127.0.0.1 Proxy Server Virus

[Krovos]

I'm working on a clients computer that appears to have a proxy server virus. The proxy server is set for loopback (127.0.0.1) and it will revert all changes I make to it.

I disconnected the HDD, threw it in my system, ran Avast, Malwarebytes, and ADWcleaner, with no success.

What could I do to clean this system of infection?

 

[voyagerfan99]

Did you try changing the host file?

 

[Krovos]

Here is where I am currently at... I was able to change the registry entries this virus affected and removed the proxy configuration. I was then having issues with DNS, which I fixed with a, "netsh int ip reset", "netsh winsock reset", and "ipconfig/flushdns". This resolved the DNS issue on restart, as I could now ping domain names as opposed to ip addresses. Now, my new issues, all of the applications crash when I go to start them. Internet browsers wont work, antivirus wont work, malwarebytes wont work, aswmbr wont work, nothing will work. I have internet connection, ping clarifies that for me, I just cant use any apps now. I get the same results whether in standard boot or safe mode.

 

[beers]

Sounds pretty hosed to me. Even if you could fix all of the issues it'd be both labor intensive and you have no assurance you would actually plug all of the holes.

I'd tell them it's fresh install time.

 

[Krovos]

Sounds pretty hosed to me. Even if you could fix all of the issues it'd be both labor intensive and you have no assurance you would actually plug all of the holes.

I'd tell them it's fresh install time.

I was hoping it wouldn't come to that, but I believe you are correct. Time to break out the old install key. Thanks guys.