarebytes, CCleaner, and Adwcleaner. None of them can detect or fix the issue.
 
I've had this same issue before, maybe a month ago, but last time this happened I ran CCleaner and uninstalled and reinstalled Chrome and it fixed it. This time that did not work. This time the issue began after I performed a Windows Update and restarted my computer. This is what was downloaded and updated:
 
Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3188128)
Update for Windows 10 Version 1511 for x64-based Systems (KB3150513)
Update for Windows 10 Version 1511 for x64-based Systems (KB3181403)
Update for Windows 10 Version 1511 for x64-based Systems (KB3161102)
Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - September 2016 (KB890830)
Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3185614)
 
The posted FRST64 logs are from AFTER I made the above mentioned registry changes. If you need me to restart my computer and run the program again before I make any changes, please let me know. Thanks in advance!
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
Ran by Jimbodan (administrator) on DESKTOP-G0LH54O (17-09-2016 18:20:47)
Running from E:\Users\jimbodan\Downloads
Loaded Profiles: Jimbodan (Available Profiles: Jimbodan)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Windows ® Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Binary Fortress Software) H:\Util\DisplayFusion\DisplayFusionService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft) C:\Program Files (x86)\GIGABYTE\CloudStation_Server\HomeCloud\GCloud.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Paramount Software UK Ltd) H:\Util\Macrium Reflect\ReflectService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe
(Microsoft) C:\Program Files (x86)\GIGABYTE\CloudStation_Server\HomeCloud\HCLOUD.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
() C:\Program Files (x86)\GIGABYTE\CloudStation_Server\RemoteControl\grckm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\GIGABYTE\CloudStation_Server\RemoteOC\ubssrv_oc_only.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Innkeeper) C:\Users\Jimbodan\AppData\Local\Innkeeper\app-0.3.1\Innkeeper.exe
(Binary Fortress Software) H:\Util\DisplayFusion\DisplayFusion.exe
(Curse Inc.) C:\Users\Jimbodan\AppData\Local\Innkeeper\app-0.3.1\Electron\bin\InnkeeperUI-win32-ia32\InnkeeperUI.exe
(Curse Inc.) C:\Users\Jimbodan\AppData\Local\Innkeeper\app-0.3.1\Electron\bin\InnkeeperUI-win32-ia32\InnkeeperUI.exe
(Curse Inc.) C:\Users\Jimbodan\AppData\Local\Innkeeper\app-0.3.1\Electron\bin\InnkeeperUI-win32-ia32\InnkeeperUI.exe
(Curse Inc.) C:\Users\Jimbodan\AppData\Local\Innkeeper\app-0.3.1\Electron\bin\InnkeeperUI-win32-ia32\InnkeeperUI.exe
() G:\wow tsm proud\8-26-16 TSM\TradeSkillMaster Application\app\TSMApplication.exe
(Binary Fortress Software) H:\Util\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) H:\Util\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Mobile Stream) C:\Program Files\Mobile Stream\EasyTether\easytthr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Caphyon LTD) C:\Windows\Installer\MSIE21F.tmp
(InstallShield®) C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Razer, Inc.) C:\Users\Jimbodan\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
() H:\Temp and Trial Stuff\quietHDD.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\AlarmClock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5181\Agent.exe
(Blizzard Entertainment) G:\Battle.net\Battle.net.7963\Battle.net.exe
() G:\Battle.net\Battle.net.7963\Battle.net Helper.exe
() G:\Battle.net\Battle.net.7963\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-28] (Logitech Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2015-10-01] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [157696 2015-10-01] (Saitek)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [1129984 2014-03-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25347616 2016-09-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2016-06-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-06-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [CyborgAutoProfiler] => C:\Cyborg Auto-Profiler\Cyborg Auto-Profiler.exe [1105920 2013-09-11] (Danny Hasley)
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\GIGABYTE\EasyTune\etro.exe [5632 2015-09-24] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [SIV] => C:\Program Files (x86)\GIGABYTE\SIV\sivro.exe [12072 2015-11-16] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [EasyTuneEngineService] => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EngineRunOnce.exe [14632 2015-12-08] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-19] ()
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKU\S-1-5-21-1084192390-2770222576-1164625261-1001\...\Run: [Innkeeper] => C:\Users\Jimbodan\AppData\Local\Innkeeper\Update.exe --processStart Innkeeper.exe --process-start-args="-startup"
HKU\S-1-5-21-1084192390-2770222576-1164625261-1001\...\Run: [DisplayFusion] => H:\Util\DisplayFusion\DisplayFusion.exe [8547320 2016-01-20] (Binary Fortress Software)
HKU\S-1-5-21-1084192390-2770222576-1164625261-1001\...\Run: [TSMApplication] => G:\wow tsm proud\8-26-16 TSM\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-16] ()
HKU\S-1-5-21-1084192390-2770222576-1164625261-1001\...\Run: [EasyTether] => C:\Program Files\Mobile Stream\EasyTether\easytthr.exe [73728 2015-11-22] (Mobile Stream)
HKU\S-1-5-21-1084192390-2770222576-1164625261-1001\...\Run: [GoogleChromeAutoLaunch_1BF4372F2CC1415D61429F55336122A9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1135944 2016-09-13] (Google Inc.)
HKU\S-1-5-21-1084192390-2770222576-1164625261-1001\...\RunOnce: [Uninstall C:\Users\Jimbodan\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jimbodan\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1084192390-2770222576-1164625261-1001\...\RunOnce: [Uninstall C:\Users\Jimbodan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jimbodan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk [2016-07-19]
ShortcutTarget: Aggiorna ESET license.lnk -> H:\Temp and Trial Stuff\MiNODLogin\launcher.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Cyborg Auto-Profiler.lnk [2016-07-19]
ShortcutTarget: Cyborg Auto-Profiler.lnk -> C:\Cyborg Auto-Profiler\Cyborg Auto-Profiler.exe (Danny Hasley)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD - Shortcut.lnk [2016-07-23]
ShortcutTarget: quietHDD - Shortcut.lnk -> H:\Temp and Trial Stuff\quietHDD.exe ()
Startup: C:\Users\Jimbodan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD.lnk [2016-07-23]
ShortcutTarget: quietHDD.lnk -> H:\Temp and Trial Stuff\quietHDD.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <======= ATTENTION (Restriction - ProxySettings)
Tcpip\..\Interfaces\{a88dfb7c-efd8-4c40-a441-37d49435f613}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{e6ed25c1-b03a-43a1-b4d7-17a64243a481}: [DhcpNameServer] 208.67.222.222 208.67.220.220
ManualProxies: 
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-08-26] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-26] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-08-26] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-26] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-26] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-08-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> H:\Util\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF SearchPlugin: C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\searchplugins\amazon-search-suggestions.xml [2015-11-27]
FF SearchPlugin: C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\searchplugins\youtube-video-search.xml [2011-12-02]
FF Extension: (Open GMail with toolbar button) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\extensions\[email protected] [2016-05-10]
FF Extension: (Copy All Links) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\extensions\{e6a9a96e-4a08-4719-b9bd-0e91c35aaabc}.xpi [2016-06-08]
FF Extension: (NoScript) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-17]
FF Extension: (Greasemonkey) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-29]
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\[email protected] [2016-06-03]
FF Extension: (1-Click Dailymotion Video Downloader) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\[email protected] [2016-04-27]
FF Extension: (Firefox Hotfix) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\[email protected] [2016-09-09]
FF Extension: (Gmail Watcher) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\[email protected] [2013-03-23] [not signed]
FF Extension: (Gmail™ Notifier (restartless)) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\[email protected] [2016-07-12]
FF Extension: (LastPass) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\[email protected] [2016-07-23]
FF Extension: (Session Manager) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-03-18]
FF Extension: (FlashGot) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-03-16]
FF Extension: (Clone Window) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\{ab8568cd-1789-4fc8-a530-218e9eab17e2}.xpi [2012-01-29] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Jimbodan\AppData\Roaming\Mozilla\Firefox\Profiles\ycymb86d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-07-20]
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=M476163AF-5D0E-4CA1-97EF-B48E7FB706E3&SearchSource=55&CUI=&UM=8&UP=SPB06FF8A8-51CF-4E46-9FC1-38D59F42623D&D=062815&SSPV=","hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggRIloLWF0TQxgXI11aTA1JFgQOIQgKVRQXEwQXdlsBVAsSQ1MFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlEmRFdoLlZP"
CHR Profile: C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default [2016-09-17]
CHR Extension: (Google Slides) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-17]
CHR Extension: (Reddit New Comments Highlighter) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdilinnnkbmpoegibgacadjlblmpjad [2016-09-17]
CHR Extension: (BetterTTV) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-09-17]
CHR Extension: (Facebook Video Downloader) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2016-09-17]
CHR Extension: (Google Docs) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-17]
CHR Extension: (Google Drive) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-17]
CHR Extension: (YouTube) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-17]
CHR Extension: (Nimbus Screenshot and Screencast) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2016-09-17]
CHR Extension: (Adblock Plus) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-17]
CHR Extension: (uBlock Origin) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-09-17]
CHR Extension: (Steam Inventory Helper) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2016-09-17]
CHR Extension: (Tampermonkey) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-09-17]
CHR Extension: (Session Buddy) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2016-09-17]
CHR Extension: (Google Sheets) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-17]
CHR Extension: (RotoGrinders - FanDuel Tools) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felhhccenjfgepphdanniaeclbjhklca [2016-09-17]
CHR Extension: (FantasyCruncher - Export Tools) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddlbjlbpgcnckmjdkfjeimbciokpcn [2016-09-17]
CHR Extension: (DraftKings Shark Finder for Real RotoGrinders) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhfffikpfjhahmcbhilnooiecodhmcg [2016-09-17]
CHR Extension: (Google Docs Offline) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-17]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-09-17]
CHR Extension: (Table Capture) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iebpjdmgckacbodjpijphcplhebcmeop [2016-09-17]
CHR Extension: (Super Browse for Netflix) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejponamigpndjgdmnpelkohnbpancjf [2016-09-17]
CHR Extension: (Reddit Notifier) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikingdipinldcfllekffnlgbojbbpilk [2016-09-17]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-09-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-17]
CHR Extension: (Enhanced Steam) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2016-09-17]
CHR Extension: (AlienTube for YouTube™) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2016-09-17]
CHR Extension: (Gmail) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-17]
CHR Extension: (Privacy Badger) - C:\Users\Jimbodan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2016-09-17]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-27] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [113160 2015-11-25] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42792 2016-09-12] (Windows ® Win 7 DDK provider)
R2 DisplayFusionService; H:\Util\DisplayFusion\DisplayFusionService.exe [4616216 2016-01-20] (Binary Fortress Software)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [141824 2015-12-16] (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2779136 2016-08-24] (ESET)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 GCloud; C:\Program Files (x86)\GIGABYTE\CloudStation_Server\HomeCloud\GCloud.exe [19776 2015-03-23] (Microsoft)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62760 2015-11-16] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
S4 MBAMScheduler; H:\Util\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; H:\Util\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125736 2015-11-16] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-19] ()
R2 ReflectService.exe; H:\Util\Macrium Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed]
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1831064 2015-11-04] (Intel Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-06] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-06-30] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R0 asstahci64; C:\Windows\System32\drivers\asstahci64.sys [88936 2015-06-17] (Asmedia Technology)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1067304 2015-11-25] (Creative Technology Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [530416 2015-06-18] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263296 2016-08-24] (ESET)
R3 easytether; C:\Windows\System32\drivers\easytthrx.sys [22728 2015-11-22] (Mobile Stream)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-08-24] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [197288 2016-08-24] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [153248 2016-08-24] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [208552 2016-08-24] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [61608 2016-08-24] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84640 2016-08-24] (ESET)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-18] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-06] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [136312 2016-06-27] (Razer, Inc.)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [23968 2015-12-09] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [51488 2015-12-09] (Saitek)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-24] (Intel Corporation)
R3 _hid_0738_1713; C:\Windows\system32\DRIVERS\_hid_0738_1713.sys [180928 2015-12-09] (Saitek)
R3 _usb_0738_1713; C:\Windows\System32\drivers\_usb_0738_1713.sys [46528 2015-12-09] (Saitek)
S3 dbx; system32\DRIVERS\dbx.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-17 18:20 - 2016-09-17 18:20 - 00000000 ____D C:\FRST
2016-09-17 06:19 - 2016-09-17 06:21 - 00000000 ____D C:\AdwCleaner
2016-09-17 04:41 - 2016-09-17 04:41 - 00000000 ____D C:\Users\Jimbodan\AppData\Roaming\Macromedia
2016-09-17 02:44 - 2016-09-17 17:49 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-17 02:44 - 2016-09-17 06:22 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-17 02:44 - 2016-09-17 02:44 - 00003992 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-17 02:44 - 2016-09-17 02:44 - 00003760 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-17 02:44 - 2016-09-17 02:44 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 02:44 - 2016-09-17 02:44 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-16 22:52 - 2016-05-06 15:50 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-09-16 22:31 - 2016-09-06 22:39 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 02656952 _____ C:\Windows\system32\CoreUIComponents.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-16 22:31 - 2016-09-06 22:39 - 01238584 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2016-09-16 22:31 - 2016-09-06 22:39 - 01142560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-09-16 22:31 - 2016-09-06 22:39 - 01098640 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 01030408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-16 22:31 - 2016-09-06 22:39 - 00875480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-09-16 22:31 - 2016-09-06 22:39 - 00845568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00799568 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00705576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00620176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00601744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00414232 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00337328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00328520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2016-09-16 22:31 - 2016-09-06 22:39 - 00277848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-09-16 22:31 - 2016-09-06 22:39 - 00175120 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-16 22:31 - 2016-09-06 22:37 - 00572272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2016-09-16 22:31 - 2016-09-06 22:37 - 00129888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-16 22:31 - 2016-09-06 22:36 - 00528736 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-09-16 22:31 - 2016-09-06 22:36 - 00405856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-16 22:31 - 2016-09-06 22:35 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-09-16 22:31 - 2016-09-06 22:35 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-09-16 22:31 - 2016-09-06 22:35 - 00523616 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2016-09-16 22:31 - 2016-09-06 22:34 - 02587696 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-09-16 22:31 - 2016-09-06 22:33 - 02026736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-09-16 22:31 - 2016-09-06 22:33 - 01297760 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-09-16 22:31 - 2016-09-06 22:33 - 00986976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-09-16 22:31 - 2016-09-06 22:33 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-09-16 22:31 - 2016-09-06 22:27 - 00538632 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-09-16 22:31 - 2016-09-06 22:27 - 00413536 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2016-09-16 22:31 - 2016-09-06 22:26 - 02544256 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 01554152 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 01299504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 01152320 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 01092464 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00858952 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00847648 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00785088 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00693592 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00588320 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00586200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00439136 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00245840 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-09-16 22:31 - 2016-09-06 22:26 - 00131424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufxsynopsys.sys
2016-09-16 22:31 - 2016-09-06 22:25 - 02607336 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-09-16 22:31 - 2016-09-06 22:25 - 01447776 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2016-09-16 22:31 - 2016-09-06 22:25 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-09-16 22:31 - 2016-09-06 22:25 - 01270064 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 03693064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 02180128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 01349632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 01118200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00925064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-09-16 22:31 - 2016-09-06 22:24 - 00709176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00652312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00511312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00496360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00451928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-09-16 22:31 - 2016-09-06 22:24 - 00355672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2016-09-16 22:31 - 2016-09-06 22:23 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-09-16 22:31 - 2016-09-06 22:23 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-09-16 22:31 - 2016-09-06 22:23 - 06536248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-09-16 22:31 - 2016-09-06 22:23 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-09-16 22:31 - 2016-09-06 22:23 - 01603224 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-09-16 22:31 - 2016-09-06 22:23 - 01040792 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-09-16 22:31 - 2016-09-06 22:23 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-09-16 22:31 - 2016-09-06 22:22 - 02937384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-16 22:31 - 2016-09-06 22:22 - 01128096 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-09-16 22:31 - 2016-09-06 22:22 - 01085728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2016-09-16 22:31 - 2016-09-06 22:22 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-09-16 22:31 - 2016-09-06 22:22 - 00604920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-09-16 22:31 - 2016-09-06 22:22 - 00359256 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-16 22:31 - 2016-09-06 22:21 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-09-16 22:31 - 2016-09-06 22:21 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-09-16 22:31 - 2016-09-06 22:20 - 01355336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-09-16 22:31 - 2016-09-06 22:20 - 00569744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-09-16 22:31 - 2016-09-06 22:19 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-16 22:31 - 2016-09-06 22:16 - 02773088 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-09-16 22:31 - 2016-09-06 22:16 - 02548936 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-09-16 22:31 - 2016-09-06 22:16 - 02144512 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-09-16 22:31 - 2016-09-06 22:16 - 01988448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-09-16 22:31 - 2016-09-06 22:15 - 01415200 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-09-16 22:31 - 2016-09-06 22:15 - 00911640 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2016-09-16 22:31 - 2016-09-06 22:15 - 00550656 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2016-09-16 22:31 - 2016-09-06 22:13 - 01865584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-09-16 22:31 - 2016-09-06 22:12 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-09-16 22:31 - 2016-09-06 22:12 - 01522152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-09-16 22:31 - 2016-09-06 22:12 - 01174008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-09-16 22:31 - 2016-09-06 22:12 - 00871776 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2016-09-16 22:31 - 2016-09-06 22:11 - 00503600 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll
2016-09-16 22:31 - 2016-09-06 22:11 - 00057912 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-16 22:31 - 2016-09-06 22:08 - 00116216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-16 22:31 - 2016-09-06 22:07 - 01951848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-09-16 22:31 - 2016-09-06 21:53 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-09-16 22:31 - 2016-09-06 21:52 - 01035776 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll
2016-09-16 22:31 - 2016-09-06 21:52 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-09-16 22:31 - 2016-09-06 21:51 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-09-16 22:31 - 2016-09-06 21:49 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-09-16 22:31 - 2016-09-06 21:48 - 22379520 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-09-16 22:31 - 2016-09-06 21:48 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-09-16 22:31 - 2016-09-06 21:47 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2016-09-16 22:31 - 2016-09-06 21:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-09-16 22:31 - 2016-09-06 21:46 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2016-09-16 22:31 - 2016-09-06 21:46 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-09-16 22:31 - 2016-09-06 21:46 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2016-09-16 22:31 - 2016-09-06 21:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2016-09-16 22:31 - 2016-09-06 21:46 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2016-09-16 22:31 - 2016-09-06 21:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll
2016-09-16 22:31 - 2016-09-06 21:45 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2016-09-16 22:31 - 2016-09-06 21:44 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll
2016-09-16 22:31 - 2016-09-06 21:44 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\VoipRT.dll
2016-09-16 22:31 - 2016-09-06 21:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.ProxyStub.dll
2016-09-16 22:31 - 2016-09-06 21:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-09-16 22:31 - 2016-09-06 21:44 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2016-09-16 22:31 - 2016-09-06 21:44 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-09-16 22:31 - 2016-09-06 21:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\IconCodecService.dll
2016-09-16 22:31 - 2016-09-06 21:43 - 16985600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-09-16 22:31 - 2016-09-06 21:43 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-09-16 22:31 - 2016-09-06 21:43 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-09-16 22:31 - 2016-09-06 21:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2016-09-16 22:31 - 2016-09-06 21:43 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-09-16 22:31 - 2016-09-06 21:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys
2016-09-16 22:31 - 2016-09-06 21:42 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2016-09-16 22:31 - 2016-09-06 21:42 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2016-09-16 22:31 - 2016-09-06 21:42 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-09-16 22:31 - 2016-09-06 21:42 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2016-09-16 22:31 - 2016-09-06 21:42 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-09-16 22:31 - 2016-09-06 21:42 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2016-09-16 22:31 - 2016-09-06 21:42 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2016-09-16 22:31 - 2016-09-06 21:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-09-16 22:31 - 2016-09-06 21:42 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-09-16 22:31 - 2016-09-06 21:41 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\DictationManager.dll
2016-09-16 22:31 - 2016-09-06 21:41 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2016-09-16 22:31 - 2016-09-06 21:41 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-16 22:31 - 2016-09-06 21:41 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-09-16 22:31 - 2016-09-06 21:41 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-09-16 22:31 - 2016-09-06 21:41 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-09-16 22:31 - 2016-09-06 21:41 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
2016-09-16 22:31 - 2016-09-06 21:41 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\fwcfg.dll
2016-09-16 22:31 - 2016-09-06 21:41 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
2016-09-16 22:31 - 2016-09-06 21

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Possible proxy server hijack. Unable to change proxy server settings.

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

RELEVANCY SCORE 133.6

Hi, recently my computer just stop connecting to the internet, during investigating I found that all my web browsers said something about the proxy server. I was able to change the setting whithin Firefox and got it to connect but have been unable to do the same for the other browsers. Also other programs that I have won't connect either (adobe creative cloud). I found a post on this website and followed some of the instructions but wanted to be sure I was doing what my computer needed specificaly. I have downloaded and ran serveral virus protections softwares as well as malware apps (AVG, MalwareBytes, CCleaner). I did have tons of things that these programs removed each. Everytime I go into the internet connections settings and uncheck the proxy setting and check the auto detect setting it just reverts back. Below is one of the reports from Farbar Service Scanner.
 
 
Farbar Service Scanner Version: 17-01-2015
Ran by Tezanomics (administrator) on 24-01-2015 at 00:08:54
Running from "F:\Users\Tezanomics\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
=====... Read more

A:My Lan settings wont change from using proxy server!!! Please Help

Hi, what antivirus programs (Norton, AVG, Avast, etc...) do you currently have installed? Please follow the following instructions:Open Malwarebytes and select History => Application Log.Find the most recent "Scan Log" and double click it. Select "Copy to Clipboard" and paste it in your next reply.Download and execute MiniToolBox.Select the following options:Flush DNSReport IE Proxy SettingsList contents of HostsList IP configList Winsock entriesPaste the resulting log in your next reply.

Read other 1 answers
RELEVANCY SCORE 129.2

Hello, I've done some searches in the forums and tried a few fixes posted for similar issues but had no luck. BackgroundI am running Windows 7 Ultimate 64bit. I recently installed some free software which of course came with some adware, changed my browser settings (home page, default search engines.) After some work I was able to remove them, but now have encountered a new problem which I expect is also malware related. ProblemWhen I direct my browsers to any website I get a message saying that there is no response from the proxy server. I have never used a proxy server for internet access and when I go into my Internet Properties>LAN Settings and un-check "Use a proxy Server for your LAN" and check "Automatically detect settings" the settings are not remembered and revert as soon as I close and re-open "LAN Settings" rendering my browsers useless. Things I've TriedScans withMalwarebytes antimalwareMicrosoft security essentialsSpybot Search and DestroyCCleaner (cleaner and registry)Using regedit to manually delete suspicious registry keysThe FRST fixlist hereThe OTL fix hereAny help you can offer if appreciated. I am accessing the internet via a netbook and have been installing scanners to the infected PC via flash drive.

A:Malware preventing change of proxy server settings/ internet access

Welcome aboard  Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Read other 3 answers
RELEVANCY SCORE 129.2

I have Windows 7, search the internet with Chrome, seems my computer may be infected.  When I click chrome, sometimes it gives me my home page, sometimes it goes straight to the message "unable to connect to the proxy server", when it doesn't go directly to my home page correctly, it also states this exact message with an upside down face.  I did some research online and the Chrome message that people were posting up were a bit different from the one I am seeing. 
 
When I attempt to troubleshoot by going to the Chrome settings and going down to "Change Proxy settings" it prompts "access to this feature has been disabled by a restriction set by your system administrator", even though I am using the system administrator user, which is the only user on the system.  I've tried going in through the cmd line as well, pinged, netstat, tracert would give me results but weren't consistent.  I did a system restore as well, I had Sopho's anti-virus but it was out-of-date, for this was my work computer back in September but think the lease for it ended, so I installed AVG for now just today, most likely the reasoning for the computer being infected and causing this problem.  I have also started the pc in safe-mode, same results, is this a group policy issue?  I am unfamiliar with group policy and couldn't find it within my computer.  I do have the home premium version of 7 for what it's worth.
 
Please, please help, anyone!  I reall... Read more

Read other answers
RELEVANCY SCORE 129.2

I have been fighting with this issue for a while now. I have run the software listed below and after every reboot, the proxy is turned back on.
Malwarebytes
Hitman Pro
Rogue Killer
ADW Cleaner
 
Here is the FRST log.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-12-2014 02
Ran by Front Desk (administrator) on FRONTDESK-PC on 12-12-2014 05:01:54
Running from C:\ACC Tools
Loaded Profile: Front Desk (Available profiles: Front Desk)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Henry Schein, Inc\HSPS.eServices.DigitalHighway.Services.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\ramaint.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\L... Read more

A:Unable to remove proxy server settings 127.0.0.1 Port 8000

I forgot to add that I had previously installed CryptoPrevent on this computer which is why I believe there are so many policy restrictions

Read other 8 answers
RELEVANCY SCORE 116

The only browser I can browse with is Firefox, but other browsers (ie,& Chrome)keep giving proxy server connection errors. I've changed system proxy server settings but they keep getting reset to 127.0.0.1 port 8800.
Can't get to email (Hotmail)
Ran Malware bytes found lots of trash(Malwarebytes can update) cleaned it up but still can't change system proxy server settings.
Any ideas?
Frustrated.
Tom.(1st. post to this forum.)
Thanks.

A:proxy server settings

I think you should go to "Am I infected" part of forum and post there. This sounds like some virus problem.

Read other 2 answers
RELEVANCY SCORE 116

I am confused with Proxy server settings.

When I add an IP address to the LAN settings by "Use Proxy for LAN" , am I bypassing the proxy server set up by the host web site ?

First of all I dont understand the who is setting up this proxy server. If a web host is setting up proxy server, then how can I change it by changing settings on my browser ?

If this proxy seting is for my desktop, then I dont have any proxy server set on my desktop. So whats the point in setting proxy ?

Pls explain.

A:Proxy Server Settings

Here 's a link regarding proxy, I think it's free. They shd be able to provide you all that info once you signed up with them.

http://www.fastproxynetwork.com/

Read other 1 answers
RELEVANCY SCORE 116

my IE has been really slow lately.. and it takes longer than usual to get to my homepage...when it used to be instantly.

through the internet options..and connections...and the LAN Settings... i have checked: use a proxy server for your LAN.
however.. my address and port are blank. how can i find my proxy server?

thanks for the help
 

A:LAN settings- proxy server

Read other 10 answers
RELEVANCY SCORE 116

I am working on a friends computer that keeps resetting the proxy server. I have tried resetting the internet options to default, ran hitman pro and adw cleaner. The proxy server is still checked on after a reboot. How can I fix this with out going into internet options every time I reboot the computer.
 
Running windows 8.1

A:I need help with proxy server settings.

This is usually a malware issue. Please follow the instructions in the link to post to the Am I Infected Forum where experts can have a look at your computer.
 
http://www.bleepingcomputer.com/forums/t/250928/instructions-for-posting-advice-in-am-i-infected-forum/

Read other 1 answers
RELEVANCY SCORE 116

I got a notice on my laptop that said my proxy server/LAN settings need to be changed to access the internet. I cannot access internet at all. Im sure a virus is changing my settings. My laptop will not go into safe mode either. Is there another way to go into safe mode besides f8? Help.

Read other answers
RELEVANCY SCORE 116

Hello, where do I find the Proxy Server Settings on my Samsung NoteBook Pro SM-P900 12" tablet?
I am unable to get internet service--it keeps saying that it cannot find my proxy server. There should not even be a proxy server, I am pretty sure. Just can't find that setting. Android Kit Kat 4.4 op system.
Thanks

ERR PROXY CONNECTION_FAILED
 

Read other answers
RELEVANCY SCORE 116

afternoon all,

i have recently put a lot of effort in to setting up a media server. i'm getting a big issue with windows being stupid and trying to use my proxy server on local addresses even though i told it not to.

this is infuriating because it overloads my proxy server and interferes with the steaming from my media box. if i disable the proxy settings in windows it streams fine. but then i'm obviously not using my caching for the interwebs.

there must be a simple fix that i'm overlooking but i just cant find the solution

many thanks

Read other answers
RELEVANCY SCORE 116

HI all,
Having just spent several hours trying to prevent the LAN proxy server being set by some nefarious program I thought I should record the solution and the culprit. The OS is Windows 7.
 
The culprit was connected to an IE toolbar called easyfundraising toolbar.
 
It had been disabled **and did not appear in the (add)remove programs list, yet it was still able to enable and change the LAN proxy settings on every boot and sometimes after a few minutes.
 
This setting prevented the Mcafee technical support connecting remotely to the computer according to computer user. I've no idea if this was a legitimate tech support arrangement.
 
After multiple scans by numerous anti virus and specialist security software in safe mode and in normal boot.
After using ccleaner and msconfig to selectively prevent many start-up programs.
After following advice on tech websites including this one and at Microsoft regarding this LAN proxy being set problem.
 
 
I closely looked again at IE's list of Add Ons all of which had been previously disabled.
This was listed:
TBSB03575 Class
 
It was disabled which led me to believe that it was inactive but some program connected with it (judging by the solution) was setting and resetting the LAN proxy.
 
Clicking 'more information' in IE 'manage add-ons' dialogue revealed this:
 
Name:                   TBSB03575 Cla... Read more

A:LAN settings proxy server being set to 127.0.0.1

Good investigative work. Is everything working ok now?

Read other 3 answers
RELEVANCY SCORE 115.6

Hello.  Recently I was downloading some software
from a survey and learned that a lot of that stuff contains
viruses.  Well I went to uninstall it, and when I did
I can no longer use the internet, and it gives me a proxy error.
When I go to change the proxy settings it has it saved to "<-loopback>" and
the address is "http=127.0.0.1:59943;https=127.0.0.1:59943"
Whenever I try to change it, it doesn't save.  And it is
I'm typing this from my girlfriend's unaffected computer.
I try running Maleware Bytes, but it doesn't run, and I can't seem to get into safe
mode on this computer for some reason.  
I'm running Windows 8.1, and oddly enough I see no suspicious background processes.  
That's my problem, if someone could help me I'd greatly appreciate it. 

A:Proxy virus. Won't let me change or auto-detect proxy settings

Please do the following.  Please download and run RKill RKill is an easy to use tool that kills known processes and removes Windows Registry entries that stop a user from using their normal security applications.  These settings will remain until the computer is rebooted, for this reason you must run the security application before the computer is rebooted.   Please download RKill and install it. When RKill is run it will display a console screen similar to the one below:  When RKill has finished running a log will be displayed showing all of the processes that were terminated by RKill. Attention:  At this time you need to run the software posted below. While RKill is running you may see a message from the malware stating that the program could not be run because it is a virus or is infected.  This is the malware trying to protect itself.  Two methods that you can try to get past this and allow RKill to run are: 1)  Rename Rkill so that it has a .com extension. 2)  Download a version that is already renamed as files that are commonly white-listed by malware. The main Rkill download page contains individual links to renamed versions.   After all of the scans have run successfully you should reboot the computer to restore the processes and Windows Registry entries.   Please run Malwarebytes AntiMalware Please download Malwarebytes Anti-Malware.  After cli... Read more

Read other 2 answers
RELEVANCY SCORE 115.2

Hello!
 
I am trying to change my proxy address but every time i do it resets automatically.
 
Excluded addresses are ;*origin.com;*ea.com;*akamaihd.net

A:Cannot change proxy server

Hello,Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/562998/proxy-server-keeps-being-reset/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.Please be patient. It may take several days to get a re... Read more

Read other 1 answers
RELEVANCY SCORE 114.8

I just received help removing some malware but I am still having my Proxy Server in Lan Settings keep changing so I can not connect to internet through browser until i manually change it back.

I was told to post these two logs:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Store 667 at 22:17:12.82 on Tue 05/10/2011
Internet Explorer: 8.0.6001.19048
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uStart Page = hxxp://www.yahoo.com/?.home=ytie
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com/?.home=ytie
mDefault_Page_URL = hxxp://www.yahoo.com/?.home=ytie
uInternet Settings,ProxyOverride = *.local;<local>
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files&#... Read more

A:Proxy Server in Lan Settings keep changing

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

Read other 2 answers
RELEVANCY SCORE 114.8

Hi,
 
I am new to this forum and i am hoping to get some help for more experienced   people then me, i will explaining problem below.
 
I had problem past month where i had all my browsers Chrome,Opera, Mozilla been hijacked by n.net , so thing is when i do search on Google , the browser goes through to proxy settings , gives same results form google.com but  it is not Google.com it is just imitation of Google. I try to do things before i completely wiped windows and format SSD . Things i try was :
 
1.Install Kaspersky Anti-Virus 2016 do a full scan and fined nothing.
2.Then i try to remove proxy setting from Chrome,Opera,Mozilla it did work for Mozilla but for Opera and Chrome same staff  after i do search they reconfigure to use proxy from local settings and local settings just set proxy setting by some sort of script or something.
3.After that i did some research, and download SpyHunter, they fined few things and i fix it but still nothing is happening , after i do search everything reconfigure to use proxy from local settings.
4.Then i reinstall Windows 10 clean installation i installed NOD 32 clean with paid licence key .Every thing was fixed . After few days it happened again.
 
And i come here to ask for experienced people.

A:Proxy settings hijacked by ɴ.net/server.pac

Hello  Welcome to Bleeping Computer.  My name is fireman4it and I will be helping you with your Malware problem.Please take note of some guidelines for this fix:  Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.  If you do not understand any step(s) provided, please do not hesitate to ask before continuing.  Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".  In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.  Finally, please reply using the Post button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.  I will be analyzing your log. I will get back to you with instructions.1.Please download AdwCleaner by Xplode and save to your Desktop.Double-click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As Administrator.The tool will start to update its database...please wait until complete.Click on the Scan button.AdwCleaner will... Read more

Read other 0 answers
RELEVANCY SCORE 114.8

I am having trouble with my upstairs computer. I can't get on the net with it because i some how screwed it up. So i am also trying to reinstall IE6 on it but when it tries to connect to the download site it can't, one option was to connect using a proxy server. My problem is i dont know my proxy server settings. (address and port) how would i find that out?(DSL)
 

A:Solved: Proxy Server Settings.....plz help!!!

Not sure if this is a security problem, but there is one way to find out.

Go to www.spywareinfo.com/~merijn/files/HijackThis.exe Click on the Hijackthis.exe.

Click the "Scan" button when the scan is finished the scan button will become "Save Log" click that and save the log.

Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.

DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required. Someone here will be glad to advise you on what to fix.

*Note: When you download Hijack This Do Not download it to a temp folder or to the desktop. Create a permanent folder somewhere like in My Documents and name it Hijack This and put it in that folder.
__________________
 

Read other 2 answers
RELEVANCY SCORE 114.8

Normally, I connect to my ISP through a dial-up connection. However, while gaining remote access to my workplace I was experimenting with using the proxy server at work for the Internet and changed my Internet properties to use a proxy server and I entered the info under the connections tab, clicking LAN. This didn't work and so I deleted the proxy server settings and tried to go back to my normal dial-up internet connection through my ISP but that won't work now. It's looking for the proxy server even though I erased the settings under Connections, LAN. I can't find any trace of the proxy settings yet the computer dials up to my ISP, connects okay(validates password), and then when I try to access a web page it begins searching for the proxy server I had entered. Eventually, I get a message saying that it can't find the server PROLIANT1600, which was the proxy server I entered. How can I get rid of this Proxy server info?
I need to get my old Internet connection back. Thanks for any help.
 

A:Delete Proxy Server Settings

Read other 10 answers
RELEVANCY SCORE 114.8

Two days ago I was having problems with firefox freezing and Mcafee anti-virus showing warnings "your PC is at risk". I would turn it back on, but it would go off again. I used the Mcafee Virtual Technician and it identified a couple of problems, including "proxy server settings incorrect".
I contacted Mcafee and they re-installed Mcafee and unchecked the box in LAN settings that says "use a proxy server for LAN".
Mcafee and firefox are working OK again now, but the "use a proxy server for LAN" box keeps re-checking itself.
How can I keep this box unchecked, and prevent it from re-occurring?
Also, in HTTP settings, I have unchecked the box for "use HTTP1.1 through proxy connections" and I have no idea if this is useful or recommended. Help, please.
Doffer
 

A:Proxy server settings incorrect

You may have a program that is doing that, like McAfee, or some malware. I am referring this to the malware section to check for any nasties that is causing this.
 

Read other 2 answers
RELEVANCY SCORE 114.8

Hello,
 
My proxy server settings keeps changing automatically. My internet runs normally when the box for using a proxy server for my LAN is not checked, but it keeps checking itself.
 
 

 
When it gets checked a lot of spam cross my screen, what makes me believe it's caused by some kind of adware. 
 
Can anyone recommend a solution to this problem?

A:Proxy server settings keeps changing

download the following 3 programs and run them in this order,
 
- adwcleaner
- JRT
- malwarebytes
 
see if the problem is gone after that

Read other 6 answers
RELEVANCY SCORE 114.8

Under Internet Options, connections tab, settings, in the proxy server section ... the boxes are normally unchecked. But every now and then when I cannot connect to the internet, I look there only to find the boxes checked!!!! Creepy!! How do I prevent this? I have Windows XP Pro, Zonealarm and AVG as my main protection; running on a Intel CoreDuo laptop with 1Gb RAM, 60 Gb HD. Thanks guys!!!
 

Read other answers
RELEVANCY SCORE 114.8

one of my colleagues at work, is regitered with snapfish.com, she uses it to upload pictures there and stuff. anyway the other day she was uploading some more pictures, and they upload ok, but then this window pops up titled "snapfish- proxy settings" and it asks to enter the proxy server username and password . the window won't dissapear and when i end the process it just turns off the snapfish page with it. this computer is one of the 25 worksatations in the company.
i contacted snapfish.com customer support they said that i have to look for my proxy server settings and put them their. i'm not sure where to find these proxy server settings.

any ideas guys.

thanks in advance!!
 

A:need help findinf proxy server settings.

At IE go to tools > Internet options > connections. if you are using LAN slect LAN button. if you uses dial-up click the name of the dial-up and select settings.

Good Luck!
 

Read other 2 answers
RELEVANCY SCORE 113.6

Hello! Im Nada, im working on an ACER laptop running windows 7.i prefer to use google chrome. but every time i start my computer and open chrome i get a message that states theres no connection and to check my proxy sever. every time i check it, theres numbers in the LAN boxes and i just delete it and disabel LAN all together. and today i realized there was a note on my desktop labeled "MSDFMAP" and i have no idea what it is or where it came from.the note itself includes the following :

;[connect name] will modify the connection if ADC.connect="name"
;[connect default] will modify the connection if name is not found
;[sql name] will modify the Sql if ADC.sql="name(args)"
;[sql default] will modify the Sql if name is not found
;Override strings: Connect, UserId, Password, Sql.
;Only the Sql strings support parameters using "?"
;The override strings must not equal "" or they are ignored
;A Sql entry must exist in each sql section or the section is ignored
;An Access entry must exist in each connect section or the section is ignored
;Access=NoAccess
;Access=ReadOnly
;Access=ReadWrite
;[userlist name] allows specific users to have special access
;The Access is computed as follows:
; (1) First take the access of the connect section.
; (2) If a user entry is found, it will override.

[connect default]
;If we want to disable unknown connect values, we set Access to NoAccess
Access=NoAccess

[sql default]
;If we want to disable unk... Read more

Read other answers
RELEVANCY SCORE 113.6

Hello all,

I would very much appreciate an answer to ease my anxiety. To be able to watch a basketball game on a foreign tv channel on-line, I was advised (on a fan forum) to connect to some member's computer since the tv site only allowed people who lived in that country to connect to the site and observe the game. I normally use Firefox but the directions were for Internet Explorer. I connected ("use a Proxy server for your lan" - entered the given address and port numbers), watched the game and ... forgot to change the LAN settings back to what they previously were. In fact, I turned off the internet explorer and was using firefox for 1.5 days before I remembered to change the settings on IE. I have a wireless connection and it was on all this time. My question is: could this member whose proxy I was using (or anyone else) access the content of my computer? If so, is there a way to check? Should I worry about viruses? I have a firewall etc. Thank you very much for your help!
 

A:Changed LAN settings to use a different proxy server: is it safe?

bump
 

Read other 1 answers
RELEVANCY SCORE 113.6

Hello,
I really hope someone can assist me. I have a wireless modem from qwest that is directly connected by ethernet to my desktop. My lap top has a linksys network adapter card (wireless g notebook adapter), which as worked great until yesterday. I was deleting some programs off of my laptop to make room for my micorosoft office suite. Ever since then it will not connect to the internet. It says "you are connected to the access point, but the internet can not be found." Obviously I can conncet via my tower. I'm thinking my local area network setting...maybe the proxy server setting need to be adjusted. Am I on the correct path? or is it something else. Any help would be greatly appreciated.

Rebecca
 

A:LAN Settings-proxy server for wireless connection

hey becca,
What is the local IP address of the laptop? Or of the desktop? Or subnet and gateway?

I am assuming that the connection to the access point you are mentioning is giving you a local IP address...

Also, Is the laptop wireless connection setup as DHCP in the TCP/IP properties?

If you are using only the Qwest Wireless router that they sent to you for Internet access for all PC's, no proxy settings need to be changed or added....
 

Read other 1 answers
RELEVANCY SCORE 113.6

I have been having numerous problems with this machine (and another desktop). Something keeps changing my Internet options to "use proxy server" In the Options tool menu. I am also getting script error warnings now on IE. I had to make IE my default browser today because I couldn't see some of the buttons on the forum pages that I follow. I.E. "comment", "quote" etc. while having Firefox set as my default browser. I usually use Firefox. I had problems last week and Mozilla recommended a "beta" version 34 but that didn't fix the issues. I also paid for and activated Malwarebytes Pro and it found problems on multiple scans on this machine after restarts.
 
I just installed a brand new hard drive in the problematic desktop too.
 
Running IE 11.
 
Can't even find the search window in IE 11 (it's MIA). Can't set my default search engine which has always been Google.
 
Sudsy

Read other answers
RELEVANCY SCORE 113.6

Hi,  I made the mistake of using some software that was bundled with other programs.  I have tried to delete everything that seemed malicious and have used several trojan finder/remover programs.  They seem to have found and removed some things but now I am having another problem.  Whenever I start the computer, I find that it is trying to use a proxy server and can't connect to the internet.  I have gone in and deleted all of the info in the proxy settings window and disabled the proxy server, then check automatically detect.  After I check OK and close the window, I go back and the proxy server is checked again and the info that I deleted is back.  The only way I can get the computer to connect to the internet is to start in safe mode with networking and delete the settings.  This will hold while I am in safe mode but when I reboot normally, the problem is back.
 
Any help would be greatly appreciated.  
 
Thanks,
 
Josh

A:Can't delete proxy server settings - always reappear

Try going to Internet Options in the Control Panel.
Hit the connection tab and make sure there is nothing in the dial up rectangle (if there is, remove it), then hit the LAN settings icon near the bottom right, checkmark the top option to automatically detect settings and make sure the bottom one for proxy's, is UNCHECKED.

Read other 2 answers
RELEVANCY SCORE 112.4

Pastaquote was infecting my son's computer. I followed your recommended steps to remove it. When finished, was not able to connect to the internet. "proxy server is not responding" When going to internet options/connections/LANsettings and unclicking use a proxy server for your LAN, it always rechecks itself. I have no idea how to make it stop rechecking itself. I have rerun adwcleaner, emsisoft and malwarebytes with nothing detected. I am contacting you using my laptop. Any help would be greatly appreciated.

A:proxy server will not change after removing pastaquote

Try running rkill as it should reset the proxy settings as part of its scan.http://www.bleepingcomputer.com/download/rkill/

Read other 14 answers
RELEVANCY SCORE 112.4

Google Chrome keeps changing my proxy server settings every 20-30 minutes. Its nothing major but its annoying having to change the setting so often. I have run multiple virus scanners and found nothing.

A:Google Chrome keeps changing my proxy server settings

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/531736 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 112.4

Hello,

I have a strange issue. My computer was running fine. Then I took it to the main lobby and hooked up the internet through hard wire. It worked fine as I connected to the interent. When I went back into my office and connected to the internet I got page cannot be displayed. I cleaned out all the temporary internet stuff with ccleaner and did the clean registry, still nothing. A friend gave me hijackthis and I ran it and came up with some strange settings in proxy. So I went into interent options to try and change them, but they don't go away. I do apply, ok, and exit IE but they come right back. I used hijackthis to remove them and it worked. Unfortunately I had to do another presentation in the main lobby, same thing happened. I looked through the first steps and ran them all and can't find anything. I am running XP SP3 and have avg8 free running. I don't do any web surfing or downloading of software. Any help or ideas would be greatly appreciated.

Thanks,
Ghost

A:Internet Proxy Server Settings have bogus data

Hello, greyghostx
Welcome to TSF

My name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)
Please give me some time to look over your computer's log(s).
Please take note of the following:In the meantime, please refrain from making any changes to your computer.
Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. :)
If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
Finally, please reply using the button in the lower left hand corner of your screen.
Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" .

We need to create an OTViewIt ReportPlease download OTViewIt by OldTimer.
Save it to your desktop.
Double click on the icon on your desktop.
Click the "Scan All Users" checkbox.
Push the button.
Two reports will open, copy and paste t... Read more

Read other 2 answers
RELEVANCY SCORE 112.4

I have a laptop that has sometime of setting for the Internet LAN that I cannot modify. I assume that this is in the registry somewhere. I have attempted to download malware and adware software searches for it and could not locate anything. I have all of the logs. Now I cannot access the internet at all on this machine so I have been utilizing a thumb drive to install items. 
 
It is extremely frustrating, but I see that others are experiencing the same issues. 
Please help. 
Thanks. 
 

A:Proxy server isn't responding. Check settings 127.0.0.1:8800

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/557408 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 25 answers
RELEVANCY SCORE 112

I am trying to connect to the internet but every time I try, it results in a screen that says unable to connect to proxy server. I have tried going to the computer settings and turning off proxy server but it always goes back to the same thing. Please help!

A:Unable to connect to proxy server

Welcome DanzorgPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.Note: When using "Reset FF Proxy Settings" option Firefox should be closed.Download TDSSKiller and save it to your desktop.Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here....ADW CleanerPlease download AdwCleaner by Xplode and save to your Desktop.Double-click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As ... Read more

Read other 23 answers
RELEVANCY SCORE 112

When I ran Malwarebytes Anti-malware and deleted malware files on my PC, I couldn't start any browser.  I get the error message, "Unable to connect to proxy server".  Could you help please?

A:Unable to connect to Proxy Server

Can you run this by copying it to a flash drive and run from thereIs it possible that you can post the MBAM log you have.Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Read other 10 answers
RELEVANCY SCORE 112

Hi
 
I keep getting that error when i open my google chrome.
It have disable me from using chrome or IE.
But i'm able to update malwarebytes and it have removed a few adsware.
 
May I know how i can fix this problem?

A:Unable to connect to the proxy server

anyone able to help?

Read other 22 answers
RELEVANCY SCORE 112

Hello
guys please I need your help, my laptop keep saying
Unable to connect to the proxy server what can I do to fit it please
 

A:Unable to connect to the proxy server

You are getting this message because the laptop can't find a wireless network to connect to...
 

Read other 1 answers
RELEVANCY SCORE 112

The use of JRT...did the trick.
 
Charlie

A:Unable to uncheck Proxy Server

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/557279 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 112

I have a Toshiba laptop with Windows 8. A couple of days ago, I try to log into my internet and I would get this message. I follow the instructions to change the LAN settings. Here's the kicker, I have to do it every single time that the computer boots up, comes back from hibernation. It is really getting annoying. What can I do to leave the settings so I don't have to do it 5 times a day?
 

A:Unable to Connect to Proxy Server

Inside your LAN settings, can you tell me what number you see for port?

Next, download the free CurrPorts. No installation required. Simply run the executable file.

Make sure your browser is open before running the program.

If you see that particular port in the list, please copy the whole line(s) and paste it into your next reply. To copy, right-click and select "Copy Selected Items".
 

Read other 1 answers
RELEVANCY SCORE 112

Dear all,

First of all, thanks for taking time to read this.

My laptop is using a proxy server. I am using the google proxy server.
Some websites are blocked in my country, so i use this to access them.

Recently, my laptop contracted some type of virus.
Since then, I have trouble connecting to internet in the internet browser.

I am using google chrome, but it comes with the error message Unable to connect to proxy server.

The same goes with other web browsers.

I know i can uncheck the options to use the proxy servers, and yes i did this, i am able to browse the internet again, but i want to use the google proxy servers.
Why before this it was OK using it, then suddenly i am unable to use it anymore?

I think it is the virus.

Can anyone help me?

Here I attach the log files from hijackthis.

Thank a lot.
 

A:Unable to Connect To Proxy Server

welcome to TSG. Just to be sure, you are trying to access sites not available in your country?
 

Read other 3 answers
RELEVANCY SCORE 112

I'm not really sure what happened,but all of a sudden I get this error message,Unable to connect to proxy server- i can get on the internet, but cannot download anything. I know it is a problem with my Windows machine only- my moms computer connects fine - I think- and all my Linux machines are fine. I ran the Temp File Cleaner- no luck.I was going to download malwarebytes,but like I said I can't download anything- also turned off Firewall temporarily and reset to defaults. Windows Defender did not find anything- I can probably download the setup.exe for Malwarebytes from my mom's computer, onto a flash drive- but not tonight- I am stumped! Help!

A:Unable to connect to proxy server

Hi there,If you can't download tools directly on the sick computer then use a flash drive to transfer it over instead.Let's see what we can do.MiniToolbox by FarbarPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList DevicesList Users, Partitions and Memory size.List Minidump FilesList Restore PointsClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.===Security Check by screen317Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.Regards,Alex

Read other 20 answers
RELEVANCY SCORE 112

Hello there:
 
Whoever you are thanks a lot,  to take the time to help me.
 
I have a pc windows 8.1, 64 bits, seems that i have security problem, i can't use internet explorer, i can't use google earth, or Chrome, just Firefox. I have run avira, malwarebytes and they haven't fixed the problem , help please.
 malware.txt   1.02KB
  3 downloads

A:Unable to connect to the proxy server

Hello Rufo100 and welcome to BleepingComputer!      
 
My name is Sirawit and I'm here to help you.
 
Please note that I'm currently in training and my fixes need to be check for approval first, that may delay our fix a bit, but I will normally reply back in 24 hours.
 
If I don't reply after 2 days, feel free to PM me.      
==========================================================================Some points for you to keep in mind:
Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be o... Read more

Read other 44 answers
RELEVANCY SCORE 112

Hello, my name is Joseph Rothchild and I do programming, animation, graphic/web design, and audio/video production. I also do advertising online and I contracted some adware, so I used WebRoot Internet Security and cleaned up my laptop. My laptop runs Windows 7, it is a Dell Ispiron, and it runs the internet off of a Arris Router through time warner cable. 
 
Once I ran WebRoot, it restarted my computer suddenly. When it finished restarting, it came back on saying that Windows had recovered from an unexpected shutdown. When I went to go back to work all my browsers said that they were Unable to Connect to Proxy Server. My router is fine and working (that is how I am on my desktop right now) and it says that it is connected. 
 
I have tried going to command and running:
 
ipconfig  ENTER
netsh winsock reset ENTER
 
Restart the computer, still not working.
 
Disabled my adapter, removed all the networks. 
Enabled adapter, reconnected to my router.
 
netsh activate ipv4 (and v6)
 
I dumped the DNS
 
 
NOTHING WORKS! I have tried ALL OF THIS MULTIPLE TIMES and in different combinations. Nothing has worked and I do not know why. I have reset my router, I tried hooking it up via ethernet and to no avail. 
 
Can someone please help? My laptop is my well being. It is how I take care of my family and I have a project due tomorrow. Thank you for your time and consideration.

A:Unable to connect to Proxy Server - Need Help!

Hi
 
Have you checked the proxy settings in each of the browsers on the computer?
- Try disabling / removing the proxies. If you still get the problem after this let us know.

Read other 1 answers
RELEVANCY SCORE 111.2

How can I create I .reg file or command line to change between connecting with a proxy server (address: proxy or 10.22.12.12, port: 8080) and directly?

A:Create reg file to change between connecting with proxy server?

-updated-

I use chrome portable for my proxy connections with this command:
GoogleChromePortable.exe --proxy-server=socks="localhost:1080"

This opens a Chrome browser and opens the socks internet proxy for the current session and any tabs opened in that session. Once the browser is closed it is rest to normal.

netsh winhttp command also might be what you're looking for too. This will run the proxy until its reset.

http://technet.microsoft.com/en-us/l...0).aspx#BKMK_5

Create Proxy connection:
netsh winhttp set proxy 10.22.12.12:8080

Reset poxy connection:
netsh winhttp reset proxy

Read other 3 answers
RELEVANCY SCORE 111.2

I'm apologizing now if I have this posted in the wrong place or haven't dug deep enough into the forums for an answer. Also I see that I have some extra stuff in the report because I tried to do the Windows Update but couldn't and forgot to run the clean up again. My problem is that every time I connect to the internet, through any program, I have these settings again. The proxy is enabled to use 127.0.0.1 with the port 5400. I have deleted them and unchecked the boxes and clicked OK but they always come back. They are in my registry too, only when I connect though. I'm afraid to do much in the registry without advice.This all started after I did a reinstall of Internet Explorer and was looking at the Internet Options>Connections>Settings>Proxy>Advanced just to see what was in there, which was nothing. I had to check the box for "Use a proxy..." to look and when I closed out a pop up screen asked me if I was sure I didn't want a proxy and I clicked yes. So fine, I unchecked "Use a proxy..." but then wanted to look at it again. I did all the same but this time a proxy suddenly appeared out of nowhere. I noticed that my web pages were coming up faster and so left it there but then began to get spam email from Canada the next morning and got worried about it. I can't get rid of it now. I can uncheck it everytime I connect but what a pain and is it really gone? What is it up to?I did all the prep work recommended by BC, which took several hours an... Read more

A:Trouble With Proxy Server And Port Settings In Internet Tools

Hi Everyone, I found out what was making my proxy and port default every time, finally. It was my new Web Accelerator from my ISP. That is how they are enabling a faster service. But in the meantime, since I followed your preparation instructions I was able to find the other stuff that most likely caused the not so nice spam emails. I had also installed a "new" program around the same time. In the Print Shop ProPublisher 2000 ver. 10 the BitDefender scan found a Backdoor. Ralpha.A and a Brodcast Dssagent. So I had (1) Trojan.Dloader.BUP, (2) Backdoor.Ralpha.A, (1) Generic.Adw.SaveNow.56AD4696 (leftover from a downloaded screensaver, I think), (1) Brodcast DSSAGENT and (2) Trojan.Dloader.AMA's altogether. The AMA's were sticky. The BitDefender could not get them out. After a few tries, I then downloaded the CounterSpy program (4 to 5 hours on dial-up ) and was able to remove them. A tip: Run your scans again until you get a clean scan. Don't assume that all was found and deleted on the first try. So I'm hoping that all is clean as a whistle ! I hope someone can give my new Hijack This report a look and see if it is OK. Keep in mind that after doing all that scanning and coming back clean I then uninstalled the bad Print Shop ProPublisher and did some other stuff before doing the report. I did the disk clean up and Eusing Registry Cleaner to try and make a clean report. Hope it is OK. I'm wondering if the two that I've marked in red can go? Thanks for your at... Read more

Read other 6 answers
RELEVANCY SCORE 111.2

Hi everyone,
 
Here is my issue, my computer is functioning ok except for internet explorer. I am able to google and search things but when I try to enter a number of different sites (such as the malwarebytes download page) I receive a message that says "the proxy server isn't responding." "Check your proxy settings 127.0.0.1:8877." When I go into internet options --> Connections----> Lan Settings, the "user proxy server for your lan" is checked and greyed out. I have run malwarebytes which did not fix the issue. Someone mentioned checking a proxy setting in regedit which was set to 1, when I change it to 0 as I was recommended, It did not fix the issue and simply reverted to 1. Im not sure if that is relevant at all but this issue is quite frustrating and any help you could provide would be greatly appreciated.
 
Thanks!
 

A:Internet Explorer says "The Proxy Server Isn't responding" and settings locked

Hello,
Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.
Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.
If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Read other 2 answers
RELEVANCY SCORE 110.8

Hello,
 
3 days back, I noticed a new process called "isupdate.exe" listed under processes using up network, in resource monitor. Around the same time, google chrome started acting weird. These are the things I noticed:
 
1) Google search results in my desktop are different from those in my laptop (which is working fine). For example, when I search for "calculator", in my Laptop I get an actual calculator in the results which I can use. Whereas in my desktop, I just get links for other websites.
 
2) Videos in websites other than youtube don't play, they get stuck at loading forever. When I play a video, "isupdate.exe" starts eating up the whole network.
 
3) When I do "end process" to this "isupdate.exe" in Resource monitor, I'm no longer able to access internet. In Chrome i get "Unable to connect to proxy server" error. the same with Internet Explorer.
 
I started searching the web for this issue and I found that it may be caused by a malware. I have tried the following things so far (as per various forums on this topic):
 
1) Going to safe mode and modifying the registry key value of "proxyEnable" under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings to "0".
But when I restart and go back to normal mode, in internet options, under Connections>LAN settings> the "Use a proxy server for your LAN"  box is checked and greyed out. I cannot uncheck this in normal mode. (attached image). and yet the regis... Read more

A:Unable to Disable proxy server permanently

I forgot to mention one other thing:
 
I use the same network (using wifi router) in my laptop and there is no such problem there. So i guess it rules out the problem being with the router?

Read other 11 answers