ok mastershakes, done some homework, and a program i messed around with a while back called multiproxy was the cause of the mysterious proxy server, which to use it, tells you to set the proxy to 127.0.0.1, and the port to 8088 to access the internet.
http://www.multiproxy.org/help.htm
i just never changed it back when i deleted the prog
___________________________________________________________
now, after following lancer's advice, i installed ewidos in safe mode and done a complete scan which came up with nothing, so i decided to do a housecall, which i hadnt expected to come up with anything, as i had already run it in normal mode, but it came up that i was infected with a virus called MUGLY.I,
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MUGLY.I
____________________________________________________________
so after googlin that, i came up with this:
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=41687
and an online scan detected the old hosts file, on my desktop as a textfile, as this:
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?ID=39376
____________________________________________________________
some more googlin on removin mugly and i discovered symantec had no specific removal tool, so i tried a manual removal by followin their instructions, which turned up that neither the files, nor the registry entries, existed!!!
http://securityresponse.symantec.com/avcenter/venc/data/w32.mugly.h@mm.html
____________________________________________________________
least we know where the mysterious proxy came from, and how the hosts file was modified...
strange thing is, i dont even remember an e-mail like that...
however, i attached a few logs n stuff for ye to look at as my system stands now...
View attachment hijackthisold.txt View attachment hijackthisnew.txt View attachment startuplist.txt