• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

proxy removal malware?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
T

TimDgsr

Member
Joined
Jan 17, 2002
Location
Atlanta, GA
I'm having a strange problem here. Wondering if anyone has ever seen anything like it.

I have a GPO setting that removes the connections tab from internet explorer and adds an automatic configuration script for the proxy as well. This machine is in the same OU as several other identical machines and they're working fine. This one machine however, is not forwarding traffic through the proxy.

I've gone in and manually added the HKLM\software\microsoft\windows\currentversion\internet settings value of AutoConfigURL REG_SZ http://bisa:8080/wpad.dat. As soon as you start IE, this line is removed from the registry.

Has anyone ever seen a proxy avoidance/removal software to remove proxy settings? Something that automatically removes proxy settings from the registry perhaps? I'm at a loss. I ran HiJack this and found nothing out of the ordinary.

Any help is greatly appreciated.
 
My guess would be a conflicting policy/IE setting somewhere. I had one box doing something similar, finally had to re-image it after I found out (via MS) that GP objects are not always reversed when unapplied.
 
sorry for the long lack of response, i've been back and forth so much between birmingham and atlanta the past 8 weeks. I'm moving in two weeks and this junk will finally be over.

Yes, you are certainly correct about policies not properly reversing when un-applied. However we have had that issue with several machines in the past. If you have something applied, like proxy settings, then just change that setting to default. not enabled, or disabled, then it will sometimes keep certain settings that the old policy applied. However, in my practice, I've always found that if you just change that setting, or set it to be disabled, then you don't have that issue. What sucks about that is you have to be extremely careful about what policies you put in place, and know that you might later have to create a policy just for the sake of undoing a policy that is no longer needed.

I yanked this box out of our citrix farm and passed it over to someone else. They're supposed to be opening a ticket with MS on this, however I haven't heard anything back yet.

I'll post results just in case anyone is interested.

thanks for the response
 
You must log in or register to reply here.

Similar threads

gregmacknass
MSI GE72 2QD 120hz panel upgrade
Replies
0
Views
660
gregmacknass
gregmacknass
Dr_Emmett_Brown
[PROJECT LOG] 3-stage Thermosyphon vastly outperforms quadruple radiators
2
Replies
20
Views
3K
Ben333
Ben333
mackerel
Dell Optiplex 9020 surprises
Replies
3
Views
5K
mackerel
mackerel
GunnerMan
AMD 1700 System Review and Upgrade Advice
Replies
1
Views
635
trents
trents
M
DDR3 RAM Mystery....
Replies
8
Views
2K
mainegrw
M
Back