Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hijacked Browser??

Status
Not open for further replies.
lildutchman

lildutchman

Technical User
Jan 21, 2003
11
US
Hello all...

I cant figure out this dilema I'm having with my neighbor's Dell running XP Home (P4 2.0 256mb 80GB).

OK the dilema...it was taking an enormously long time for IE (IE6) to open a web page (any page). I opened task manager and looked at the Performance and the CPU usage was at 100%. It stayed their for about 10 - 15 minutes until I closed IE, then it returned to about 5% usage. The web page never loaded.

I ran Norton (with latest vir def) and found nothing. I ran Ad Aware 6.0 and found maybe 3 things that I deleted and rebooted, yet I'm still getting the same issue. I tried ending as many processes I could as well as fragmenting the hd and doing a disk cleanup....but I still get the same result.....100% CPU usage for 15 min or more while trying to open IE.

Ok...I also tried running Spyware Sweeper and Spyware Gaurdian as well. All though it found maybe 3 instances of adware in the registry I still am having the same issues...Whenever I try to open IE, the CPU usage shoots to 100% for about 2-3 minutes then will open. This happens on any page i got to (even if I return to a previous page)


Does anyone have any ideas on what might be causing this hangup??

Is it possible to remove IE 6 all together and reinstall or does my problems seem more registry related??

Thanks in advance for any help...


 
Sort by date Sort by votes
Did performance suddenly get worse for no apparent reason, or gradually over a long period of time?

If it's the latter, then perhaps its having difficulties with a particularly large and full cache. IIRC, the default is something like 10% of the disk (which would be 8GB).

Before starting IE, right-click on the IE desktop icon and choose properties. Control over the cache is somewhere in there.

--
 
Upvote 0 Downvote
Salem,

Thanks for the reply. It started suddenly one day, and as far as cache control, I'm not seeing it in the properties of the icon...am I missing it somewhere.

Does the cache control the temporary internet files?? If so, I've already wiped that clean.

Stumped....
 
Upvote 0 Downvote
Yes, he's refurring to the Temp Inet Files, which can be cleared by:
Start -> Control Panel -> Internet Option
Run Hijack This and we'll see if there's anything out of the ordinary hitting your browser.
What happens if you load explorer.exe (not iexplore.exe) and try to browse with it? You can do this by opening My Computer and typing an internet address in the address bar.

 
Upvote 0 Downvote
Already cleared Temp Internet Files...

Xemus, I get the same issues if i try to open a page with explorer.exe as well..takes forever....(see attached jpeg in first post above)
I also tried to do an online scan at Trend Micro. It scanned roughly 4,000 files and then the CPU % was 100% and it never moved again...(scanned any additional files) so I closed it.

I'm almost at my wits end and am considering reformat or reinstall XP from restore CD...but would love to solve this mystery.

Here is my log file from Hijack This:

Logfile of HijackThis v1.97.7
Scan saved at 10:32:53 AM, on 1/20/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ScrubXP\scrubxp.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Joe\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = F2 - REG:system.ini: Shell=explorer.exe
N3 - Netscape 7: user_pref("browser.startup.homepage", " (C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\hel53n8k.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", " (C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\hel53n8k.slt\prefs.js)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [sc] C:\Program Files\ScrubXP\scrubxp.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {0FC6BF2B-E16A-11CF-AB2E-0080AD08A326} (LiveUpdate Crescendo) - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
 
Upvote 0 Downvote
Another note:

after I closed Internet Explorer after trying TrendMicro online scan, I opened taskManger and noticed that CPU usage was still 100% even though IE was closed. In the Processes - iexplorer.exe was using between 45-50% and System was using 50-55% (with IE closed ???)

When I pulled the plug from my nic, the CPU was still plugging along at 100% - same for the two processes.
I let it sit for about 10 min unplugged from nic and it never changed...

 
Upvote 0 Downvote
Hey... I have the same issue!! Did you ever figure out how to restore back to 'normal' This is the second day I am working on this and getting ready to pull out my 'big guns' and 'perform a clean install'.... Any help would be greatly appreciated.
 
Upvote 0 Downvote
Finally!!!! Was finally able to download/run Hijack This. Removed a reference for Roing and my Dell 600m laptop is once again working like a charm....
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
73
ISDPCMAN
ISDPCMAN
pbrj
  • Locked
  • Question
ASA 5520 passive FTP not working in browser 1
Replies
4
Views
34
pbrj
pbrj
numb3rs1x
  • Locked
  • Question
Having MS Browser issues through the ASA on Cisco VPN
Replies
1
Views
27
NetworkGhost
NetworkGhost
utoyo
  • Locked
  • Question
How to make VPN Client Launch Web Browser with Appropriate Server
Replies
0
Views
17
utoyo
utoyo
M8KWR
  • Locked
  • Question
Browser Logon
Replies
2
Views
16
M8KWR
M8KWR

Part and Inventory Search

Sponsor

Back
Top