|
#1
01-05-2006, 04:24 PM
|
|||
|
|||
IE6 Application start slow on XP_sp2
Hi All,
I am using IE6 (Microsoft Internet Explorer v6.0.2) on Windows XP_sp2 for nearly 1 year without any problem.. I have Norton Antivirus, ZoneAlarm Pro Firewall, Microsoft AntiSpyware (beta) on my system to protect my system from possible intruders and viruses.. To my bad fate, 1 month back I connected to my (dialup) internet, after disabling all the above protectors (for some other reason).. that too only for a period of 3 minutes... Some nasty ADWARE HACKED my IE6 and attached some UI to the tool-bar, when I was browsing thru some websites.. I somehow managed to remove those things from the IE UI.. I forgot how I did. But after that, My IE started to load slowly.. "LOAD SLOWLY" in the sense, it is loading pages in the as-usual speed, But it IE application itself loads very slowly (takes 8 to 25 seconds)... I searched thru the lot of webpages, groups, forums here and there to find a proper solution for this.. I dont find any proper solution... and I also tried with various registry and IE-application-folder manipulation advised by most.. but in vein.. Have you faced a problem like this.. if so.. how do u go and fix it.. or is there a solution without reinstalling IE6 or XP.. since I have my XP&IE with all the latest updates.. I am not willing to do it once more as it is a time and internet consuming process (mine is a 115kb dialup connection) expecting ur help Thanks & regards R.Padmakumar paxi_9@yahoo.com 
|
|
#2
01-05-2006, 04:24 PM
|
|||
|
|||
|
Re: IE6 Application start slow on XP_sp2
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://aumha.net/viewtopic.php?t=5878 http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/data/prevention.htm http://inetexplorer.mvps.org/archive/tshoot.html http://www.mvps.org/sramesh2k/Malware_Defence.htm http://defendingyourmachine.blogspot.com/ When all else fails, HijackThis v1.99.1 (http://aumha.net/downloads/hijackthis.zip) is the preferred tool to use. It will help you to both identify and remove any hijackware/spyware. **Post your log to http://forums.spywareinfo.com/, http://castlecops.com/forum67.html or http://aumha.net/viewforum.php?f=30 for expert analysis, not here.** -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE, Security, Shell/User) paxi_9@yahoo.com wrote: > Hi All, > > I am using IE6 (Microsoft Internet Explorer v6.0.2) on Windows XP_sp2 > for nearly 1 year without any problem.. > > I have Norton Antivirus, ZoneAlarm Pro Firewall, Microsoft AntiSpyware > (beta) on my system to protect my system from possible intruders and > viruses.. > > To my bad fate, 1 month back I connected to my (dialup) internet, after > disabling all the above protectors (for some other reason).. that too > only for a period of 3 minutes... > > Some nasty ADWARE HACKED my IE6 and attached some UI to the tool-bar, > when I was browsing thru some websites.. > > I somehow managed to remove those things from the IE UI.. I forgot how > I did. > > But after that, My IE started to load slowly.. > > "LOAD SLOWLY" in the sense, it is loading pages in the as-usual speed, > > But it IE application itself loads very slowly (takes 8 to 25 > seconds)... > > I searched thru the lot of webpages, groups, forums here and there to > find a proper solution for this.. I dont find any proper solution... > and I also tried with various registry and IE-application-folder > manipulation advised by most.. but in vein.. > > Have you faced a problem like this.. if so.. how do u go and fix it.. > or is there a solution without reinstalling IE6 or XP.. since I have my > XP&IE with all the latest updates.. I am not willing to do it once > more as it is a time and internet consuming process (mine is a 115kb > dialup connection) > > expecting ur help > > Thanks & regards > > R.Padmakumar > paxi_9@yahoo.com
|
|
#3
01-05-2006, 04:25 PM
|
|||
|
|||
|
Re: IE6 Application start slow on XP_sp2
Hi,
Herewith I am sending 3 different "HijackThis" reports. (1) taken before IE6 started (2) talen after IE6 started without dialup net connection (3) taken after IE started with dialup net connection. (1) taken before IE6 started :- ******************************* Logfile of HijackThis v1.99.1 Scan saved at 3:47:19 AM, on 04/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\Progra~1\SYMANT~1\DefWatch.exe D:\Progra~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe D:\Program Files\Microsoft AntiSpyware\gcasServ.exe D:\Progra~1\SYMANT~1\vptray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Padma\Desktop\downloads-file-328\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: QAPHlprObj Class - {297caf50-e4f7-11d1-a380-00600896eccc} - d:\PROGRA~1\Segue\SilkTest\qaphlpr.dll (file missing) O2 - BHO: BHOManager Class - {474264BC-9571-47C1-85B9-780F756DC9CE} - C:\WINDOWS\system32\BHOManager.dll O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Zone Labs Client] D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [vptray] D:\Progra~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Download with Star Downloader - D:\Program Files\Star Downloader\sdie.htm O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: HTLFP - {03B7A5D4-96B0-4316-95F8-072D326A58F1} - (no file) O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: vfsp - (no CLSID) - (no file) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O23 - Service: DefWatch - Symantec Corporation - D:\Progra~1\SYMANT~1\DefWatch.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - D:\Progra~1\SYMANT~1\Rtvscan.exe O23 - Service: OracleOraHome81ClientCache - Unknown owner - D:\progra~1\Oracle\Ora81\BIN\ONRSD.EXE O23 - Service: OracleOraHome81TNSListener - Unknown owner - D:\progra~1\Oracle\Ora81\BIN\TNSLSNR.exe O23 - Service: OracleServicePADMAXI - Oracle Corporation - d:\progra~1\oracle\ora81\bin\ORACLE.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (2) talen after IE6 started without dialup net connection :- ************************************************** ************* Logfile of HijackThis v1.99.1 Scan saved at 3:48:04 AM, on 04/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\Progra~1\SYMANT~1\DefWatch.exe D:\Progra~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe D:\Program Files\Microsoft AntiSpyware\gcasServ.exe D:\Progra~1\SYMANT~1\vptray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Padma\Desktop\downloads-file-328\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: QAPHlprObj Class - {297caf50-e4f7-11d1-a380-00600896eccc} - d:\PROGRA~1\Segue\SilkTest\qaphlpr.dll (file missing) O2 - BHO: BHOManager Class - {474264BC-9571-47C1-85B9-780F756DC9CE} - C:\WINDOWS\system32\BHOManager.dll O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Zone Labs Client] D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [vptray] D:\Progra~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Download with Star Downloader - D:\Program Files\Star Downloader\sdie.htm O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: HTLFP - {03B7A5D4-96B0-4316-95F8-072D326A58F1} - (no file) O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: vfsp - (no CLSID) - (no file) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O23 - Service: DefWatch - Symantec Corporation - D:\Progra~1\SYMANT~1\DefWatch.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - D:\Progra~1\SYMANT~1\Rtvscan.exe O23 - Service: OracleOraHome81ClientCache - Unknown owner - D:\progra~1\Oracle\Ora81\BIN\ONRSD.EXE O23 - Service: OracleOraHome81TNSListener - Unknown owner - D:\progra~1\Oracle\Ora81\BIN\TNSLSNR.exe O23 - Service: OracleServicePADMAXI - Oracle Corporation - d:\progra~1\oracle\ora81\bin\ORACLE.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (3) taken after IE started with dialup net connection.:- ************************************************** ********* Logfile of HijackThis v1.99.1 Scan saved at 3:49:39 AM, on 04/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\Progra~1\SYMANT~1\DefWatch.exe D:\Progra~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe D:\Program Files\Microsoft AntiSpyware\gcasServ.exe D:\Progra~1\SYMANT~1\vptray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Padma\Desktop\downloads-file-328\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: QAPHlprObj Class - {297caf50-e4f7-11d1-a380-00600896eccc} - d:\PROGRA~1\Segue\SilkTest\qaphlpr.dll (file missing) O2 - BHO: BHOManager Class - {474264BC-9571-47C1-85B9-780F756DC9CE} - C:\WINDOWS\system32\BHOManager.dll O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Zone Labs Client] D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [vptray] D:\Progra~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Download with Star Downloader - D:\Program Files\Star Downloader\sdie.htm O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{39EF9AD0-453A-4F82-8F03-BACAFEFE8C6A}: NameServer = 202.138.103.100 202.138.96.2 O18 - Protocol: HTLFP - {03B7A5D4-96B0-4316-95F8-072D326A58F1} - (no file) O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: vfsp - (no CLSID) - (no file) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O23 - Service: DefWatch - Symantec Corporation - D:\Progra~1\SYMANT~1\DefWatch.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - D:\Progra~1\SYMANT~1\Rtvscan.exe O23 - Service: OracleOraHome81ClientCache - Unknown owner - D:\progra~1\Oracle\Ora81\BIN\ONRSD.EXE O23 - Service: OracleOraHome81TNSListener - Unknown owner - D:\progra~1\Oracle\Ora81\BIN\TNSLSNR.exe O23 - Service: OracleServicePADMAXI - Oracle Corporation - d:\progra~1\oracle\ora81\bin\ORACLE.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Please help me in finding the problem with this "HijackThis" log Thanks & regards R.Padmakumar paxi_9@yahoo.com
|
|
#4
01-05-2006, 04:25 PM
|
|||
|
|||
|
Re: IE6 Application start slow on XP_sp2
Repost:
> When all else fails, HijackThis v1.99.1 > (http://aumha.net/downloads/hijackthis.zip) is the preferred tool to use. > It will help you to both identify and remove any hijackware/spyware. > **Post > your log to http://forums.spywareinfo.com/, > http://castlecops.com/forum67.html or http://aumha.net/viewforum.php?f=30 > for expert analysis, not here.** We do not interpret HT logs in the public newsgroups, Paxi. -- ~PA Bear paxi_9@yahoo.com wrote: > Hi, > > Herewith I am sending 3 different "HijackThis" reports. (1) taken > before IE6 started (2) talen after IE6 started without dialup net > connection (3) taken after IE started with dialup net connection. <snip>
|
|
#5
01-05-2006, 04:38 PM
|
|||
|
|||
|
Re: IE6 Application start slow on XP_sp2
Paxi, just in case you've tagged this thread, I note you have npdocbox in you
HJT log. I would not profess to be an expert, but that can certainly go. I don't know why the MVP's are so down on HJT logs. I would have thought any communication which helps to compbat spyware is useful. "paxi_9@yahoo.com" wrote: > Hi, > > Herewith I am sending 3 different "HijackThis" reports. (1) taken > before IE6 started (2) talen after IE6 started without dialup net > connection (3) taken after IE started with dialup net connection. > > (1) taken before IE6 started :- > ******************************* > Logfile of HijackThis v1.99.1 > Scan saved at 3:47:19 AM, on 04/12/2005 > Platform: Windows XP SP2 (WinNT 5.01.2600) > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) > > Running processes: > C:\WINDOWS\System32\smss.exe > C:\WINDOWS\system32\winlogon.exe > C:\WINDOWS\system32\services.exe > C:\WINDOWS\system32\lsass.exe > C:\WINDOWS\system32\svchost.exe > C:\WINDOWS\System32\svchost.exe > C:\WINDOWS\system32\spoolsv.exe > D:\Progra~1\SYMANT~1\DefWatch.exe > D:\Progra~1\SYMANT~1\Rtvscan.exe > C:\WINDOWS\system32\ZoneLabs\vsmon.exe > C:\WINDOWS\Explorer.EXE > D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe > D:\Program Files\Microsoft AntiSpyware\gcasServ.exe > D:\Progra~1\SYMANT~1\vptray.exe > C:\Program Files\Common Files\Real\Update_OB\realsched.exe > C:\Program Files\Messenger\msmsgs.exe > D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe > C:\WINDOWS\System32\svchost.exe > C:\Documents and > Settings\Padma\Desktop\downloads-file-328\HijackThis.exe > > O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} > - d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx > O2 - BHO: QAPHlprObj Class - {297caf50-e4f7-11d1-a380-00600896eccc} - > d:\PROGRA~1\Segue\SilkTest\qaphlpr.dll (file missing) > O2 - BHO: BHOManager Class - {474264BC-9571-47C1-85B9-780F756DC9CE} - > C:\WINDOWS\system32\BHOManager.dll > O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - > C:\Program Files\Yahoo!\Common\yiesrvc.dll > O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} > - C:\Program Files\Yahoo!\Common\YIeTagBm.dll > O2 - BHO: Google Toolbar Helper - > {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program > files\google\googletoolbar2.dll > O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - > D:\PROGRA~1\STARDO~1\SDIEInt.dll > O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - > c:\program files\google\googletoolbar2.dll > O4 - HKLM\..\Run: [Zone Labs Client] > D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe > O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft > AntiSpyware\gcasServ.exe" > O4 - HKLM\..\Run: [vptray] D:\Progra~1\SYMANT~1\vptray.exe > O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common > Files\Real\Update_OB\realsched.exe" -osboot > O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" > /background > O8 - Extra context menu item: &Google Search - res://c:\program > files\google\GoogleToolbar2.dll/cmsearch.html > O8 - Extra context menu item: &Translate English Word - > res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html > O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program > Files\Yahoo!\Common/ycsrch.htm > O8 - Extra context menu item: Backward Links - res://c:\program > files\google\GoogleToolbar2.dll/cmbacklinks.html > O8 - Extra context menu item: Cached Snapshot of Page - > res://c:\program files\google\GoogleToolbar2.dll/cmcache.html > O8 - Extra context menu item: Download with Star Downloader - > D:\Program Files\Star Downloader\sdie.htm > O8 - Extra context menu item: Similar Pages - res://c:\program > files\google\GoogleToolbar2.dll/cmsimilar.html > O8 - Extra context menu item: Translate Page into English - > res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html > O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program > Files\Yahoo!\Common/ycdict.htm > O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program > Files\Yahoo!\Common/ycmap.htm > O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program > Files\Yahoo!\Common/ycsms.htm > O9 - Extra button: Yahoo! Services - > {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program > Files\Yahoo!\Common\yiesrvc.dll > O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - > C:\Program Files\Messenger\msmsgs.exe > O9 - Extra 'Tools' menuitem: Windows Messenger - > {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program > Files\Messenger\msmsgs.exe > O12 - Plugin for .spop: C:\Program Files\Internet > Explorer\Plugins\NPDocBox.dll > O18 - Protocol: HTLFP - {03B7A5D4-96B0-4316-95F8-072D326A58F1} - (no > file) > O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - > C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll > O18 - Protocol: vfsp - (no CLSID) - (no file) > O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll > O23 - Service: DefWatch - Symantec Corporation - > D:\Progra~1\SYMANT~1\DefWatch.exe > O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - > Symantec Corporation - D:\Progra~1\SYMANT~1\Rtvscan.exe > O23 - Service: OracleOraHome81ClientCache - Unknown owner - > D:\progra~1\Oracle\Ora81\BIN\ONRSD.EXE > O23 - Service: OracleOraHome81TNSListener - Unknown owner - > D:\progra~1\Oracle\Ora81\BIN\TNSLSNR.exe > O23 - Service: OracleServicePADMAXI - Oracle Corporation - > d:\progra~1\oracle\ora81\bin\ORACLE.EXE > O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - > C:\WINDOWS\system32\ZoneLabs\vsmon.exe > > > > > (2) talen after IE6 started without dialup net connection :- > ************************************************** ************* > Logfile of HijackThis v1.99.1 > Scan saved at 3:48:04 AM, on 04/12/2005 > Platform: Windows XP SP2 (WinNT 5.01.2600) > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) > > Running processes: > C:\WINDOWS\System32\smss.exe > C:\WINDOWS\system32\winlogon.exe > C:\WINDOWS\system32\services.exe > C:\WINDOWS\system32\lsass.exe > C:\WINDOWS\system32\svchost.exe > C:\WINDOWS\System32\svchost.exe > C:\WINDOWS\system32\spoolsv.exe > D:\Progra~1\SYMANT~1\DefWatch.exe > D:\Progra~1\SYMANT~1\Rtvscan.exe > C:\WINDOWS\system32\ZoneLabs\vsmon.exe > C:\WINDOWS\Explorer.EXE > D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe > D:\Program Files\Microsoft AntiSpyware\gcasServ.exe > D:\Progra~1\SYMANT~1\vptray.exe > C:\Program Files\Common Files\Real\Update_OB\realsched.exe > C:\Program Files\Messenger\msmsgs.exe > D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe > C:\WINDOWS\System32\svchost.exe > C:\Program Files\Internet Explorer\iexplore.exe > C:\Documents and > Settings\Padma\Desktop\downloads-file-328\HijackThis.exe > > O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} > - d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx > O2 - BHO: QAPHlprObj Class - {297caf50-e4f7-11d1-a380-00600896eccc} - > d:\PROGRA~1\Segue\SilkTest\qaphlpr.dll (file missing) > O2 - BHO: BHOManager Class - {474264BC-9571-47C1-85B9-780F756DC9CE} - > C:\WINDOWS\system32\BHOManager.dll > O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - > C:\Program Files\Yahoo!\Common\yiesrvc.dll > O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} > - C:\Program Files\Yahoo!\Common\YIeTagBm.dll > O2 - BHO: Google Toolbar Helper - > {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program > files\google\googletoolbar2.dll > O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - > D:\PROGRA~1\STARDO~1\SDIEInt.dll > O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - > c:\program files\google\googletoolbar2.dll > O4 - HKLM\..\Run: [Zone Labs Client] > D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe > O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft > AntiSpyware\gcasServ.exe" > O4 - HKLM\..\Run: [vptray] D:\Progra~1\SYMANT~1\vptray.exe > O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common > Files\Real\Update_OB\realsched.exe" -osboot > O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" > /background > O8 - Extra context menu item: &Google Search - res://c:\program > files\google\GoogleToolbar2.dll/cmsearch.html > O8 - Extra context menu item: &Translate English Word - > res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html > O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program > Files\Yahoo!\Common/ycsrch.htm > O8 - Extra context menu item: Backward Links - res://c:\program > files\google\GoogleToolbar2.dll/cmbacklinks.html > O8 - Extra context menu item: Cached Snapshot of Page - > res://c:\program files\google\GoogleToolbar2.dll/cmcache.html > O8 - Extra context menu item: Download with Star Downloader - > D:\Program Files\Star Downloader\sdie.htm > O8 - Extra context menu item: Similar Pages - res://c:\program > files\google\GoogleToolbar2.dll/cmsimilar.html > O8 - Extra context menu item: Translate Page into English - > res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html > O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program > Files\Yahoo!\Common/ycdict.htm > O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program > Files\Yahoo!\Common/ycmap.htm > O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program > Files\Yahoo!\Common/ycsms.htm > O9 - Extra button: Yahoo! Services - > {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program > Files\Yahoo!\Common\yiesrvc.dll > O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - > C:\Program Files\Messenger\msmsgs.exe > O9 - Extra 'Tools' menuitem: Windows Messenger - > {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program > Files\Messenger\msmsgs.exe > O12 - Plugin for .spop: C:\Program Files\Internet > Explorer\Plugins\NPDocBox.dll > O18 - Protocol: HTLFP - {03B7A5D4-96B0-4316-95F8-072D326A58F1} - (no > file) > O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - > C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll > O18 - Protocol: vfsp - (no CLSID) - (no file) > O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll > O23 - Service: DefWatch - Symantec Corporation - > D:\Progra~1\SYMANT~1\DefWatch.exe > O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - > Symantec Corporation - D:\Progra~1\SYMANT~1\Rtvscan.exe > O23 - Service: OracleOraHome81ClientCache - Unknown owner - > D:\progra~1\Oracle\Ora81\BIN\ONRSD.EXE > O23 - Service: OracleOraHome81TNSListener - Unknown owner - > D:\progra~1\Oracle\Ora81\BIN\TNSLSNR.exe > O23 - Service: OracleServicePADMAXI - Oracle Corporation - > d:\progra~1\oracle\ora81\bin\ORACLE.EXE > O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - > C:\WINDOWS\system32\ZoneLabs\vsmon.exe > > > > > (3) taken after IE started with dialup net connection.:- > ************************************************** ********* > > Logfile of HijackThis v1.99.1 > Scan saved at 3:49:39 AM, on 04/12/2005 > Platform: Windows XP SP2 (WinNT 5.01.2600) > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) > > Running processes: > C:\WINDOWS\System32\smss.exe > C:\WINDOWS\system32\winlogon.exe > C:\WINDOWS\system32\services.exe > C:\WINDOWS\system32\lsass.exe > C:\WINDOWS\system32\svchost.exe > C:\WINDOWS\System32\svchost.exe > C:\WINDOWS\system32\spoolsv.exe > D:\Progra~1\SYMANT~1\DefWatch.exe > D:\Progra~1\SYMANT~1\Rtvscan.exe > C:\WINDOWS\system32\ZoneLabs\vsmon.exe > C:\WINDOWS\Explorer.EXE > D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe > D:\Program Files\Microsoft AntiSpyware\gcasServ.exe > D:\Progra~1\SYMANT~1\vptray.exe > C:\Program Files\Common Files\Real\Update_OB\realsched.exe > C:\Program Files\Messenger\msmsgs.exe > D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe > C:\WINDOWS\System32\svchost.exe > C:\Program Files\Internet Explorer\iexplore.exe > C:\Documents and > Settings\Padma\Desktop\downloads-file-328\HijackThis.exe > > O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} > - d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx > O2 - BHO: QAPHlprObj Class - {297caf50-e4f7-11d1-a380-00600896eccc} - > d:\PROGRA~1\Segue\SilkTest\qaphlpr.dll (file missing) > O2 - BHO: BHOManager Class - {474264BC-9571-47C1-85B9-780F756DC9CE} - > C:\WINDOWS\system32\BHOManager.dll > O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - > C:\Program Files\Yahoo!\Common\yiesrvc.dll > O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} > - C:\Program Files\Yahoo!\Common\YIeTagBm.dll > O2 - BHO: Google Toolbar Helper - > {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program > files\google\googletoolbar2.dll > O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - > D:\PROGRA~1\STARDO~1\SDIEInt.dll > O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - > c:\program files\google\googletoolbar2.dll > O4 - HKLM\..\Run: [Zone Labs Client] > D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe > O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft > AntiSpyware\gcasServ.exe" > O4 - HKLM\..\Run: [vptray] D:\Progra~1\SYMANT~1\vptray.exe > O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common > Files\Real\Update_OB\realsched.exe" -osboot > O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" > /background > O8 - Extra context menu item: &Google Search - res://c:\program > files\google\GoogleToolbar2.dll/cmsearch.html > O8 - Extra context menu item: &Translate English Word - > res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html > O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program > Files\Yahoo!\Common/ycsrch.htm > O8 - Extra context menu item: Backward Links - res://c:\program > files\google\GoogleToolbar2.dll/cmbacklinks.html > O8 - Extra context menu item: Cached Snapshot of Page - > res://c:\program files\google\GoogleToolbar2.dll/cmcache.html > O8 - Extra context menu item: Download with Star Downloader - > D:\Program Files\Star Downloader\sdie.htm > O8 - Extra context menu item: Similar Pages - res://c:\program > files\google\GoogleToolbar2.dll/cmsimilar.html > O8 - Extra context menu item: Translate Page into English - > res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html > O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program > Files\Yahoo!\Common/ycdict.htm
|
 |
| Thread Tools | Search this Thread |
| Display Modes | |
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| IE6 Application start slow on XP_sp2 | paxi_9@yahoo.com | Windows Update | 1 | 01-05-2006 05:09 PM |
| One-way connection: networked XP/2000 PC's | Cheryl | Windows XP Network Web | 22 | 01-05-2006 04:11 AM |
| Long delay before Drives & Files appear in My Computer & Address Bar | shizzlenizzlator@gmail.com | Windows XP Help and Support | 3 | 01-05-2006 02:44 AM |
| Have results from Hijackthis. Don't understand them!!! 1st half | StanStan | Windows XP General | 15 | 01-05-2006 02:36 AM |
| Windows error message | Glo | Windows XP Basics | 41 | 01-05-2006 02:04 AM |
Linear Mode
