How to get rid of a specific virus?
August 8th, 2016
When I go into “Local area network settings” I notice “Use automatic configuration script” on and this ip address
http://37.0.121.160/router.pac
I delete it, and then remote the checked box but it just comes back.
I did a virus removal and it detected this virus in my C:windows/syswow64 folder and also windows/temp folder however still didn’t completely get rid of it. I can’t access Google.com it says “Unable to connect to the proxy server” for some reason it only happens when I try to go on google… How do I get rid of this thing?
That pac file just blocks google and bing:
function FindProxyForURL(url, host) { if (shExpMatch(host, "www.google.*")) return "PROXY 127.0.0.1:8080";
if (shExpMatch(host, "www.bing.com")) return "PROXY 127.0.0.1:8080"; return "DIRECT";
}
I’m guessing you have a start-up entry that auto replaces the pac listing.
Look for “autoruns” online (there are other search engines!) and run it, look for unusual entries (post a screens hot here if you’re not sure – make sure we can read it though).
*****
37.0.121.160 – is a spam harvester.. Proably going to use your system for behind-the-scenes bot spam spreading, but not active yet.
*****
Another thing – this means your still using IE ??
FFS – use Opera or Firefox.. much safer and that proxy-pac won’t affect them.