Jump to content


Photo
- - - - -

Internet Explorer suddenly extremely slow

Internet Explorer

  • This topic is locked This topic is locked
2 replies to this topic

#1 dip12

dip12

    New Member

  • Members
  • Pip
  • 3 posts

Posted 08 May 2012 - 01:57 PM

Merged post


Hi,

Since last night, my Internet Explorer has becom extremely slow.
The rest of my system so far sees unaffected, ping and download times ae normal. Browsing is the onl thing that has become a crawl.

I can open Internet Explorer (ver8) just fine and it opens as quickly as usal. The moment I press Enter on an URL or pick a webpage from my history, it takes about a full minute for anything to happen in the status bar during which time the browser is unresponsive. Once it has "connected" to the webpage, it then takes extremely long to load and even when it has mostly finished loading it then stalls again and takes is time. Clicking any link on the webpage or going to another page or using a separate window or tab results in the exact same sloth again.
Even the autosave as I type this message slows it enough to swallow every 9th character.

The other notable thing is that if I rightclick any link to bring up the context menu, it takes about 4-6 seconds for it to appear during which time Internet Explorer stalls too.

I've run several scans with MBAM, AVG, Panda, Bitdefender and have installed TM's Browser Guard, all to no avail.

HiJackThis log also seems to not pick up anything strange.

Now as for when this happened last night:
I was browsing onto rlslog.net and about a few seconds into page load, the browser stalled and download/installed something (felt like it). Then I got a security popup saying "do you want to allow XXX.info access to your computer"? or somesuch, where XXX was some strange address called nvigporta or something like that. I clicked No, but my browser was aleady slowed since then. I checked Task Manager and java.exe was running whic normally doesn't happen, suggesting it was some bad java which may have infected me?
Since the, trying to access the offending webpage has resulted in it not loading but asking whether I was to download a file called rlslog_net instead, which suggests maybe the site got hacked?

As for what I have done so far besides scanning:
Reset IE settings via advanced tab
Cleared all IE history
Cleared Temp folder
Upgraded from Java 6-27 to 7-04 making sure 6-27 and legacy is all removed using Revo Uninstaller.

Please, please help me fix this, it is driving me nuts.

Sorry this time with dds and attach files as well.



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.4.1
Run by Igor at 20:01:36 on 2012-05-08
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2046.1363 [GMT 1:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Programme\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Programme\Intel\WiFi\bin\WLKeeper.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe
C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Trend Micro\Browser Guard\BGUI.exe
C:\Programme\Trend Micro\Browser Guard\tmiegsrv.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyServer = 69.39.2.29:8080
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programme\gemeinsame dateien\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adblock IE: {667bee43-20bd-4ce3-94ac-e63e04d4b191} - c:\programme\mgtek\adblock ie\adblockie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\programme\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: {9F3209E2-334B-41E9-B09C-703F398742E7} - No File
BHO: TMIEGBHO Class: {f1ad4a42-ba52-47bc-89df-3f68f24c017f} - c:\programme\trend micro\browser guard\TMAMS.dll
TB: TMBGBAR TOOLBAR: {c8137a8d-415d-450c-a1b1-d0c519d45296} - c:\programme\trend micro\browser guard\tmieg.dll
TB: {CB789373-04D5-4EF4-9C16-871463FD0830} - No File
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [SynTPEnh] c:\programme\synaptics\syntp\SynTPEnh.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IntelZeroConfig] "c:\programme\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\programme\gemeinsame dateien\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [Malwarebytes' Anti-Malware] "c:\programme\malwarebytes\mbamgui.exe" /starttray
mRun: [Trend Micro Browser Guard] "c:\programme\trend micro\browser guard\BGUI.EXE"
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}
Trusted Zone: visaforchina.org.uk\www
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.euro.dell.com/systemprofiler/SysPro.CAB
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261738854093
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1257280810375
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47}
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://icisremote.ad.ic.ac.uk/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{7B55F1B9-B351-4207-952D-62A8F8A32998} : DhcpNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\gemein~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R1 NEOFLTR_650_15255;Juniper Networks TDI Filter Driver (NEOFLTR_650_15255);c:\windows\system32\drivers\NEOFLTR_650_15255.SYS [2010-7-12 85360]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-19 22344]
R3 xcpip;TCP/IP-Protokolltreiber;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
R3 xpsec;IPSEC-Treiber;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S1 SAVRKBootTasks;Boot Tasks Driver;\??\c:\windows\system32\savrkboottasks.sys --> c:\windows\system32\SAVRKBootTasks.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\programme\malwarebytes\mbamservice.exe [2010-2-19 654408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-18 253088]
S3 dugb.sys;dugb.sys;\??\c:\windows\system32\drivers\dugb.sys --> c:\windows\system32\drivers\dugb.sys [?]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-5-19 9728]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\e2.tmp --> c:\windows\system32\E2.tmp [?]
S3 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programme\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2011-11-15 1052480]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programme\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2010-2-24 10064]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 XDva374;XDva374;\??\c:\windows\system32\xdva374.sys --> c:\windows\system32\XDva374.sys [?]
S3 XDva375;XDva375;\??\c:\windows\system32\xdva375.sys --> c:\windows\system32\XDva375.sys [?]
S3 XDva377;XDva377;\??\c:\windows\system32\xdva377.sys --> c:\windows\system32\XDva377.sys [?]
S3 XDva379;XDva379;\??\c:\windows\system32\xdva379.sys --> c:\windows\system32\XDva379.sys [?]
S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [2010-5-19 114688]
S4 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
.
=============== Created Last 30 ================
.
2012-05-08 18:18:15 -------- d-----w- c:\dokumente und einstellungen\igor\lokale einstellungen\anwendungsdaten\Browser Guard
2012-05-08 18:18:11 -------- d-----w- c:\programme\Trend Micro
2012-05-08 18:14:14 388096 ----a-r- c:\dokumente und einstellungen\igor\anwendungsdaten\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-05-08 01:09:04 -------- d-----w- c:\dokumente und einstellungen\igor\lokale einstellungen\anwendungsdaten\MGTEK
2012-05-08 01:09:00 -------- d-----w- c:\programme\MGTEK
2012-05-08 01:08:46 -------- d-----w- c:\dokumente und einstellungen\all users\anwendungsdaten\MGTEK
2012-05-08 00:53:03 -------- d-----w- c:\programme\Oracle
2012-05-08 00:41:37 -------- d-----w- c:\programme\VS Revo Group
2012-05-07 23:17:54 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-04-21 11:49:32 -------- d-----w- c:\dokumente und einstellungen\all users\anwendungsdaten\Battle.net
2012-04-18 14:42:52 -------- d-----w- c:\programme\Microsoft
2012-04-18 12:57:09 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-04-18 12:57:09 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 17:47:36 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-04 17:47:02 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 14:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 11:00:09 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:00:08 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:00:08 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:09:48 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:09:48 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40 385024 ----a-w- c:\windows\system32\html.iec
.
============= FINISH: 20:02:22.54 ===============

Forgot to mention, after the permissions incident, going to another webpage (google) caused my laptop to lock up completely with everything unresponsive. Had to switch it off.

Attached Files



#2 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 13 May 2012 - 11:41 AM

Hi,

Next, please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Next, download my Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#3 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 17 May 2012 - 12:25 PM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users