Issue with Microsoft Edge

user_avatar WestS10

I downloaded and ran AdwCleaner on my wife's computer after some suspicious activity to rule out an infection. All it found was: 'Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d23716qn9q7omq.cloudfront.net' 'Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dotomi.com'

I had it remove those keys, now when launching Edge it will not load any pages. Typing in a URL only gives a "can't reach this page" error for every URL. IE and Chrome work fine. Not sure if this is because of the scan or the infection, any thoughts?

# AdwCleaner v5.110 - Logfile created 13/04/2016 at 20:37:02
# Updated 10/04/2016 by Xplode # Database : 2016-04-11.4 [Server]
# Operating system : Windows 10 Home (X86)
# Username : hocky_000 - USER
# Running from : C:\Users\hocky_000\adwcleaner_5.110.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\InternetExplorer\LowRegistry\DOMStorage\d23716qn9q7omq.cloudfront.net

Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dotomi.com

***** [ Web browsers ] *****

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [746 bytes] - [13/04/2016 20:30:27]

C:\AdwCleaner\AdwCleaner[S2].txt - [863 bytes] - [13/04/2016 20:37:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [935 bytes] ##########

 

Re: Issue with Microsoft Edge

Hello,

Can you share the deletion report too ?

It's in C:\AdwCleaner\C:\AdwCleaner\AdwCleaner[Cxxxx].txt.

Also, can you generate a ZHPDiag logreport to get more informations on your system ?

  • Download ZHPDiag from Nicolas on his website
  • Then run it with administrator's rights (with right click)
  • Then upload the log file on up2share (you will find it on your desktop, just drop the file on the upload zone)
  • Then post the link in your reply

Best regards,

 

Re: Issue with Microsoft Edge

I have 3 files, I did a scan using a generic accunt as well as the other account on the PC. Hopefully these links will work.

https://up2sha.re/file?f=FkN4KbbDyNWNhttps://up2sha.re/file?f=4wCmXSYIOf9xhttps://up2sha.re/file?f=i0EOaT7UZhVWhttps://up2sha.re/file?f=ml2WplMkQvrx

Re: Issue with Microsoft Edge

Thanks.

It's strange.. After running AdwCleaner and losing the network connection with Edge, can you do the following :

  • Start powershell
  • Enter the following command : 
    ipconfig /all > "C:\Users\hocky_000\ipconfig.txt"

     

A file "ipconfig.txt" will be created on your personal folder, please copy/paste its content here.

Best regards,

Re: Issue with Microsoft Edge

I agree, not sure why this is only affecting edge. Internet Explorer and Chrome still work fine. I have a generic admin account on the PC that has the same issue and I am able to send you this via IE. Since I dont use this computer I dont know if this has been an issue prior to the suspicious activity ofr if it is new.

Windows IP Configuration

   Host Name . . . . . . . . . . . . : user    Primary Dns Suffix  . . . . . . . :    Node Type . . . . . . . . . . . . : Hybrid    IP Routing Enabled. . . . . . . . : No    WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected    Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter    Physical Address. . . . . . . . . : BE-EE-7B-9F-D1-9C    DHCP Enabled. . . . . . . . . . . : Yes    Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Broadcom 802.11abgn Wireless SDIO Adapter    Physical Address. . . . . . . . . : BC-EE-7B-9F-D1-9C    DHCP Enabled. . . . . . . . . . . : Yes    Autoconfiguration Enabled . . . . : Yes    Link-local IPv6 Address . . . . . : fe80::255f:9b1f:2595:c26b%2(Preferred)    IPv4 Address. . . . . . . . . . . : 192.168.1.94(Preferred)    Subnet Mask . . . . . . . . . . . : 255.255.255.0    Lease Obtained. . . . . . . . . . : Wednesday, April 13, 2016 8:46:15 PM    Lease Expires . . . . . . . . . . : Saturday, April 16, 2016 10:08:08 AM    Default Gateway . . . . . . . . . : 192.168.1.1    DHCP Server . . . . . . . . . . . : 192.168.1.1    DHCPv6 IAID . . . . . . . . . . . : 79490683    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-60-EF-D9-BC-EE-7B-9F-D1-9C    DNS Servers . . . . . . . . . . . : 192.168.1.1    NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected    Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)    Physical Address. . . . . . . . . : BC-EE-7B-9F-D1-9D    DHCP Enabled. . . . . . . . . . . : Yes    Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0    DHCP Enabled. . . . . . . . . . . : No    Autoconfiguration Enabled . . . . : Yes    IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:c1f:235a:51cc:c7f5(Preferred)    Link-local IPv6 Address . . . . . : fe80::c1f:235a:51cc:c7f5%3(Preferred)    Default Gateway . . . . . . . . . : ::    DHCPv6 IAID . . . . . . . . . . . : 335544320    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-60-EF-D9-BC-EE-7B-9F-D1-9C    NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{1FC83821-36BF-4F17-8EC6-3BBD1A51C4C8}:

   Media State . . . . . . . . . . . : Media disconnected    Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0    DHCP Enabled. . . . . . . . . . . : No    Autoconfiguration Enabled . . . . : Yes

Re: Issue with Microsoft Edge

Hello,

If you enter the url "http://5.196.175.179/" in Edge, do you succeed to get the "Index Of" page ?

If no, did you clean all Edge browsing and settings from the menu, and relaunch it ?

Re: Issue with Microsoft Edge

I agree, not sure why this is only affecting edge. Internet Explorer and Chrome still work fine. I have a generic admin account on the PC that has the same issue and I am able to send you this via IE. Since I dont use this computer I dont know if this has been an issue prior to the suspicious activity ofr if it is new.

Windows IP Configuration

   Host Name . . . . . . . . . . . . : user    Primary Dns Suffix  . . . . . . . :    Node Type . . . . . . . . . . . . : Hybrid    IP Routing Enabled. . . . . . . . : No    WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected    Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter    Physical Address. . . . . . . . . : BE-EE-7B-9F-D1-9C    DHCP Enabled. . . . . . . . . . . : Yes    Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Broadcom 802.11abgn Wireless SDIO Adapter    Physical Address. . . . . . . . . : BC-EE-7B-9F-D1-9C    DHCP Enabled. . . . . . . . . . . : Yes    Autoconfiguration Enabled . . . . : Yes    Link-local IPv6 Address . . . . . : fe80::255f:9b1f:2595:c26b%2(Preferred)    IPv4 Address. . . . . . . . . . . : 192.168.1.94(Preferred)    Subnet Mask . . . . . . . . . . . : 255.255.255.0    Lease Obtained. . . . . . . . . . : Wednesday, April 13, 2016 8:46:15 PM    Lease Expires . . . . . . . . . . : Saturday, April 16, 2016 10:08:08 AM    Default Gateway . . . . . . . . . : 192.168.1.1    DHCP Server . . . . . . . . . . . : 192.168.1.1    DHCPv6 IAID . . . . . . . . . . . : 79490683    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-60-EF-D9-BC-EE-7B-9F-D1-9C    DNS Servers . . . . . . . . . . . : 192.168.1.1    NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected    Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)    Physical Address. . . . . . . . . : BC-EE-7B-9F-D1-9D    DHCP Enabled. . . . . . . . . . . : Yes    Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0    DHCP Enabled. . . . . . . . . . . : No    Autoconfiguration Enabled . . . . : Yes    IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:c1f:235a:51cc:c7f5(Preferred)    Link-local IPv6 Address . . . . . : fe80::c1f:235a:51cc:c7f5%3(Preferred)    Default Gateway . . . . . . . . . : ::    DHCPv6 IAID . . . . . . . . . . . : 335544320    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-60-EF-D9-BC-EE-7B-9F-D1-9C    NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{1FC83821-36BF-4F17-8EC6-3BBD1A51C4C8}:

   Media State . . . . . . . . . . . : Media disconnected    Connection-specific DNS Suffix  . :    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0    DHCP Enabled. . . . . . . . . . . : No    Autoconfiguration Enabled . . . . : Yes

Re: Issue with Microsoft Edge

Sorry I mentioned Chrome but that is not installed on this computer, just IE.

Re: Issue with Microsoft Edge

Hello,

Can you try de-quarantine both keys that were deleted by AdwCleaner? ( Run it, click on "Tools" -> "Quarantine" )

Does that solve your problem ?

Regards,

Re: Issue with Microsoft Edge

Ok, ran the de-quarantune but no change.

Re: Issue with Microsoft Edge

Can you tell us what's the results with this ?

Re: Issue with Microsoft Edge

Same thing, nothing loads. I get this message with all web pages: Hmm, we can't reach this page. Try this •Make sure you’ve got the right web address: https://toolslib.net •Refresh the page •Search for what you want

Re: Issue with Microsoft Edge

I did try and enter http://5.196.175.179/ into edge and I do get index of and I can drill into those indexes.

Re: Issue with Microsoft Edge

Hello,

So, it's a DNS issue.. It's strange that only Edge is impacted.

We'll remove the cached files from Edge, and then reset the network configuration if needed :

  1. Launch Edge,
  2. Click on the top-right "..." to show the menu.
  3. Settings
  4. Delete navigation data - choose the elements to remove
  5. Check all, except "Passwords"
  6. Delete

Quit Edge, restart it : does it work ?

If you still get the same issue :

  1. Launch the Windows "start" menu,
  2. type and click on "Command Prompt" (be sure to launch it as Administrator)
  3. ipconfig /flushdns

If you still face the issue :

  1. On the same command prompt than above, enter netsh int ip reset
  2. Then, netsh int ipv6 reset
  3. And finally netsh winsock reset
  4. Reboot your computer

Is it better ?

Best regards,

Re: Issue with Microsoft Edge

Still doesnt work.

Re: Issue with Microsoft Edge

Hello,

Can you download and execute https://toolslib.net/downloads/viewdownload/205-winsockanalyzer/

You'll get a logfile beginning by "Winsock" in C:\, please share it here (by copy/pasting it or by hosting it on U2S and sharing the generated link here).

Best regards,

Re: Issue with Microsoft Edge

~ WinsockAnalyzer v1.0 - Created 25/04/2016 at 19:42:16 ~ Updated 21/03/2016 by Xplode ~ Running from C:\Users\owner\AppData\Local\Microsoft\Windows\INetCache\IE\GSC4SC68\winsockanalyzer_1.001.exe

>>>> ControlSet information <<<< Current=1 Default=1 Failed=0 LastKnownGood=1

>>>> DLL Checking <<<< C:\WINDOWS\system32\napinsp.dll ... OK! C:\WINDOWS\system32\nlaapi.dll ... OK! C:\WINDOWS\system32\pnrpnsp.dll ... OK! C:\WINDOWS\system32\winrnr.dll ... OK! C:\WINDOWS\system32\mswsock.dll ... OK! C:\WINDOWS\system32\wship6.dll ... OK! C:\WINDOWS\system32\wshtcpip.dll ... OK! C:\WINDOWS\system32\wshqos.dll ... OK!

################ Current (001) ################

:: Winsock2 parameters ::

AutodialDLL=C:\Windows\System32\rasadhlp.dll NameSpace_Callout=%SystemRoot%\System32\fwpuclnt.dll WinSock_Registry_Version=2.0 Current_NameSpace_Catalog=NameSpace_Catalog5 Current_Protocol_Catalog=Protocol_Catalog9

:: NameSpaces ::

Entry #1 called '000000000001' --> C:\WINDOWS\system32\napinsp.dll Entry #2 called '000000000002' --> C:\WINDOWS\system32\pnrpnsp.dll Entry #3 called '000000000003' --> C:\WINDOWS\system32\pnrpnsp.dll Entry #4 called '000000000004' --> C:\WINDOWS\system32\NLAapi.dll Entry #5 called '000000000005' --> C:\WINDOWS\System32\winrnr.dll Entry #6 called '000000000006' --> C:\WINDOWS\System32\mswsock.dll Entry #7 called '000000000007' --> C:\WINDOWS\System32\wshbth.dll

************************************************ Expected entries : 7 Current entries : 7 ************************************************

:: Protocols ::

Entry #1 called '000000000001' --> Hyper-V RAW Entry #2 called '000000000002' --> @%SystemRoot%\System32\mswsock.dll,-60100 Entry #3 called '000000000003' --> @%SystemRoot%\System32\mswsock.dll,-60101 Entry #4 called '000000000004' --> @%SystemRoot%\System32\mswsock.dll,-60102 Entry #5 called '000000000005' --> @%SystemRoot%\System32\mswsock.dll,-60200 Entry #6 called '000000000006' --> @%SystemRoot%\System32\mswsock.dll,-60201 Entry #7 called '000000000007' --> @%SystemRoot%\System32\mswsock.dll,-60202 Entry #8 called '000000000008' --> @%SystemRoot%\System32\wshqos.dll,-100 Entry #9 called '000000000009' --> @%SystemRoot%\System32\wshqos.dll,-101 Entry #10 called '000000000010' --> @%SystemRoot%\System32\wshqos.dll,-102 Entry #11 called '000000000011' --> @%SystemRoot%\System32\wshqos.dll,-103 Entry #12 called '000000000012' --> MSAFD RfComm [Bluetooth]

************************************************ Expected entries : 12 Current entries : 12 ************************************************

  1. Home
  2. Forum
  3. AdwCleaner
  4. Issue with Microsoft Edge