No internet

Hi there.

Are you deliberately set up to use a proxy?

 

Fix items using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate these detections:

• [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_H_F606\ControlSet002\Services\pnicml (\??\C:\DOCUME~1\Dondi\LOCALS~1\Temp\pnicml.sys) -> Found
• [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
• [PUM.Proxy] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
• [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8080;https=127.0.0.1:8080 -> Found
• [PUM.Proxy] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8080;https=127.0.0.1:8080 -> Found

Place a checkmark next to each of these items, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)
Reboot the machine.




This takes a long time to run so go off and do something else for a while...


Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.

• Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
• Now select the Start Repairs tab.
• The click the Start button.
• Create a System Restore point if prompted.
• On the next screen, click the Unselect All button to first deselect all repairs.
• Now select the following repair options:
  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Repair WMI
  • Repair Windows Firewall
  • Remove Policies Set By Infections
  • Repair Winsock & DNS Cache
  • Repair Proxy Settings
  • Repair Windows Updates
  • Set Windows Services To Default Startup
• Now on the lower right side check the box to Restart/Shutdown System When Finished
• Then make sure the Restart System radio button is enabled.
• Shutdown any other programs that you are running now before continuing.
• Now click the Start button.
• Be patient while the tool repairs the selected items.
• It should reboot automatically when finished.

Rescan with Hitman Pro and have it fix the proxy if it shows.

Now rescan with RogueKiller (just a scan) and attach log.

 

A re-boot is recommended, then look for the log.

 

Uninstall any anti virus you may have installed as it could interfere with the fix.

Did you use Hitman to try and fix the proxy? What happened? Any errors?

Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.



Now reboot the machine and run RogueKiller again, attach log.

 

Follow the instructions here to change proxy server settings. Then once done, rescan with RogueKiller and attach log. Let me know which browsers have proxy settings in place.

 

You should try resetting your browsers: (And let us know if it makes any difference)

Reset Internet Explorer 9, 10, and 11 to Defaults
Reset Google Chrome to defaults


Now reboot into SAFE MODE. Open up RogueKiller and have it remove the proxy entries it lists.
Reboot into normal mode again and rescan with RogueKiller once more and attach log.

Also please tell me, can you think of anything you installed before this happened that may be causing the proxy to exist?

 

OK I want you to run Windows Repair again like you did in message #4.

Please follow the instructions below in the order written.

Copy the bold text below to notepad. Save it as proxyfix.reg to your desktop. Be sure the "Save as" type is set to "all files". We are only saving this to your Desktop at this time. We will use it later. Make sure that it shows up on your desktop as a registry patch. Notice the icon.

Now please uninstall any antivirus program that you may have. If you cannot uninstall it or do not have one installed then continue on with the next steps anyway!! Keep it uninstalled until requested to reinstall.

Now reboot your PC info safe boot mode.

Once in safe boot mode, click Start, and type regedit into the search box.

• You should see a regedit.exe and icon appear in the Programs area of the Start Menu.
• Right click on regedit.exe and select Run As Administrator
• Then in the Registry Editor menu click File and select Import.
• Navigate to the proxyfix.reg file saved to your Desktop and double click it. Allow it to be added to the registry. Please observe whether you receive a success message and confirm to me later that you had success or not.
• You can exit the Registry Editor now.

Now right click on RogueKiller.exe and Select Run As Administrator and run a scan. A fter it finishes the scan, select the Registry tab and then select any of the below that still exist and then click the Delete button.

• [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
• [PUM.Proxy] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
• [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8080;https=127.0.0.1:8080 -> Found
• [PUM.Proxy] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8080;https=127.0.0.1:8080 -> Found

Then immediately reboot your PC. But this time reboot into normal boot mode.

After reboot, run a new scan with RogueKiller and save a log as in original instructions and attach the new log.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• the new RogueKiller log
• C:\MGlogs.zip

 

I would also like you to run this please....


Now please download OTL by OldTimer.

• Save it to your desktop.
• Double-click on the OTL icon on your desktopto run it. (Note: if using Vista, Win7 or Win8 use right-click and select Run as Administrator)
• Check the "Scan All Users" checkbox.
• Check the "Standard Output".
• Change the setting of "Drivers" and "Services" to "All"
• Copy the text in the code box below and paste it into the text-field.
  
  Code:

  activex
  netsvcs
  drives
  

• Now click the button.
• One report will be created:
  • OTL.txt <-- Will be opened
• Attach OTL.txt to your next message. (How to attach)
• Also attach Extras.txt

 

I apologise that this is taking so much time, more and more of these cases with hard to remove proxy servers are cropping up now.

We need to run an OTL Fix

• Right-click OTL.exe And select " Run as administrator " to run it. If Windows UAC prompts you, please allow it.
• Copy and Paste the following code into the Image textbox. Do not include the word Code

Code:

:otl
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080;https=127.0.0.1:8080
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080;https=127.0.0.1:8080

:commands
[EMPTYTEMP]
[RESETHOSTS]
[REBOOT]

• Then click the Run Fix button at the top.
• Click Image.
• OTL may ask to reboot the machine. Please do so if asked.
• The report should appear in Notepad after the reboot. ATTACH that report in your next reply.

Re run RogueKiller and attach log.


Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: Make sure you download the correct version for your PC. Only the correct version will work.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your next reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

• Save the attached (fixlist.txt) to your desktop.
• Right click FRST and run it as admin.
• Click the FIX button.
• A report should pop up, please attach it here in your next reply.
• Re run RogueKiller and attach latest log from that also.

 

If this fix doesn't implement I have something else to try.

 

Excellent. The fix actually worked by the looks of it. Can you ensure the machine has had a reboot and rescan with RogueKiller once more, just to be sure. Attach log.

Also do this...

Run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista, Windows7 or Win8) Then attach the new C:\MGlogs.zip file that will be created by running this.
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running!

 

Oh that's a shame, I was hoping it would work, but suspected it may not hence asked you to reboot and re run.

• Save the attached (fixlist.txt) to your desktop.
• Right click FRST and run it as admin.
• Click the FIX button.
• A report should pop up, please attach it here in your next reply.
• Re run RogueKiller and attach latest log from that also.

 

Sorry! meant to say re run RogueKiller AFTER a reboot.

 

Any updates, Daytonboi?