Sign in to follow this  
Followers 0
dip12

Internet Explorer suddenly extremely slow

3 posts in this topic

Merged post

Hi,

Since last night, my Internet Explorer has becom extremely slow.

The rest of my system so far sees unaffected, ping and download times ae normal. Browsing is the onl thing that has become a crawl.

I can open Internet Explorer (ver8) just fine and it opens as quickly as usal. The moment I press Enter on an URL or pick a webpage from my history, it takes about a full minute for anything to happen in the status bar during which time the browser is unresponsive. Once it has "connected" to the webpage, it then takes extremely long to load and even when it has mostly finished loading it then stalls again and takes is time. Clicking any link on the webpage or going to another page or using a separate window or tab results in the exact same sloth again.

Even the autosave as I type this message slows it enough to swallow every 9th character.

The other notable thing is that if I rightclick any link to bring up the context menu, it takes about 4-6 seconds for it to appear during which time Internet Explorer stalls too.

I've run several scans with MBAM, AVG, Panda, Bitdefender and have installed TM's Browser Guard, all to no avail.

HiJackThis log also seems to not pick up anything strange.

Now as for when this happened last night:

I was browsing onto rlslog.net and about a few seconds into page load, the browser stalled and download/installed something (felt like it). Then I got a security popup saying "do you want to allow XXX.info access to your computer"? or somesuch, where XXX was some strange address called nvigporta or something like that. I clicked No, but my browser was aleady slowed since then. I checked Task Manager and java.exe was running whic normally doesn't happen, suggesting it was some bad java which may have infected me?

Since the, trying to access the offending webpage has resulted in it not loading but asking whether I was to download a file called rlslog_net instead, which suggests maybe the site got hacked?

As for what I have done so far besides scanning:

Reset IE settings via advanced tab

Cleared all IE history

Cleared Temp folder

Upgraded from Java 6-27 to 7-04 making sure 6-27 and legacy is all removed using Revo Uninstaller.

Please, please help me fix this, it is driving me nuts.

Sorry this time with dds and attach files as well.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.4.1

Run by Igor at 20:01:36 on 2012-05-08

Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2046.1363 [GMT 1:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Programme\Intel\WiFi\bin\S24EvMon.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Programme\Intel\WiFi\bin\EvtEng.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe

C:\Programme\Intel\WiFi\bin\WLKeeper.exe

C:\Programme\Synaptics\SynTP\SynTPEnh.exe

C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe

C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Programme\Internet Explorer\iexplore.exe

C:\Programme\Trend Micro\Browser Guard\BGUI.exe

C:\Programme\Trend Micro\Browser Guard\tmiegsrv.exe

C:\Programme\Internet Explorer\iexplore.exe

C:\Programme\Internet Explorer\iexplore.exe

C:\Programme\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = about:blank

uInternet Settings,ProxyServer = 69.39.2.29:8080

BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programme\gemeinsame dateien\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adblock IE: {667bee43-20bd-4ce3-94ac-e63e04d4b191} - c:\programme\mgtek\adblock ie\adblockie.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\programme\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: {9F3209E2-334B-41E9-B09C-703F398742E7} - No File

BHO: TMIEGBHO Class: {f1ad4a42-ba52-47bc-89df-3f68f24c017f} - c:\programme\trend micro\browser guard\TMAMS.dll

TB: TMBGBAR TOOLBAR: {c8137a8d-415d-450c-a1b1-d0c519d45296} - c:\programme\trend micro\browser guard\tmieg.dll

TB: {CB789373-04D5-4EF4-9C16-871463FD0830} - No File

mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe

mRun: [synTPEnh] c:\programme\synaptics\syntp\SynTPEnh.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [intelZeroConfig] "c:\programme\intel\wifi\bin\ZCfgSvc.exe"

mRun: [intelWireless] "c:\programme\gemeinsame dateien\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray

mRun: [Malwarebytes' Anti-Malware] "c:\programme\malwarebytes\mbamgui.exe" /starttray

mRun: [Trend Micro Browser Guard] "c:\programme\trend micro\browser guard\BGUI.EXE"

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}

Trusted Zone: visaforchina.org.uk\www

DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.euro.dell.com/systemprofiler/SysPro.CAB

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261738854093

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1257280810375

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47}

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://icisremote.ad.ic.ac.uk/dana-cached/sc/JuniperSetupClient.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{7B55F1B9-B351-4207-952D-62A8F8A32998} : DhcpNameServer = 192.168.1.254

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\gemein~1\skype\SKYPE4~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R1 NEOFLTR_650_15255;Juniper Networks TDI Filter Driver (NEOFLTR_650_15255);c:\windows\system32\drivers\NEOFLTR_650_15255.SYS [2010-7-12 85360]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-19 22344]

R3 xcpip;TCP/IP-Protokolltreiber;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]

R3 xpsec;IPSEC-Treiber;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

S1 SAVRKBootTasks;Boot Tasks Driver;\??\c:\windows\system32\savrkboottasks.sys --> c:\windows\system32\SAVRKBootTasks.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MBAMService;MBAMService;c:\programme\malwarebytes\mbamservice.exe [2010-2-19 654408]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-18 253088]

S3 dugb.sys;dugb.sys;\??\c:\windows\system32\drivers\dugb.sys --> c:\windows\system32\drivers\dugb.sys [?]

S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-5-19 9728]

S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\e2.tmp --> c:\windows\system32\E2.tmp [?]

S3 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programme\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2011-11-15 1052480]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programme\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2010-2-24 10064]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S3 XDva374;XDva374;\??\c:\windows\system32\xdva374.sys --> c:\windows\system32\XDva374.sys [?]

S3 XDva375;XDva375;\??\c:\windows\system32\xdva375.sys --> c:\windows\system32\XDva375.sys [?]

S3 XDva377;XDva377;\??\c:\windows\system32\xdva377.sys --> c:\windows\system32\XDva377.sys [?]

S3 XDva379;XDva379;\??\c:\windows\system32\xdva379.sys --> c:\windows\system32\XDva379.sys [?]

S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [2010-5-19 114688]

S4 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

.

=============== Created Last 30 ================

.

2012-05-08 18:18:15 -------- d-----w- c:\dokumente und einstellungen\igor\lokale einstellungen\anwendungsdaten\Browser Guard

2012-05-08 18:18:11 -------- d-----w- c:\programme\Trend Micro

2012-05-08 18:14:14 388096 ----a-r- c:\dokumente und einstellungen\igor\anwendungsdaten\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2012-05-08 01:09:04 -------- d-----w- c:\dokumente und einstellungen\igor\lokale einstellungen\anwendungsdaten\MGTEK

2012-05-08 01:09:00 -------- d-----w- c:\programme\MGTEK

2012-05-08 01:08:46 -------- d-----w- c:\dokumente und einstellungen\all users\anwendungsdaten\MGTEK

2012-05-08 00:53:03 -------- d-----w- c:\programme\Oracle

2012-05-08 00:41:37 -------- d-----w- c:\programme\VS Revo Group

2012-05-07 23:17:54 772504 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-04-21 11:49:32 -------- d-----w- c:\dokumente und einstellungen\all users\anwendungsdaten\Battle.net

2012-04-18 14:42:52 -------- d-----w- c:\programme\Microsoft

2012-04-18 12:57:09 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe

.

==================== Find3M ====================

.

2012-04-18 12:57:09 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-04-04 17:47:36 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-04-04 17:47:02 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-04-04 14:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-01 11:00:09 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:00:08 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-03-01 11:00:08 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:09:48 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:09:48 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17:40 385024 ----a-w- c:\windows\system32\html.iec

.

============= FINISH: 20:02:22.54 ===============

Forgot to mention, after the permissions incident, going to another webpage (google) caused my laptop to lock up completely with everything unresponsive. Had to switch it off.

hijackthis.log

dds.txt

attach.txt

Share this post


Link to post
Share on other sites

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.