Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! - Website redirecting to Google news on all browsers


  • This topic is locked This topic is locked
22 replies to this topic

#1 carp104

carp104

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 21 November 2015 - 02:05 PM

Hello,

 

I am having an issue where a website (my own wordpress store none the less) is redirecting to Google news (https://news.google.com/) every time I type the URL into my browser.  I've tried it with both IE and Edge and have the same problem with both.  I'm not sure if there are issues with other websites yet but I'm guessing this is a malware issue?  My website opens fine on other computers and on my iPhone.

 

I've ran MalwareBytes with no luck, as well as several other scan tools.

 

Please help


Edited by carp104, 21 November 2015 - 02:06 PM.


BC AdBot (Login to Remove)

 


#2 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:48 AM

Posted 21 November 2015 - 07:20 PM

Hello carp104, and welcome! :)

My name is bloopie and I'll be helping you as best I can! :thumbsup:


Please let me know what version of Windows you are running now (Windows7, 8, 10, etc...)?
 
==========
 
First, did Malwarebytes detect anything when you ran it? If so, please post the log (if not, then skip this).

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)

  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd


==========

Are you able to get to any other website by typing in the name as your normally would, or is it only this particular website?



Also, since you know what site it is, do you know the numerical ip address you could try to get to the website (for instance, to get to google.com, you could type in 74.125.224.72)?

 

==========

In any case, let's give this a try:

  • Hold the Windows Windows_Logo_key.gif key and press r to open the runbox
  • Type in cmd and press ENTER to open a command prompt
  • Copy the below code, and paste it into the command prompt window, and press ENTER.
ipconfig /flushdns
  • A message should display telling you the command (flush dns resolver cache) was successful
  • If it throws an error message, please let me know!
  • Type exit and press ENTER to close the command window

Then try to get to the website as you normally would.

 

Please let me know how it went! :)

bloopie


Edited by bloopie, 21 November 2015 - 09:15 PM.
added explanation


#3 carp104

carp104
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 22 November 2015 - 01:59 PM

Hi Bloopie,

 

I'm running Windows 10, and unfortunately I do not know the website IP address.  So far it is only this website which is doing this that I know of.  I was able to open this site fine previously on this computer, and it still opens fine on other computers.  Just not with any browsers on this computer anymore.

 

I tried flushing the DNS as you suggested but no luck.  Below is the Malwarebytes log:

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/21/2015
Scan Time: 12:50 PM
Logfile: log.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.11.21.04
Rootkit Database: v2015.11.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Matt

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 333068
Time Elapsed: 7 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, Quarantined, [a00885fbbdce04329d0e3bdc03ffa759],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, Quarantined, [a00885fbbdce04329d0e3bdc03ffa759],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Quarantined, [6444acd4e1aace68456a5fb8fb072cd4],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Quarantined, [6444acd4e1aace68456a5fb8fb072cd4],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)


Edited by carp104, 22 November 2015 - 02:02 PM.


#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:48 AM

Posted 22 November 2015 - 02:55 PM

Hello again,
 
Okay, I had my doubts about flushing the dns but certainly worth a shot. :wink:

==========
 
I see MBAM had previously removed Yontoo, so I'd like to run a couple of other scanners now to check for others.

 

...But before we do, have you tried any other browsers? IE and Edge are essentially the same (Edge is really the "new IE" in Windows 10), so I'd like you to try another browser (i.e. Firefox or Chrome) to see if the problem still occurs. Let me know if that's true with other browsers. :thumbup2:
 
In addition to the above, please run these next for me and post the logs:
 
Step :step1:

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).

  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
  • When the scan is completed click Quarantine selected objects. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop and post the contents in your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.

==========

Step :step2:

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[S#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

==========

Please post both requested logs in your next reply and let me know if the problem persists with other browsers as well!

If you have any trouble with either tool, simply skip it, continue and let me know! :)

bloopie



#5 carp104

carp104
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 22 November 2015 - 03:27 PM

I just downloaded Firefox and tried it and the site does in fact open in Firefox. 

 

Do you want me to proceed with the tools you listed?



#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:48 AM

Posted 22 November 2015 - 03:33 PM

Yes, please go ahead with those tools anyway to make sure you're clean! :)

That's good to know that the problem is only with IE and/or Edge! :thumbup2:

bloopie

#7 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:48 AM

Posted 22 November 2015 - 03:42 PM

P.S.   Please don't miss my previous post!

 

...but have a look here...it may be related to what you're experiencing: http://stackoverflow.com/questions/32563611/cant-open-local-iis-site-in-ie-edge

bloopie



#8 carp104

carp104
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 22 November 2015 - 03:48 PM

Here is the Emsisoft log:

 

Emsisoft Emergency Kit - Version 10.0
Last update: 11/22/2015 3:40:34 PM
User account: DESKTOP-L3D4K1D\Matt

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 11/22/2015 3:42:04 PM
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR  detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS  detected: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN  detected: Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS  detected: Setting.NoFolderOptions (A)

Scanned 72641
Found 4

Scan end: 11/22/2015 3:43:44 PM
Scan time: 0:01:40

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Quarantined Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Quarantined Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)

Quarantined 4

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

And here's the AdWcleaner log:

 

# AdwCleaner v5.022 - Logfile created 22/11/2015 at 15:45:22
# Updated 22/11/2015 by Xplode
# Database : 2015-11-22.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Matt - DESKTOP-L3D4K1D
# Running from : C:\Users\Matt\AppData\Local\Microsoft\Windows\INetCache\IE\3MPK80F1\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : C:\Users\Matt\AppData\Roaming\RPEng

***** [ Files ] *****

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [664 bytes] ##########



#9 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:48 AM

Posted 22 November 2015 - 04:43 PM

Hello again,
 
Okay, that looks good. Have you looked at the link I gave in my previous post? Does any of that look familiar to you?

Let's take a look at this next:

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

==========

Please post that log in your next reply and let me know if you recognize the link I posted earlier.

bloopie



#10 carp104

carp104
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 22 November 2015 - 05:18 PM

Hello,

 

I looked at the link you provided but I guess I don't fully follow what's going on there.

 

Here are the results to the Mini Toolbox:

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Matt (administrator) on 22-11-2015 at 17:16:47
Running from "C:\Users\Matt\Desktop"
Microsoft Windows 10 Home  (X64)
Model: XPS 8700 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
Broadcom 802.11n Network Adapter = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
set subinterface interface= subinterface=ethernet_32770 mtu=1477

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-L3D4K1D
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : AE-D1-B8-D8-A3-6D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes



#11 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:48 AM

Posted 23 November 2015 - 12:04 AM

Hello again,

That log is incomplete, could you please post the complete log for me to review?

bloopie

#12 carp104

carp104
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 23 November 2015 - 08:01 PM

My apologies, somehow I cut it off, here you go:

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Matt (administrator) on 23-11-2015 at 20:00:56
Running from "C:\Users\Matt\AppData\Local\Microsoft\Windows\INetCache\IE\3MPK80F1"
Microsoft Windows 10 Home  (X64)
Model: XPS 8700 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
Broadcom 802.11n Network Adapter = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
set subinterface interface= subinterface=ethernet_32770 mtu=1477

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-L3D4K1D
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : AE-D1-B8-D8-A3-6D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 98-90-96-E3-27-B7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c19c:1f71:e1a8:ac50%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, November 23, 2015 7:53:17 PM
   Lease Expires . . . . . . . . . . : Tuesday, November 24, 2015 7:53:16 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 160993430
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-49-AF-F2-98-90-96-E3-27-B7
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
   Physical Address. . . . . . . . . : 0A-80-58-1F-44-0A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : AC-D1-B8-D8-A3-6E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E8FD4166-E01F-4F7D-8330-869AA8B5E0B9}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:847:3dd6:b8b0:f9f(Preferred)
   Link-local IPv6 Address . . . . . : fe80::847:3dd6:b8b0:f9f%2(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 369098752
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-49-AF-F2-98-90-96-E3-27-B7
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4009:806::1005
   74.125.225.6
   74.125.225.4
   74.125.225.7
   74.125.225.2
   74.125.225.0
   74.125.225.14
   74.125.225.9
   74.125.225.8
   74.125.225.5
   74.125.225.3
   74.125.225.1

Pinging google.com [74.125.225.14] with 32 bytes of data:
Reply from 74.125.225.14: bytes=32 time=103ms TTL=50
Reply from 74.125.225.14: bytes=32 time=25ms TTL=50

Ping statistics for 74.125.225.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 25ms, Maximum = 103ms, Average = 64ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
   2001:4998:c:a06::2:4008
   2001:4998:44:204::a7
   206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=246ms TTL=39
Reply from 206.190.36.45: bytes=32 time=121ms TTL=39

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 121ms, Maximum = 246ms, Average = 183ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...ae d1 b8 d8 a3 6d ......Microsoft Wi-Fi Direct Virtual Adapter
  9...98 90 96 e3 27 b7 ......Realtek PCIe GBE Family Controller
  5...0a 80 58 1f 44 0a ......Broadcom 802.11n Network Adapter
  4...ac d1 b8 d8 a3 6e ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
  8...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  2...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    276
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  2    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  2    306 2001::/32                On-link
  2    306 2001:0:9d38:6ab8:847:3dd6:b8b0:f9f/128
                                    On-link
  9    276 fe80::/64                On-link
  2    306 fe80::/64                On-link
  2    306 fe80::847:3dd6:b8b0:f9f/128
                                    On-link
  9    276 fe80::c19c:1f71:e1a8:ac50/128
                                    On-link
  1    306 ff00::/8                 On-link
  9    276 ff00::/8                 On-link
  2    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/23/2015 07:53:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-L3D4K1D)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/22/2015 07:40:11 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.10240.16412 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 5a0

Start Time: 01d12586e5d0b95f

Termination Time: 127

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: be32cb20-917a-11e5-9bdf-acd1b8d8a36e

Faulting package full name:

Faulting package-relative application ID:

Error: (11/22/2015 05:13:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1984.9918, time stamp: 0x55c8fafb
Faulting module name: ntdll.dll, version: 10.0.10240.16430, time stamp: 0x55c59f92
Exception code: 0xc0000005
Fault offset: 0x0000000000034ecd
Faulting process id: 0x130c
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3
Faulting package full name: NvStreamNetworkService.exe4
Faulting package-relative application ID: NvStreamNetworkService.exe5

Error: (11/22/2015 03:13:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10240.16412, time stamp: 0x55b99447
Faulting module name: ntdll.dll, version: 10.0.10240.16430, time stamp: 0x55c599e1
Exception code: 0xc0000005
Fault offset: 0x00045e93
Faulting process id: 0x1080
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/21/2015 05:35:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-L3D4K1D)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 01:03:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/21/2015 01:03:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/21/2015 01:03:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/19/2015 11:48:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (11/19/2015 10:57:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 4.1.1986.6159, time stamp: 0x55ce2fda
Faulting module name: ntdll.dll, version: 10.0.10240.16430, time stamp: 0x55c59f92
Exception code: 0xc0000005
Fault offset: 0x0000000000034ecd
Faulting process id: 0x1714
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report Id: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5

System errors:
=============
Error: (11/23/2015 07:54:00 PM) (Source: DCOM) (User: DESKTOP-L3D4K1D)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-L3D4K1DMattS-1-5-21-4239232080-1409271564-931638241-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (11/23/2015 07:53:28 PM) (Source: DCOM) (User: DESKTOP-L3D4K1D)
Description: "C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXwmnqm0nvq2b90pwvr42qmtdjp7cj3w82.mca31App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mcaUnavailableUnavailable

Error: (11/22/2015 07:43:47 PM) (Source: Service Control Manager) (User: )
Description: The Sync Host_Session3 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/22/2015 06:07:44 PM) (Source: DCOM) (User: DESKTOP-L3D4K1D)
Description: application-specificLocalActivation{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}DESKTOP-L3D4K1DMattS-1-5-21-4239232080-1409271564-931638241-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/22/2015 02:27:22 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{aa2114c9-5f02-4d09-881a-ecf4c7cef475}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6B898B29-15F4-4353-92B6-A0B6CF46984F}

Error: (11/22/2015 02:26:54 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{aa2114c9-5f02-4d09-881a-ecf4c7cef475}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{8E2CC8E4-0AA3-4617-8061-2765F571D66A}

Error: (11/22/2015 02:02:02 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/22/2015 02:02:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/22/2015 02:01:05 PM) (Source: DCOM) (User: DESKTOP-L3D4K1D)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-L3D4K1DMattS-1-5-21-4239232080-1409271564-931638241-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (11/21/2015 06:53:59 PM) (Source: Service Control Manager) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (11/23/2015 07:53:28 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-L3D4K1D)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147024865

Error: (11/22/2015 07:40:11 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.10240.164125a001d12586e5d0b95f127C:\Program Files (x86)\Internet Explorer\iexplore.exebe32cb20-917a-11e5-9bdf-acd1b8d8a36e

Error: (11/22/2015 05:13:41 PM) (Source: Application Error)(User: )
Description: NvStreamNetworkService.exe4.1.1984.991855c8fafbntdll.dll10.0.10240.1643055c59f92c00000050000000000034ecd130c01d125730a9d101cC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Windows\SYSTEM32\ntdll.dll264b14a5-526c-4e70-8796-b83731873213

Error: (11/22/2015 03:13:17 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.10240.1641255b99447ntdll.dll10.0.10240.1643055c599e1c000000500045e93108001d12559aa3510d9C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dll5c0a069b-7b04-4823-8663-ff534ab7e160

Error: (11/21/2015 05:35:39 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-L3D4K1D)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (11/21/2015 01:03:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\Matt\AppData\Local\Microsoft\Windows\INetCache\IE\PZ9PC7RG\esetsmartinstaller_enu.exe

Error: (11/21/2015 01:03:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestc:\users\matt\appdata\local\microsoft\windows\inetcache\ie\pz9pc7rg\esetsmartinstaller_enu.exe

Error: (11/21/2015 01:03:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\Matt\AppData\Local\Microsoft\Windows\INetCache\IE\PZ9PC7RG\esetsmartinstaller_enu.exe

Error: (11/19/2015 11:48:59 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (11/19/2015 10:57:48 PM) (Source: Application Error)(User: )
Description: NvStreamUserAgent.exe4.1.1986.615955ce2fdantdll.dll10.0.10240.1643055c59f92c00000050000000000034ecd171401d12347970f74deC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exeC:\Windows\SYSTEM32\ntdll.dll8419e35f-5b2a-44e7-a20e-0916ec9f4b64

=========================== Installed Programs ============================

Adobe Photoshop CS6 version 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
BetOnline Client (remove only) (HKLM-x32\...\BetOnLine Client) (Version: 1.0 - BetOnlineDevelopment)
BetOnline Poker 8.2 (HKLM-x32\...\BetOnline Poker 8.2) (Version: 8.2.12.201509090900 - Hero Poker Network)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Dell Customer Connect (HKLM-x32\...\{99E581C6-471C-46CA-989E-3B17EB7E3F27}) (Version: 1.3.2.0 - Dell Inc.)
Dell Data Services (HKLM\...\{815D96BA-2FC6-4F61-9BE3-2CFE446E8ECF}) (Version: 1.2.7.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{B1714996-891A-43D2-8B83-CCFB2EC53978}) (Version: 2.3.3800.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{A00269ED-FD88-4907-834B-60B70DCE82C5}) (Version: 2.0.366.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{A00269ED-FD88-4907-834B-60B70DCE82C5}) (Version: 2.0.366.0 - Dell Inc.)
Dell Product Registration (HKLM\...\{93870CD7-7A8D-4880-9BEF-95382F44E848}) (Version: 2.0.706.0 - Dell Inc.) Hidden
Dell Product Registration (HKLM-x32\...\InstallShield_{93870CD7-7A8D-4880-9BEF-95382F44E848}) (Version: 2.0.706.0 - Dell Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6168.1 - Waves Audio Ltd.) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.5120 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.203 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
SolidWorks 2014 x64 Edition SP0 (HKLM\...\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}) (Version: 22.100.5018 - SolidWorks) Hidden
SolidWorks 2014 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20140-40000-1100-100) (Version: 22.0.0.5018 - SolidWorks Corporation)
SolidWorks Composer Player 2014 SP0 x64 Edition (HKLM\...\{BE804C73-0FE8-4FB4-87D9-E2B685EE0A7C}) (Version: 22.00.5018 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP0 (HKLM\...\{8A66D41F-61C1-4DBE-9C27-F663C4ADE9A8}) (Version: 14.0.5006 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP0 x64 Edition (HKLM\...\{0C10FAF1-35D5-416A-B7C1-4168ED9485FA}) (Version: 22.00.5018 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP0 x64 Edition (HKLM\...\{104E8BAF-2E2A-4467-A5C0-92ED92F26547}) (Version: 22.00.5018 - SolidWorks Corporation) Hidden

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 16335.2 MB
Available physical RAM: 13694.13 MB
Total Virtual: 18767.2 MB
Available Virtual: 15719.88 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:1848.85 GB) (Free:1789.33 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP-L3D4K1D

Administrator            DefaultAccount           Guest                   
Matt                    

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

08-11-2015 21:09:15 Installed OpenOffice 4.1.2
13-11-2015 00:25:31 Windows Update
13-11-2015 00:26:49 Windows Update
20-11-2015 04:48:53 Scheduled Checkpoint

**** End of log ****



#13 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:48 AM

Posted 24 November 2015 - 11:42 AM

Hello again,

That's okay, thanks for the logs! :wink:

==========

Alright, everything looks okay so it's most likely an addon or extension that's giving you this issue. First let's try to run Internet Explorer in "safemode". Once it's running in safemode, check to see if the problem disappears. If it does, then you'll need to find exactly which addon that is causing the problem. If the problem does not go away at all, then we'll have to explore other routes.

 

  • Follow THIS LINK to run IE in safemode
  • If problem disappears, follow THIS LINK to disable addon's one by one

 

Let me know how it goes, or if the problem remains even after IE is in safemode! :)

 

If you've found the "problem addon", then you could simply leave it disabled.  In any case, let me know how it goes or if you run into a problem! :)

 

bloopie



#14 carp104

carp104
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 24 November 2015 - 07:58 PM

Hello,

 

Unfortunately the problem still remains even in safe mode.  What else could it possibly be?



#15 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:48 AM

Posted 25 November 2015 - 04:04 PM

Hello again,

 

Could be a couple of things, but unfortunately, there is no clear answer. Let's try to reset IE back to it's original state. See here, and let me know if that helps.

 

bloopie






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users