Explorer runs slowly / especially filling in blanks

  • Thread starter Thread starter Dan Coomber
  • Start date Start date
D

Dan Coomber

-----Original Message-----
Hi, I have a DSL connection and a fast computer with lots
of RAM (684 meg). However, over the last few weeks,
Internet Explorer has gotten very slow - especially when
filling in the blanks. It seems to go between websites
very fast but if I am filling in any blanks, like on
Orbitz or something, it takes 15 seconds for a letter to
show up after I type it. Sounds like something is
interfering with Explorer.

Any ideas? Thanks.

Terry
.

Sorry to not be able to help with this - especially as
it's exactly the same problem I'm having. I'm running a
56k connection, with 128Mb RAM, but the problem has only
recently started. The problem is worse and worse the
larger the window, although pictures don't affect it. I
think it must be the HTML code that is causing the
problem, although the loading of pages is fine, it's just
scrolling and typing.

I have tried upgrading to IE6, which I am now running from
IE5.5 which I was using previously. The problem was
completely unaffected. However, not a single other program
encounters the issue, so I am at a loss.

Anyhelp would be much appreciated, by myself and Terry no
doubt.

Thanks,

Dan

PS: Reinstalling via add/remove programs does not correct
the error either, which is the only thing I have been
advised to do so far.
 
This is very similar to a problem I had.
If you are using Norton's A/V, check if it has been corrupted when you did
updates. One way to check is to uncheck all Norton's or Symantec programs in
the start menu - msconfig>startup. If when you restart the problem goes away
you will have to reinstall Norton's.
 
Delete all the spywares and bad BHOs from your system.
http://www.generation.net/~hleboeuf/spyware.htm

List of bad BHOs.
http://www.doxdesk.com/parasite/

This may also be the cause - it was posted by (James Glynn)

Quote

http://www.spywareinfo.com/articles/datanotary/#07052003

Quote.
Since June 10, someone has been distributing a browser hijack that spawns an
offscreen pop up window which opens a page at datanotary.com.
The hijack is accomplished by inserting javascript into a Cascading Style
Sheet (CSS) file, then hijacking Internet Explorer's accessibility options
to force it to use that style sheet. When activated, the javascript makes
use of an obscure and proprietary Microsoft CSS extension to create the pop
up window.
The pop up windows are hidden, since the javascript opens them at a position
5,000 pixels from the top and 5,000 pixels from the left of the screen (most
monitors display only 768 pixels from top to bottom). It is unclear whether
the window was intentionally placed offscreen, or if the malware author
simply made a typo.
The extension is called and the pop up windows created when the victim
begins to type into a form on a web page. This causes the computer to slow
down quite visibly as the window is being created offscreen. This is, in
fact, how the hijack was discovered. Hundreds of people were posting
questions on message boards around the world asking for help with a
mysterious slow down while typing.
A user at the SWI support forums noticed that his browser was set to use a
custom stylesheet. After resetting that option to not use the style sheet,
his slow typing problem disappeared.
Examination of the file found a javascript expression where CSS should have
been. Converting the expression into Human-readable text revealed a script
that opens a hidden pop up window to datanotary.com
Removal Instructions
Click Tools
Click Internet Options
Click Accessibility
Uncheck "Format documents using my style sheet"
See if this is checked, make sure before you uncheck to look at the path of
the *.css file. It was my.css in one case, system.css in another.
Click Ok twice
Now go to the c:\Windows directory where the file is located and delete that
*.css.
Reboot

Update: July 5, 2003
The persons responsible for this stylesheet hijack are also providing it to
coolwwwsearch.com, coolwebsearch.com, youfindall.net, ok-search.com, and
white-pages.ws.
These latest variants will drop an executable file (bootconf.exe) and create
a startup entry to load it when Windows is started. This executable file and
its startup entry will need to be removed.
This is how it appears in a HijackThis log:
O4 - HKLM\..\Run: [sysPnP] C:\WINDOWS\System32\bootconf.exe
Unquote.
 
Delete all the spywares and bad BHOs from your system.
http://www.generation.net/~hleboeuf/spyware.htm

List of bad BHOs.
http://www.doxdesk.com/parasite/

This may also be the cause - it was posted by (James Glynn)

Quote

http://www.spywareinfo.com/articles/datanotary/#07052003

Quote.
Since June 10, someone has been distributing a browser hijack that spawns an
offscreen pop up window which opens a page at datanotary.com.
The hijack is accomplished by inserting javascript into a Cascading Style
Sheet (CSS) file, then hijacking Internet Explorer's accessibility options
to force it to use that style sheet. When activated, the javascript makes
use of an obscure and proprietary Microsoft CSS extension to create the pop
up window.
The pop up windows are hidden, since the javascript opens them at a position
5,000 pixels from the top and 5,000 pixels from the left of the screen (most
monitors display only 768 pixels from top to bottom). It is unclear whether
the window was intentionally placed offscreen, or if the malware author
simply made a typo.
The extension is called and the pop up windows created when the victim
begins to type into a form on a web page. This causes the computer to slow
down quite visibly as the window is being created offscreen. This is, in
fact, how the hijack was discovered. Hundreds of people were posting
questions on message boards around the world asking for help with a
mysterious slow down while typing.
A user at the SWI support forums noticed that his browser was set to use a
custom stylesheet. After resetting that option to not use the style sheet,
his slow typing problem disappeared.
Examination of the file found a javascript expression where CSS should have
been. Converting the expression into Human-readable text revealed a script
that opens a hidden pop up window to datanotary.com
Removal Instructions
Click Tools
Click Internet Options
Click Accessibility
Uncheck "Format documents using my style sheet"
See if this is checked, make sure before you uncheck to look at the path of
the *.css file. It was my.css in one case, system.css in another.
Click Ok twice
Now go to the c:\Windows directory where the file is located and delete that
*.css.
Reboot

Update: July 5, 2003
The persons responsible for this stylesheet hijack are also providing it to
coolwwwsearch.com, coolwebsearch.com, youfindall.net, ok-search.com, and
white-pages.ws.
These latest variants will drop an executable file (bootconf.exe) and create
a startup entry to load it when Windows is started. This executable file and
its startup entry will need to be removed.
This is how it appears in a HijackThis log:
O4 - HKLM\..\Run: [sysPnP] C:\WINDOWS\System32\bootconf.exe
Unquote.
 
Thank you H Leboeuf. This is exactly what's going on. The spyware programs
didn't detect this because it is new. Your website is now in My
Favorites.

Delete all the spywares and bad BHOs from your system.
http://www.generation.net/~hleboeuf/spyware.htm

List of bad BHOs.
http://www.doxdesk.com/parasite/

This may also be the cause - it was posted by (James Glynn)

Quote

http://www.spywareinfo.com/articles/datanotary/#07052003

Quote.
Since June 10, someone has been distributing a browser hijack that spawns an
offscreen pop up window which opens a page at datanotary.com.
The hijack is accomplished by inserting javascript into a Cascading Style
Sheet (CSS) file, then hijacking Internet Explorer's accessibility options
to force it to use that style sheet. When activated, the javascript makes
use of an obscure and proprietary Microsoft CSS extension to create the pop
up window.
The pop up windows are hidden, since the javascript opens them at a position
5,000 pixels from the top and 5,000 pixels from the left of the screen (most
monitors display only 768 pixels from top to bottom). It is unclear whether
the window was intentionally placed offscreen, or if the malware author
simply made a typo.
The extension is called and the pop up windows created when the victim
begins to type into a form on a web page. This causes the computer to slow
down quite visibly as the window is being created offscreen. This is, in
fact, how the hijack was discovered. Hundreds of people were posting
questions on message boards around the world asking for help with a
mysterious slow down while typing.
A user at the SWI support forums noticed that his browser was set to use a
custom stylesheet. After resetting that option to not use the style sheet,
his slow typing problem disappeared.
Examination of the file found a javascript expression where CSS should have
been. Converting the expression into Human-readable text revealed a script
that opens a hidden pop up window to datanotary.com
Removal Instructions
Click Tools
Click Internet Options
Click Accessibility
Uncheck "Format documents using my style sheet"
See if this is checked, make sure before you uncheck to look at the path of
the *.css file. It was my.css in one case, system.css in another.
Click Ok twice
Now go to the c:\Windows directory where the file is located and delete that
*.css.
Reboot

Update: July 5, 2003
The persons responsible for this stylesheet hijack are also providing it to
coolwwwsearch.com, coolwebsearch.com, youfindall.net, ok-search.com, and
white-pages.ws.
These latest variants will drop an executable file (bootconf.exe) and create
a startup entry to load it when Windows is started. This executable file and
its startup entry will need to be removed.
This is how it appears in a HijackThis log:
O4 - HKLM\..\Run: [sysPnP] C:\WINDOWS\System32\bootconf.exe
Unquote.
 
Thanks for the feed back.





Stickman said:
Thank you H Leboeuf. This is exactly what's going on. The spyware programs
didn't detect this because it is new. Your website is now in My
Favorites.

Delete all the spywares and bad BHOs from your system.
http://www.generation.net/~hleboeuf/spyware.htm

List of bad BHOs.
http://www.doxdesk.com/parasite/

This may also be the cause - it was posted by (James Glynn)

Quote

http://www.spywareinfo.com/articles/datanotary/#07052003

Quote.
Since June 10, someone has been distributing a browser hijack that spawns an
offscreen pop up window which opens a page at datanotary.com.
The hijack is accomplished by inserting javascript into a Cascading Style
Sheet (CSS) file, then hijacking Internet Explorer's accessibility options
to force it to use that style sheet. When activated, the javascript makes
use of an obscure and proprietary Microsoft CSS extension to create the pop
up window.
The pop up windows are hidden, since the javascript opens them at a position
5,000 pixels from the top and 5,000 pixels from the left of the screen (most
monitors display only 768 pixels from top to bottom). It is unclear whether
the window was intentionally placed offscreen, or if the malware author
simply made a typo.
The extension is called and the pop up windows created when the victim
begins to type into a form on a web page. This causes the computer to slow
down quite visibly as the window is being created offscreen. This is, in
fact, how the hijack was discovered. Hundreds of people were posting
questions on message boards around the world asking for help with a
mysterious slow down while typing.
A user at the SWI support forums noticed that his browser was set to use a
custom stylesheet. After resetting that option to not use the style sheet,
his slow typing problem disappeared.
Examination of the file found a javascript expression where CSS should have
been. Converting the expression into Human-readable text revealed a script
that opens a hidden pop up window to datanotary.com
Removal Instructions
Click Tools
Click Internet Options
Click Accessibility
Uncheck "Format documents using my style sheet"
See if this is checked, make sure before you uncheck to look at the path of
the *.css file. It was my.css in one case, system.css in another.
Click Ok twice
Now go to the c:\Windows directory where the file is located and delete that
*.css.
Reboot

Update: July 5, 2003
The persons responsible for this stylesheet hijack are also providing it to
coolwwwsearch.com, coolwebsearch.com, youfindall.net, ok-search.com, and
white-pages.ws.
These latest variants will drop an executable file (bootconf.exe) and create
a startup entry to load it when Windows is started. This executable file and
its startup entry will need to be removed.
This is how it appears in a HijackThis log:
O4 - HKLM\..\Run: [sysPnP] C:\WINDOWS\System32\bootconf.exe
Unquote.






Josh N. said:
I too am having this EXACT same problem(s)! Just
yesterday my Windows XP op sys told me "new updates" were
avilable. As they were mostly "essential security fixes"
I went ahead and installed them. One was a fix for
Outlook Express. Somehow, the entire process upgraded my
IE from v.5.5 (or thereabout) to IE v.6.0...Which is when
all my problems started! Pages take forever to load it
seems, and it gets progressively worse if I open more
than one IE window. I've tried uninstalling 1 or 2 of
the recent "fixes", nothing's worked thus far. HELP US
PLEASE - this is rediculous...!!
 
Back
Top