Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 31, 2014 18:30:36 GMT -8
Norton has blocks in the security logs anyway as part of the anti tamper technology a) Click the Scan Button and wait for the scan to finish, (If Adwcleaner has been left open at the finish of the scan this is already done). b) Make sure in your case all the items under each TAB are ticked / checked then. c) Click the Clean Button and Adwcleaner will process all the items ticked / checked and then may ask for the system to be restarted.d) It should create a new log afterwards (with S0 in the name). Here is a Screenshot exampleIt will create a new log afterwards with [S0] in its name Quads
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 31, 2014 19:13:12 GMT -8
I have been notified by another MR of 2 possibilities, one being if it is a INTEL Basted system and Not AMD which can cause a problem with Windows due to the Hard Drive Working Harder and not keeping up with what Windows wants to do. Download Roguekiller www.bleepingcomputer.com/download/roguekiller/ On to the DesktopDownload Now @ Authors SiteStart Roguekiller and it then goes though a Pre scan once it is finished that click the " Scan" button When it is finished click the " Report" button and then post back the report. This is because at the moment with my test. Roguekiller is a cruder scan and remove program, but also has False Positives at times Quads
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 31, 2014 19:42:31 GMT -8
Are you using a Proxy Server for Browsers / Internet on purpose??
Quads
|
|
|
Post by maldemarstor on Mar 31, 2014 19:49:08 GMT -8
No.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 31, 2014 20:01:59 GMT -8
I have never seen an IP address like that, first time for everything Is not set for the whole PC, just one user account.
Go though the scan process again if Roguekiller is not still open and waiting, Or once it has finished the scan, make use the Proxy Server entry is ticked for removal and Press the Delete button.
Quads
|
|
|
Post by maldemarstor on Mar 31, 2014 20:08:52 GMT -8
There is no check mark box next to the entry on the Proxy tab. The only things with boxes available are the two registry entries. There is a "Fix Proxy" button on the right side of the console.
Would you like me to DELETE anyway?
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 31, 2014 20:11:12 GMT -8
You can click fix proxy and click delete.
Quads
|
|
|
Post by maldemarstor on Mar 31, 2014 20:13:48 GMT -8
Executed both. Would you like me to scan again?
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 31, 2014 20:47:21 GMT -8
You can if you like and then restart the system to see if nay change
From the Roguekiller Creators
A malware can also use the proxy configuration to filter web accesses, and then:
Protect himself from downloading antivirus softwares (by blocking the corresponding pages and searchs)
Sniff the internet traffic (and get passwords, session cookies, …).
Redirect user to malware websites, or on ads. … Here’s an example of proxy configuration. It’s hard to determine if it’s legit or not without knowledge of the network architecture of the user. Usually, only the user can determine if he uses or not that kind of proxy.
¤¤¤ Registry: 3 ¤¤¤ [PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (10.25.52.205:8080) -> FOUND [PROXY FF] n2aqvo03.default\ 10.25.52.205:8080 -> FOUND Above lines are showing proxy configuration on both Internet Explorer and Firefox. If such a configuration is defined, then it will be displayed after a Scan in the Proxy tab, or in the Registry section of the report. The Proxy Fix button switches every proxy off. Once the reset finished, a text report is available by clicking on the Report button. It is also available on the desktop (RKReport[#].txt).
|
|
|
Post by maldemarstor on Mar 31, 2014 21:08:12 GMT -8
I long ago removed the "Computer" and "My Name" folders from my desktop. I notice they returned after the reboot. I just sent you the new scan report.
I apologize for not stating it sooner, but you have my thanks!
|
|