In our Network, we are running windows 10 64 bit.
Recently, I notice that the manual proxy setting is turned on on the settings every time it turns it off I find it turned on again?
and this is the values:
Address: http=127.0.0.1:8080;https=127.0.0.1:8080 <-loopback>
and our workstation can't open any site without running a VPN like a hotspot shield because of that virus.
whereas, Mcafee Endpoint Security is already installed on all the infected workstations. Mcafee is unable to catch this virus, due to which we are Oppressed to used Zamana Anti Malware software with Mcafee antivirus. When anyone system is got infected with this proxy virus we run Zamana AntiMalware on this effected system.
This is the temporary solution that we are doing to save our lives and time.
Please help me how can I remove this virus through Mcafee Antivirus.
My Mcafee Endpoint Security Center version.
ePO Build: ePolicy Orchestrator 5.10.0 (Build 2428)
Update Installed: Update 6 (18.104.22.1681)
Firstly, Thank you for reporting this issue. I would request you to move this over to Endpoint Security forum or Virus Scan Enterprise Forum depending on the product you are using.
Having said that, I would like to know if you can help us with a sample of the infection if you have detected the virus using the competitor product. If you can help me with the malicious file's Hash value (md5 or SHA-1 or SHA-2), I will be very glad to quickly look this up for you to understand if we have coverage or not.
Also, since you have mentioned that you are currently facing this issue, I would urge you to create a support request with us at the earliest to have this investigates ASAP.
Thank you for your response. If you have the malicious file with you, please log a support request using your login credentials at :
*Note: Issue type should be selected as malware.
To submit the sample to us for analysis, you can follow the below KBA: (I would recommend submitting via the Service Request as it ensures the Service Request is created with the samples on them for us to investigate quickly.)
I sincerely hope this is helpful to get the sample to us.
Also, please do not forget to upload the file after "zip"ping the file and password protecting it (without encryption) using password - infected.
My operating system is got infected with the proxy virus, how can I get the sample file for McAfee lab, this virus is damage registry entry how can I get the infected file for further investigation.
Thank you for your kind response. I would recommend contacting us via a Service Request still, as this certainly requires an investigation directly via remote to look into the issue.
We would also want to confirm that the Endpoint Security was configured to block these in case this was a known technique or malware. I am afraid there is very little we can do over the community forum as this needs active investigation over a remote session and Service Request. I sincerely hope you contact us as soon as you can.