Re: IE 6 uses 100% resources
Hi 92griffin :-)
Now...remember about keeping replies in one thread, so you should post this
log back to the thread on the forum where you have been working so that the
experts who have been helping you there can see this information and let you
know for sure if you are in the clear. :-)
I'll follow up there as well.
Jan :)
MS MVP - IE [DTS/AumHa]
Smiles are meant to be shared,
that's why they're so contagious.
> Here's my most recent log...
> [01/30/2006, 20:03:00] - VirtumundoBeGone v1.5 ( "C:\Documents and
> Settings\xppro.XP_PRO\Desktop\VirtumundoBeGone.exe" )
> [01/30/2006, 20:03:03] - Detected System Information:
> [01/30/2006, 20:03:03] - Windows Version: 5.1.2600, Service Pack 2
> [01/30/2006, 20:03:03] - Current Username: mc (Admin)
> [01/30/2006, 20:03:03] - Windows is in NORMAL mode.
> [01/30/2006, 20:03:03] - Searching for Browser Helper Objects:
> [01/30/2006, 20:03:04] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670}
> (Yahoo! Toolbar Helper)
> [01/30/2006, 20:03:04] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
> (AcroIEHlprObj Class)
> [01/30/2006, 20:03:04] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
> [01/30/2006, 20:03:04] - WARNING: BHO has no default name. Checking for
> Winlogon reference.
> [01/30/2006, 20:03:04] - Checking for HKLM\...\Winlogon\Notify\SDHelper
> [01/30/2006, 20:03:04] - Key not found:
> HKLM\...\Winlogon\Notify\SDHelper,
> continuing.
> [01/30/2006, 20:03:04] - BHO 4: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
> (PCTools Site Guard)
> [01/30/2006, 20:03:04] - BHO 5: {83A5F7B7-DC75-44CE-9195-264F41709FA9}
> (ATLDistrib Object)
> [01/30/2006, 20:03:04] - ALERT: Found ATLDistrib Object!
> [01/30/2006, 20:03:04] - BHO 6: {AE7CD045-E861-484f-8273-0445EE161910}
> (AcroIEToolbarHelper Class)
> [01/30/2006, 20:03:04] - BHO 7: {B56A7D7D-6927-48C8-A975-17DF180C71AC}
> (PCTools Browser Monitor)
> [01/30/2006, 20:03:04] - Finished Searching Browser Helper Objects
> [01/30/2006, 20:03:04] - *** Detected ATLDistrib Object
> [01/30/2006, 20:03:04] - Trying to remove ATLDistrib Object...
> [01/30/2006, 20:03:05] - Terminating Process: IEXPLORE.EXE
> [01/30/2006, 20:03:05] - Terminating Process: RUNDLL32.EXE
> [01/30/2006, 20:03:05] - Disabling Automatic Shell Restart
> [01/30/2006, 20:03:05] - Terminating Process: EXPLORER.EXE
> [01/30/2006, 20:03:05] - Suspending the NT Session Manager System
> Service
> [01/30/2006, 20:03:06] - Terminating Windows NT Logon/Logoff Manager
> [01/30/2006, 20:03:07] - Re-enabling Automatic Shell Restart
> [01/30/2006, 20:03:07] - File to disable: C:\WINDOWS\system32\jkkjh.dll
> [01/30/2006, 20:03:07] - Renaming C:\WINDOWS\system32\jkkjh.dll ->
> C:\WINDOWS\system32\jkkjh.dll.vir
> [01/30/2006, 20:03:07] - File successfully renamed!
> [01/30/2006, 20:03:07] - Removing HKLM\...\Browser Helper
> Objects\{83A5F7B7-DC75-44CE-9195-264F41709FA9}
> [01/30/2006, 20:03:07] - Removing
> HKCR\CLSID\{83A5F7B7-DC75-44CE-9195-264F41709FA9}
> [01/30/2006, 20:03:07] - Adding Kill Bit for ActiveX for GUID:
> {83A5F7B7-DC75-44CE-9195-264F41709FA9}
> [01/30/2006, 20:03:07] - Deleting ATLEvents/MSEvents Registry entries
> [01/30/2006, 20:03:07] - Removing HKLM\...\Winlogon\Notify\jkkjh
> [01/30/2006, 20:03:07] - Searching for Browser Helper Objects:
> [01/30/2006, 20:03:07] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670}
> (Yahoo! Toolbar Helper)
> [01/30/2006, 20:03:07] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
> (AcroIEHlprObj Class)
> [01/30/2006, 20:03:07] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
> [01/30/2006, 20:03:07] - WARNING: BHO has no default name. Checking for
> Winlogon reference.
> [01/30/2006, 20:03:07] - Checking for HKLM\...\Winlogon\Notify\SDHelper
> [01/30/2006, 20:03:07] - Key not found:
> HKLM\...\Winlogon\Notify\SDHelper,
> continuing.
> [01/30/2006, 20:03:07] - BHO 4: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
> (PCTools Site Guard)
> [01/30/2006, 20:03:07] - BHO 5: {AE7CD045-E861-484f-8273-0445EE161910}
> (AcroIEToolbarHelper Class)
> [01/30/2006, 20:03:07] - BHO 6: {B56A7D7D-6927-48C8-A975-17DF180C71AC}
> (PCTools Browser Monitor)
> [01/30/2006, 20:03:07] - Finished Searching Browser Helper Objects
> [01/30/2006, 20:03:07] - Finishing up...
> [01/30/2006, 20:03:07] - A restart is needed.
> [01/30/2006, 20:03:13] - Attempting to Restart via STOP error (Blue
> Screen!)
>
> Hope I'm out of the woods. Thanks to your help and suggestions.
>
> "Jan Il" wrote:
>
>> Hi :-)
>>
>> Have you fully removed the winfixer malware? If not....your problems are
>> not fully resolved, and can return at any time.
>>
>> If you have already run the HiJackThis program and posted your log on one
>> of
>> the forums, then please post a link to the forum where you posted it so
>> that
>> I can take a look at what was found. Inquiring minds and all..... <g>
>>
>> If you have not done so yet, follow these instructions. This step is one
>> of
>> the most important. Follow all instructions carefully. This program
>> should
>> be run in Normal mode.
>>
>> How to download and install HiJackThis: Win 98-XP
>> http://www.download.com/HijackThis/3000-8022_4-10227353.html
>>
>> Please.. DO NOT post your log HiJackThis log to this newsgroup. It is
>> important that you go to one of the HiJackThis Support Forums below and
>> allow the experts there to analyze it for you.:
>> AumHa HiJackThis Forum
>> http://forum.aumha.org/viewforum.php?f=30
>> to allow the experts there to evaluate your log and advise you of any
>> necessary steps to clean your system.
>> (Note: You will have to Register before posting on these Forums. Please
>> follow all posting instructions carefully to avoid having your log
>> deleted
>> or ignored.
>>
>> Please post back a link to the forum where you post your HJT log and I
>> will
>> monitor the progress there.
>>
>> Hope this helps.
>>
>> Jan :)
>> MS MVP - IE [DTS/AumHa]
>> Smiles are meant to be shared,
>> that's why they're so contagious.
>>
>> Replies are posted only to the newsgroup for the benefit or other
>> readers.
>> How to make a good newsgroup post:
>> http://www.dts-l.org/goodpost.htm
>>
>>
>> "92griffin" <92griffin@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:EA017F02-54F5-4C52-B9E8-D16E1DD61507@xxxxxxxxxxxxxxxx
>> > Thanks for your understanding and hanging in there with me on this
>> > thread.
>> > I
>> > seem to have some success. Won't stand on it until I have a couple
>> > problem-free days with IE.
>> > Seems what I did was, to go to
>> > http://www.bleepingcomputer.com/forums/topic18610.html, and used
>> > VundoFix.exe
>> > to identify the problem. This application doesn't help or solve the
>> > situation, but I noticed that there were files (jkkjh.dll and hjkkj.*)
>> > in
>> > C:\windows\system32 which I carefully deleted within File Explorer
>> > after
>> > closing IE. Then I restarted IE and browsing seem to be as fast as
>> > before.
>> >
>> > Except, till now, every time I'd open a new IE window, all others will
>> > close, leaving only the new one open. Right now, I have four windows
>> > open,
>> > all in this discussion group. I hope this is a fix.
>> >
>> > Try it, everyone who has the same problem! Mahalo to Sandi and Zee on
>> > their
>> > help!
>> >
>> >
>> >
>> > "Jan Il" wrote:
>> >
>> >> Hi 92griffin :-)
>> >>
>> >> > And yes, I did try the solutions offered on Sandi's website, along
>> >> > with
>> >> > detailed instructions for the same from TrendMicro PC-cillin. I've
>> >> > been
>> >> > working on this problem for a few days now.
>> >>
>> >> Ok...just let us know which one of the many posts you will be staying
>> >> with,
>> >> so that we can go there to give you further assistance. I realize
>> >> that
>> >> these types of problem can be very consuming, especially, when they go
>> >> on
>> >> for some time, thus, your feeling of frustration is understandable. I
>> >> have
>> >> had a good many of my own that have taken days to get sorted out.
>> >>
>> >> Now... your participation is key to our being able to give you the
>> >> right
>> >> information to help resolve this problem as soon as possible. Your
>> >> feedback
>> >> is our only eyes as to what you are seeing and what is happening on
>> >> your
>> >> end. The more information and details of what is happening will be a
>> >> lot
>> >> of
>> >> help to us in determining what we might need to help you with from
>> >> there.
>> >> If something didn't work then tell us why it didn't work, not that it
>> >> 'didn't work', which leaves us with nothing to work with. 'k?
>> >>
>> >> Stick with us.....we'll get you there. :-)
>> >>
>> >> Jan :)
>> >> MS MVP - IE [DTS/AumHa]
>> >> Smiles are meant to be shared,
>> >> that's why they're so contagious.
>> >>
>> >> Replies are posted only to the newsgroup for the benefit or other
>> >> readers.
>> >> How to make a good newsgroup post:
>> >> http://www.dts-l.org/goodpost.htm
>> >>
>> >>
>> >> >
>> >> > "Jan Il" wrote:
>> >> >
>> >> >> "92griffin" <92griffin@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> >> >> news:0FD09881-6839-> Thanks for your help, but I don't need a link
>> >> >> to
>> >> >> spyware info. I already use
>> >> >> > TrendMicro's PC-cillin Internet Security Suite, and Spybot 1.4,
>> >> >> > plus
>> >> >> > a
>> >> >> > couple
>> >> >> > of recommendations from Sandi Hardmeier's website.
>> >> >> >
>> >> >> > I need real concrete solutions.
>> >> >>
>> >> >> You *are* getting 'real concrete solutions', but, you are starting
>> >> >> new
>> >> >> posts
>> >> >> all over the place. You need to stay in one thread so that you can
>> >> >> tell
>> >> >> what help you are getting, and so can other responders so everyone
>> >> >> knows
>> >> >> what is going on. If you want help, then stay with a thread and
>> >> >> work
>> >> >> the
>> >> >> help you are getting.
>> >> >>
>> >> >> The Winfixer malware you have is vicious, and very hard to get rid
>> >> >> of.
>> >> >> If
>> >> >> you bother to read the responses all your various posts you would
>> >> >> know
>> >> >> that.
>> >> >> There is no one-step "Voila!" type solution to what you have, and
>> >> >> you
>> >> >> are
>> >> >> going to have to do your share of the work to get rid of it. Did
>> >> >> you
>> >> >> even
>> >> >> try any of the suggestions on Sandi's site, or any of the other
>> >> >> suggestions
>> >> >> that people have given you in your other posts?
>> >> >>
>> >> >> We are not going to chase you all over the group to give you
>> >> >> answers
>> >> >> to
>> >> >> try
>> >> >> and help, only to find someone else has already done so or you are
>> >> >> not
>> >> >> going
>> >> >> to even try them. Now go back and take a look, then chose one and
>> >> >> stay
>> >> >> in
>> >> >> that thread if you want further help, be willing to do your part to
>> >> >> help
>> >> >> resolve your problem, and stop insulting the people who are trying
>> >> >> to
>> >> >> help
>> >> >> you.
>> >> >>
>> >> >> Jan :)
>> >> >> MS MVP - IE [DTS/AumHa]
>> >> >> Smiles are meant to be shared,
>> >> >> that's why they're so contagious.
>> >> >>
>> >> >> Replies are posted only to the newsgroup for the benefit or other
>> >> >> readers.
>> >> >> How to make a good newsgroup post:
>> >> >> http://www.dts-l.org/goodpost.htm
>> >> >>
>> >> >>
>> >> >> >
>> >> >> > "Donny Broome" wrote:
>> >> >> >
>> >> >> >> Your PC is infected with spyware. The page below lists several
>> >> >> >> fine
>> >> >> >> products
>> >> >> >> that can help you remove these pests.
>> >> >> >> http://www.broomeman.com/spyware/
>> >> >> >>
>> >> >> >>
>> >> >> >> --
>> >> >> >> ------------------------------------------
>> >> >> >> Donny Broome
>> >> >> >> www.broomeman.com/tech
>> >> >> >> ------------------------------------------
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> "92griffin" <92griffin@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
>> >> >> >> message
>> >> >> >> news:205AA9E8-BFFD-464E-BB9F-F345978C85D4@xxxxxxxxxxxxxxxx
>> >> >> >> > IE 6 uses up 100% of my CPU resources when I open up even one
>> >> >> >> > Window.
>> >> >> >> > And
>> >> >> >> > then all browsing slows down. I get a blank www.winfixer.com
>> >> >> >> > window
>> >> >> >> > popping
>> >> >> >> > up, sometimes and even after supposed cleaning out my PC and
>> >> >> >> > checking
>> >> >> >> > for
>> >> >> >> > spyware, nothing is found. My browsing is slowed down and
>> >> >> >> > even
>> >> >> >> > freezes.
>> >> >> >> > What can I do?
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >>
>> >>
>> >>
>>
>>
>>
.
Relevant Pages
- Re: internet explorer will not close
... Regardless if the above works, download, install and run the following. ... HiJackThis: - Free ... Be sure to post it to this forum. ... Replies are posted only to the newsgroup for the benefit or other readers. ...
(microsoft.public.windows.inetexplorer.ie6.browser) - Re: Google Error
... >>> Please DO NOT post your log HiJackThis log to this newsgroup. ... >>> or Bleeping Computer Forum ... >>> Smiles are meant to be shared, ... >>> Replies posted only to the newsgroup for the benefit or other readers. ...
(microsoft.public.windows.inetexplorer.ie6.browser) - Re: Gerritsen Sentenced
... Why mention that the Senator "lost an election" if it doesn't attempt to ... This newsgroup is not a national political election forum. ... You WILL find that true moderator tasks will have to be ...
(rec.radio.amateur.policy) - Re: HEEEEEEEEEEEEEEEEEEEEEEEEEEEEEELP!!!!!!!!!!!!
... After posting a question to a professional forum or newsgroup and waiting for a while, ... you get the following answerfrom the active forum/newsgroup members: ... some sort of online FAQ or archives. ...
(microsoft.public.dotnet.framework.aspnet) - Re: IE 6 uses 100% resources
... In that last log that was posted in the forum I can see a number of active ... Replies are posted only to the newsgroup for the benefit or other readers. ... If you have already run the HiJackThis program and posted your log on ...
(microsoft.public.windows.inetexplorer.ie6.browser) |
|
