IE 7.0 runs very slow. Log file attached

M

mtboulder

Posts: 17   +0
I have a HP desktop running Windows XP. Internet Explorer loads and runs very slow. The system also has MSN internet service (the butterfly thing) that at times runs slow. Firefox runs fine and all other applications seem to run fine. I use Adaware and Spybot along with Norton Internet security and scans are done at least weekly. I've also cleaned out the cache.

I'd appreciate it if you guys could look at the attached file and let me know if you seeing anything that could be causing the problem. Any other advice would also be appreciated. Thanks in advance for your help.
 
There is no attached file. But you should also run a temp file cleaner and at least an additional anti-spyware program, I will list a few below with instructions how to use. You can also attach a log when you get this.


Make your Internet Explorer more secure - This can be done by following these simple instructions:
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    • Change the Download signed ActiveX controls to Prompt
    • Change the Download unsigned ActiveX controls to Disable
    • Change the Initialize and script ActiveX controls not marked as safe to Disable
    • Change the Installation of desktop items to Prompt
    • Change the Launching programs and files in an IFRAME to Prompt
    • Change the Navigate sub-frames across different domains to Prompt
    • When all these settings have been made, click on the OK button.
    • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  5. Next press the Apply button and then the OK to exit the Internet Properties page.



Temp file cleaner
Download and Run ATF Cleaner
Download ATF Cleaner by Atribune to your desktop.

Double-click ATF Cleaner.exe to open it.

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

Firefox or Opera:
Click Firefox or Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.



Anti spyware programs

Malwarebytes' Anti-Malware

  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


Download\install 'SuperAntiSpyware Home Edition Free Version' from HERE
  • Launch SuperAntiSpyware and click on 'Check for updates'.
  • Once the updates have been installed,exit SuperAntiSpyware.

Scan with SuperAntiSpyware
  • Start SuperAntiSpyware.
  • On the main screen click on 'Scan your computer'.
  • Check: 'Perform Complete Scan then Click 'Next' to start the scan.
  • Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
  • Make sure everything found has a checkmark next to it,then press 'Next'.
  • Click on 'Finish' when you've done.

    It's possible that the program will ask you to reboot in order to delete some files.

    Obtain the SuperAntiSpyware log as follows:
    Click on 'Preferences'.
    Click on the 'Statistics/Logs' tab.
    Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
    It will then open in your default text editor,such as Notepad.
    Attach the notepad file here on your next reply


here are some additional utilities that will enhance your safety

  • IE/Spyad <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
  • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
  • Winpatrol <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
    Using Winpatrol to protect your computer from malicious software
 
Here is the SuperAnti Sypware log

Thanks for all the help. My IE settings were already set up as you suggested. I have run Superanitspyware which found 143 things. Log file attached. I also ran Malwarebytes yesterday which came up clean.

IE is still loading and running slow after Super Antispyware cleaned up the 143 infections. View attachment 32343
 
I'm not seeing much in your logs that would cause these issues other than Norton interfering. It installed toolbars and browser helper objects.

Launch Hijackthis -> scan only -> check the following entries -> close all browser windows -> click fix checked

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop



Kaspersky online scan
Go to Kaspersky and click the Accept button at the end of the page.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

* Read the Requirements and limitations before you click Accept.
* Allow the ActiveX download if necessary.
* Once the database has downloaded, click Next.
* Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
* Click on "My Computer"
* When the scan has completed, click Save Report As...
* Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
* Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.

Attach the report into your next reply
 
You might also want to consider the add-ons you have for IE7. Some or the total may be part of the slowdown problem.

All those entries for '04' in the hijack log are for auto-loading programs from the Registry or Startup group. Everything that starts at boot runs in the background.

O3 - Toolbar: Show Norton Toolbar> do you NEED a Norton Toolbar?
The '09' entries are for Extra buttons on the main IE Toolbar>> do you need all of those?
The '016' are Active X Objects from Downloaded program files. Do you need all these running?

The point I want to make is that even though you have legitimate processes and files, you can limit those that startup and run in the background. The more that run, the more of your resources they take. Consider running only what is necessary and calling up all others as needed.

Edit to add: Have a look at this. You will pick up some good pointers:
Guide to making your PC run faster:
https://www.techspot.com/vb/showthread.php?p=612440#post612440
 
Thanks for the suggestions Bobbye. I did remove the Spybot buttons and the Norton Toolbar (I hated that thing anyway). I honestly don't know what th other toolbar buttons are (probably something to do with MSN premium). I also have no idea what the 016 active X things are. Not sure if I need them or not. The computer runs fine for everything except IE and MSN Premium (which must use IE somehow). All other programs and firefox work fine. If it wasn't for the fact that my wife uses MSN premium for all her email stuff, I'd just use firefox and be done with it. Again, thanks for taking the time to reply.
 
Did you knowingly install peoplepc?

Upload a File to Virustotal
Please visit Virustotal found HERE
  • Click the Browse... button
  • Navigate to the file G:\hp\bin\wbug\CompaqPresario_Spring06.exe
  • Click the Open button
  • Click the Send button
  • Copy and paste the results back here please.
 
Here are the results from Virustotal for the file you inquired about:

File CompaqPresario_Spring06.exe received on 01.01.2007 09:02:46 (CET)
Current status: finished
Result: 2/28 (7.14%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - Adware.MyWebSearch.J
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-InoculateIT - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Prot4 - - -
Fortinet - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - a variant of Win32/AdInstaller
Norman - - -
Panda - - -
Prevx1 - - -
Sophos - - -
Sunbelt - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Additional information
MD5: 9a5e835cdff8935e260a90d3122d9e90
SHA1: df6ca5a78f2a55ac562c3d6b614ad96f5e2db9b6
SHA256: 6a9a2138307a3ccfcc298977e485781d313867b5dce9e093176015ea2ffe7f67
SHA512: dc4c1a852c2d8c00c80a09ab1ee7e8f405bb3880221616a394d5254202ee0c1aa488911d7cf2b874d7a32003c351e7834bf7591170c26283f2fbde5af197d12c
 
Disable Teatimer
  • Right click the Spybot -SD Resident Icon located in your system tray, Select Exit Spybot - S&D Resident
  • Open Spybot S&D
  • Click on Mode at the top and make sure that Advanced is checked
  • Expand the Tools tab in the left pane
  • Single click on the Resident Icon also in the left pane
  • Uncheck Resident "TeaTimer" (Protection of over-all system settings) Active
  • Close spybot

---------------------------------------------------

Combofix
  • Download Combofix to your desktop.
  • Double click combofix.exe & follow the prompts.
  • A window will open with a warning.
  • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

Combofix will automatically save the log file to C:\combofix.txt
 
Ok, just a couple of minor things.

Here are 2 more secure browsers to choose from:
1)Firefox -> http://www.mozilla.com/en-US/firefox/
2)Opera -> http://www.opera.com/

----------------------------------------------------------------------------

Go to Start -> control panel -> add/remove programs and uninstall:

Weatherbug
PeoplePC

------------------------------------------------------------------------------------

CFScript

Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
File::
D:\I386\APPS\APP05140\src\CompaqPresario_Spring06.exe
D:\I386\APPS\APP05140\src\HPPavillion_Spring06.exe

Folder::
C:\hp\bin\wbug\
C:\Program Files\Online Services\PeoplePC
G:\hp\bin\wbug\
G:\Program Files\Online Services\PeoplePC
Click to expand...

Save this as CFScript.txt

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.

CFScript.gif


This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply
 
Hi BD,

I've been using Firefox for the last month since IE was so slow and it has been working fine. If my wife didn't use MSN premium (butterfly) with Quest DSL for all her (this also runs slow) email stuff I'd ignore the problem and just use Firefox.

When I looked in control panels to add/remove software, PeoplePC was not listed and there was a Weatherbug install program listed only. I removed the later. I found PeoplePC and Weatherbug in the HP folder that came with the computer. It's on both the C: and G: drives because the G: drive used to be the main OS drive until a year ago when I had to reinstall the OS on a new drive which is now my C: drive. I copied all the old C: files onto the G: drive to save the data.

I ran the CFSscript as you asked and it worked as indicated. New Log file attached.View attachment 32400
 
I suspect Norton may be having something to do with this and we can test that. But first lets clean up a bit and secure what we have done so far, and set a fresh restore point.

Uninstall Combofix
* Click START then RUN
* Now type Combofix /u in the runbox
* Make sure there's a space between Combofix and /u
* Then hit Enter.

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

-----------------------------------------------------------------------
Cleanup using OTMoveit2 by OldTimer
Now we can clear out the rest of the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if launched accidentally.

Download OTMoveIt2 by OldTimer OTMoveIt2.exe and place it on your desktop.

1. Double click OTMoveIt2.exe to launch it.
If using Vista Right-Click OTMoveIt and choose Run As Administrator
2. Click on the CleanUp! button.
3. OTMoveIt2 will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
4. Click YES at the next prompt (list downloaded, Do you want to begin cleanup process?)

* When finished exit out of OTMoveIt2
 
I found PeoplePC and Weatherbug in the HP folder that came with the computer.
Click to expand...

That's alarming! You're saying HP bundled Weatherbug? It comes with spyware/adware. It use to be "Trickler" and a firewall should catch it. But if it's sent on the hard drive, that's scary!
 
I am thinking your problem could be one of two things.

1) Corrupt cache or temp files ( We will clear all this either way)
2) Possibly BHO or Toolbars slowing your access

Lets fix #1 and see how it works.

CCleaner
  • Download from HERE
  • Close all browsers.
  • Run the programme and make sure all the boxes are ticked under the Windows and Applications tabs, Also check All Advanced tabs(except for the Old prefetch Data option, this should be unticked)
  • Click the run cleaner button. Do this several times


Manually clear cache

  • Open an Explorer folder window (for example, double-click My Computer).
  • From the Explorer menu select Tools | Folder Options | View. Make sure that you have checked the box next to "Show hidden files and folders" and uncheck "Hide protected operating system files".
  • Start Internet Explorer and click Tools | Internet Options | General tab | Settings | View Files.
  • IE should have opened up a folder window, typically viewing a folder with the name of C:\Windows\Temporary Internet Files. Put your cursor in the Address area of the folder window and add the name \content.ie5 to the name, so in our example the Address bar would now read c:\Windows\Temporary Internet Files\content.ie5.
  • You should see a series of folders with random eight-character names like ADOZMZS1. Delete each of these randomly named folders. You may get an error that some files are in use, this is normal if you are currently at a web site since those files are in the cache. Hold down the Shift key when deleting the files so they do not go to the Recycle Bin.
 
BD,

I was able to download and run CCleaner just fine.

I was able to change the check Show hidden files and folders as well as uncheck hide protected operating system files.

I opened IE (still slow) and when to Tools, Internet Options, Genera and hit settings under Browser History and then view files. IE opened a folder named Temporary Internet Files.

I was not able to change the name of this file. I backed out to the actual folder and tried to rename of Temporary Internet Files but Windows would not allow me to change the name. I suspect I am misunderstanding something in your instructions.

Thanks
 
this is the folder you want to see

c:\Windows\Temporary Internet Files\content.ie5.

So while at Temporary Internet Files you need to type or copy and paste exactly

\content.ie5

after temporary internet files in the address bar
 

Similar threads

Useful Troglodyt
RTX 3090 TDP drops during stress test causing low FPS in games
Replies
0
Views
739
Useful Troglodyt
Useful Troglodyt
Cal Jeffrey
PlayStation Portal's unexpected success may be enough to reignite Sony's interest in handheld gaming
Replies
7
Views
453
kira setsu
K
A
Critical vulnerability in file transfer software Moveit could result in a new security disaster
Replies
1
Views
280
daffy duck
D

Latest posts

Back