IE hangs XP but Foxfire is okay

In the last couple of days my XP stops responding when running IE6. IE6 freezes, but cannot be closed with taskmanager. The computer will not respond to the Turn off or Restart buttons. I can navigate the mouse and menus, but nothing responds. I must use the power button (hold 5 sec) to shutdown.

All critical updates installed. NAV 2003 current. ZoneAlarm free running. Spybot and Adaware current and run. Ran Bazooka nothing found. Spywareblaser installed. Deleted temp internet files (all that would delete). EZ Cleaner 2.0 on registry. All GRC programs run (DCOM, shoot msngr, UNPNP, socketlock). I am running an accelerator, Slipstream.

Added 6/10/04: I added the djvu viewer for ie a few days ago, but the "not responding" came a couple of days later. Think I added the MSN Groups picture tool afterward, but not sure.

The kicker is that FireFox and Opera run fine and do not freeze the computer?

Was there something in the last critical update that nuked IE?

I am a MCSE, Comp TIA A+ and do consulting on small business and home machines.

Here is my HiJackThis log file:
Logfile of HijackThis v1.96.0
Scan saved at 11:15:35 PM, on 6/9/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
E:\Program files\ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program files\ZoneAlarm\zlclient.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\Program files\HighStream Turbo\HSTurbo.exe
C:\Documents and Settings\Gordon Golden\Desktop\LtMoh.exe
E:\Program files\TaskZip\TaskZip.exe
E:\Program files\Palm\HOTSYNC.EXE
e:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
E:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
E:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
E:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
E:\Program files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
e:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\GORDON~1\LOCALS~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.highstream.net/members/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = -
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5400
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>;*windowsupdate.com;download.microsoft.com;*windowsupdate.microsoft.com;codecs.microsoft.com;activex.microsoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: ShopSafe Browser Helper Object - {333F6B96-3992-4D58-A499-145A10FE48C3} - C:\WINDOWS\System32\BhoSSafe.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - E:\Program files\Propel Accelerator\prpl_IePopupBlocker.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Discover deskshop Browser Helper Object - {8DB3D69D-DA5E-4165-B781-72A761790672} - C:\WINDOWS\System32\BhoDshop.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: NewsStand Toolbar - {6E94ACD5-2C6A-48AC-84EF-A4DE746D385F} - e:\Program Files\NewsStand\Reader\NSIEToolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] E:\Program files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe "
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [Zone Labs Client] "E:\Program files\ZoneAlarm\zlclient.exe "
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe "
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: HotSync Manager.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = ?
O4 - Global Startup: HighStream Turbo.lnk = E:\Program files\HighStream Turbo\HSTurbo.exe
O4 - Global Startup: Shortcut to LtMoh.exe.lnk = ?
O4 - Global Startup: TaskZip.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download using LeechGet - file://E:\Program files\LeechGet 2004\\AddUrl.html
O8 - Extra context menu item: Download using LeechGet Wizard - file://E:\Program files\LeechGet 2004\\Wizard.html
O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Parse with LeechGet - file://E:\Program files\LeechGet 2004\\Parser.html
O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show All Original Images - res://E:\Program files\HighStream Turbo\HSTurbo.exe/250
O8 - Extra context menu item: Show Original Image - res://E:\Program files\HighStream Turbo\HSTurbo.exe/227
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
O9 - Extra button: Deskshop (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) - http://fdl.msn.com/public/investor/v13/invinstl.exe
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k42037/sb028.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} - http://download.microsoft.com/download/vizact2000/Install/10/WIN98Me/EN-US/msorun.cab
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/SassCln.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9313BC3F-7255-453E-B4A9-B876EE5E1C80}: NameServer = 198.6.1.150 198.6.100.150

This is a stumper. Appreciate any help.

gorgol

 

Right click the desktop and choose new>folder. Name it HJT. Cut and paste HijackThis.exe to that folder.

Assuming your ISP is UUNET Technologies? And that you don't use a proxy server?

Scan again and place a check next to the following entries. Close ALL other windows and click fix.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:5400
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = ;<local>;*windowsupdate.com;download.microsoft.com;*windowsupdate.microsoft.com;codecs.microsoft.com;activex.microsoft.com
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k42037/sb028.cab

IE tools>IE Options>Connections tab, your connection>settings and uncheck proxy server box. OK out.

Are you having trouble getting some to delete? Try from safe mode, or log on as another user, even if it means creating another user with Admin. rights.

I would also scan with RAV and Housecall, just to make sure.

 

gorgol Hi please keep to this thread rather than starting a new topic, use the post reply button instead. Lonny



In the last couple of days my XP stops responding when running IE6. IE6 freezes, but cannot be closed with taskmanager. The computer will not respond to the Turn off or Restart buttons. I can navigate the mouse and menus, but nothing responds. I must use the power button (hold 5 sec) to shutdown.

All critical updates installed. NAV 2003 current. ZoneAlarm free running. Spybot and Adaware current and run. Ran Bazooka nothing found. Spywareblaser installed. Deleted temp internet files (all that would delete). EZ Cleaner 2.0 on registry. All GRC programs run (DCOM, shoot msngr, UNPNP, socketlock). I am running an accelerator, Slipstream.

Added 6/10/04: I added the djvu viewer for ie a few days ago, but the "not responding" came a couple of days later. Think I added the MSN Groups picture tool afterward, but not sure.

The kicker is that FireFox and Opera run fine and do not freeze the computer?

Was there something in the last critical update that nuked IE?


This is a stumper. Appreciate any help.

gorgol

6/12/04

Have used HijackThis to remove:

O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k42037/sb028.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab

IE ran for about 30 min, then locked up again, same symtoms.

gorgol

6/14/04

Have used HijackThis to remove:
O2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - E:\Program files\Propel Accelerator\prpl_IePopupBlocker.dll

Froze after 10 min.

Ran sfc /scannow which did not help either. I am going to follow the eldergeek directions to reiinstalll IE6 later today to see if that helps.

gorgol

6/14/04 later

did the reinstall of IE6 with no results, froze after about 10 min.
gorgol

 

Actions so far, but no luck

1)Ran House call and nothing found.

2)Went to safe mode and deleted all temp internet files.

3) I do use a proxy, Slipstream accelerator thru Highstream.net

4)Event viewer close to failure time:

a)Security

Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: Gordon Golden
Source Workstation: OFFICE
Error Code: 0xC000006A

Logon Failure:
Reason: Unknown user name or bad password
User Name: Gordon Golden
Domain: OFFICE
Logon Type: 2
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: OFFICE

b)System

The mrtRate service failed to start due to the following error:
The system cannot find the file specified.

The ThumbDrive Device service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

c)Nothing under Applications.

5) Have not deleted the mircosoft update line in HijackThis yet. Will try that next.

IE 6 still "not responding" within about 15 min. Funny it takes awhile to die.

 

update only in log

Went to HijackThis to delete the:
;<local>;*windowsupdate.com;download.microsoft.com;*windowsupdate.microsoft.com;codecs.microsoft.com;activex.microsoft.com
line, but it only shows up in the log file.

Anymore ideas?

gorgol

 

Healed?

IE appears to be running now, at least for the last 1.5hrs.

All I can relate is that after I updated my NAV to 2004 and installed the MSN Messenger update all has been well.

I did also update/run both Spybot S&D and AdAware, but they found only a few (less than 5) items.

Could the NAV 2003 Liveupdate have been causing the problem, why not before?

I'm stumped, but happy.

gorgol

 

Premature ruling

Well, IE hung after about 3 more hours of cumulative use. Same symtoms. System semi-hung, can move the mouse but after being able to open/close a few windows, no response from anything, cannot shut down, cannot close any program, taskmanager (if open when hang occurs) shows no CPU load. No events other than those above near the hang time. However, those event viewer items do show up again about the hang time.

Have to power down the computer to restart.

gorgol

 

Download this zip.

http://tools.zerosrealm.com/pv.zip

Please unzip it to the desktop. It will not work if you run it from inside the zip. After unzipping open the pv folder. Double click on the runme.bat. A dos window will open. Please select option 1 for explorer dll's by typing 1 and then pressing enter. Notepad will open with a log in it. Please copy and paste the log into this post, along with another HijackThis log.

 

PV results

As a note of interest, Opera hung with the same symtoms as IE last nite. Firefox continues to operate without a problem.

Here are the PV results:

Module information for 'Explorer.EXE'
MODULE BASE SIZE PATH
Explorer.EXE 1000000 1015808 C:\WINDOWS\Explorer.EXE 6.00.2800.1106 (xpsp1.020828-1920) Windows Explorer
ntdll.dll 77f50000 684032 C:\WINDOWS\System32\ntdll.dll 5.1.2600.1217 (xpsp2.030429-2131) NT Layer DLL
kernel32.dll 77e60000 942080 C:\WINDOWS\system32\kernel32.dll 5.1.2600.1106 (xpsp1.020828-1920) Windows NT BASE API Client DLL
msvcrt.dll 77c10000 339968 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.1106 (xpsp1.020828-1920) Windows NT CRT DLL
ADVAPI32.dll 77dd0000 577536 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.1106 (xpsp1.020828-1920) Advanced Windows 32 Base API
RPCRT4.dll 78000000 552960 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.1361 (xpsp2.040109-1800) Remote Procedure Call Runtime
GDI32.dll 7e090000 266240 C:\WINDOWS\system32\GDI32.dll 5.1.2600.1346 (xpsp2.040109-1800) GDI Client DLL
USER32.dll 77d40000 573440 C:\WINDOWS\system32\USER32.dll 5.1.2600.1255 (xpsp2.030804-1745) Windows XP USER API Client DLL
SHLWAPI.dll 70a70000 413696 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2800.1400 Shell Light-weight Utility Library
SHELL32.dll 773d0000 8331264 C:\WINDOWS\system32\SHELL32.dll 6.00.2800.1233 (xpsp2.030604-1804) Windows Shell Common Dll
ole32.dll 771b0000 1196032 C:\WINDOWS\system32\ole32.dll 5.1.2600.1362 (xpsp2.040109-1800) Microsoft OLE for Windows
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 3.50.5016.0 Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems
BROWSEUI.dll 71500000 1036288 C:\WINDOWS\System32\BROWSEUI.dll 6.00.2800.1400 Shell Browser UI Library
SHDOCVW.dll 71700000 1347584 C:\WINDOWS\System32\SHDOCVW.dll 6.00.2800.1400 Shell Doc Object and Control Library
UxTheme.dll 5ad70000 212992 C:\WINDOWS\System32\UxTheme.dll 6.00.2800.1106 (xpsp1.020828-1920) Microsoft UxTheme Library
comctl32.dll 71950000 933888 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll 6.0 (xpsp1.020828-1920) User Experience Controls Library
comctl32.dll 77340000 569344 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp1.020828-1920) Common Controls Library
appHelp.dll 75f40000 126976 C:\WINDOWS\system32\appHelp.dll 5.1.2600.1106 (xpsp1.020828-1920) Application Compatibility Client Library
CLBCATQ.DLL 7c890000 528384 C:\WINDOWS\System32\CLBCATQ.DLL 2001.12.4414.53
COMRes.dll 77050000 806912 C:\WINDOWS\System32\COMRes.dll 2001.12.4414.42
VERSION.dll 77c00000 28672 C:\WINDOWS\system32\VERSION.dll 5.1.2600.0 (xpclient.010817-1148) Version Checking and File Installation Libraries
cscui.dll 76620000 319488 C:\WINDOWS\System32\cscui.dll 5.1.2600.1106 (xpsp1.020828-1920) Client Side Caching UI
CSCDLL.dll 76600000 110592 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.0 (xpclient.010817-1148) Offline Network Agent
themeui.dll 559e0000 462848 C:\WINDOWS\System32\themeui.dll 6.00.2800.1106 (xpsp1.020828-1920) Windows Theme API
Secur32.dll 76f90000 65536 C:\WINDOWS\System32\Secur32.dll 5.1.2600.1106 (xpsp1.020828-1920) Security Support Provider Interface
MSIMG32.dll 76380000 20480 C:\WINDOWS\System32\MSIMG32.dll 5.1.2600.1106 (xpsp1.020828-1920) GDIEXT Client DLL
USERENV.dll 75a70000 675840 C:\WINDOWS\system32\USERENV.dll 5.1.2600.1106 (xpsp1.020828-1920) Userenv
netapi32.dll 71c20000 319488 C:\WINDOWS\System32\netapi32.dll 5.1.2600.1343 (xpsp2.040109-1800) Net Win32 API DLL
urlmon.dll 1a400000 499712 C:\WINDOWS\system32\urlmon.dll 6.00.2800.1400 OLE32 Extensions for Win32
LINKINFO.dll 76980000 28672 C:\WINDOWS\System32\LINKINFO.dll 5.1.2600.0 (xpclient.010817-1148) Windows Volume Tracking
ntshrui.dll 76990000 147456 C:\WINDOWS\System32\ntshrui.dll 5.1.2600.1106 (xpsp1.020828-1920) Shell extensions for sharing
ATL.DLL 76b20000 86016 C:\WINDOWS\System32\ATL.DLL 3.00.9435 ATL Module for Windows NT (Unicode)
NETSHELL.dll 75cf0000 1642496 C:\WINDOWS\system32\NETSHELL.dll 5.1.2600.1106 (xpsp1.020828-1920) Network Connections Shell
credui.dll 76c00000 184320 C:\WINDOWS\system32\credui.dll 5.1.2600.1106 (xpsp1.020828-1920) Credential Manager User Interface
WS2_32.dll 71ab0000 86016 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.0 (xpclient.010817-1148) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.0 (xpclient.010817-1148) Windows Socket 2.0 Helper for Windows NT
iphlpapi.dll 76d60000 94208 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2 (xpsp1.020828-1920) IP Helper API
WINSTA.dll 76360000 61440 C:\WINDOWS\System32\WINSTA.dll 5.1.2600.1106 (xpsp1.020828-1920) Winstation Library
webcheck.dll 70340000 266240 C:\WINDOWS\System32\webcheck.dll 6.00.2800.1106 Web Site Monitor
stobject.dll 74b00000 131072 C:\WINDOWS\System32\stobject.dll 5.1.2600.1106 (xpsp1.020828-1920) Systray shell service object
BatMeter.dll 74af0000 36864 C:\WINDOWS\System32\BatMeter.dll 6.00.2600.0000 (xpclient.010817-1148) Battery Meter Helper DLL
POWRPROF.dll 74ad0000 28672 C:\WINDOWS\System32\POWRPROF.dll 6.00.2600.0000 (xpclient.010817-1148) Power Profile Helper DLL
SETUPAPI.dll 76670000 946176 C:\WINDOWS\System32\SETUPAPI.dll 5.1.2600.1106 (xpsp1.020828-1920) Windows Setup API
WTSAPI32.dll 76f50000 32768 C:\WINDOWS\System32\WTSAPI32.dll 5.1.2600.1106 (xpsp1.020828-1920) Windows Terminal Server SDK APIs
WINTRUST.dll 76c30000 176128 C:\WINDOWS\System32\WINTRUST.dll 5.131.2600.0 (xpclient.010817-1148) Microsoft Trust Verification APIs
CRYPT32.dll 762c0000 557056 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.1123 (xpsp2.020921-0842) Crypto API32
MSASN1.dll 762a0000 65536 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.1362 (xpsp2.040109-1800) ASN.1 Runtime APIs
IMAGEHLP.dll 76c90000 139264 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.1106 (xpsp1.020828-1920) Windows NT Image Helper
rsaenh.dll ffd0000 143360 C:\WINDOWS\System32\rsaenh.dll 5.1.2600.1029 (xpsp1.020426-1800) Microsoft Base Cryptographic Provider
WININET.dll 63000000 614400 C:\WINDOWS\system32\WININET.dll 6.00.2800.1405 Internet Extensions for Win32
msi.dll 1a00000 2101248 C:\WINDOWS\System32\msi.dll 2.0.2600.1106 Windows Installer
printui.dll 74b80000 532480 C:\WINDOWS\System32\printui.dll 5.1.2600.1106 (xpsp1.020828-1920) Print UI DLL
WINSPOOL.DRV 73000000 143360 C:\WINDOWS\System32\WINSPOOL.DRV 5.1.2600.1106 (xpsp1.020828-1920) Windows Spooler Driver
ACTIVEDS.dll 76e40000 192512 C:\WINDOWS\System32\ACTIVEDS.dll 5.1.2600.0 (xpclient.010817-1148) ADs Router Layer DLL
adsldpc.dll 76e10000 151552 C:\WINDOWS\System32\adsldpc.dll 5.1.2600.1106 (xpsp1.020828-1920) ADs LDAP Provider C DLL
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.1106 (xpsp1.020828-1920) Win32 LDAP API DLL
CFGMGR32.dll 74ae0000 28672 C:\WINDOWS\System32\CFGMGR32.dll 5.1.2600.0 (xpclient.010817-1148) Configuration Manager Forwarder DLL
MPR.dll 71b20000 69632 C:\WINDOWS\system32\MPR.dll 5.1.2600.0 (xpclient.010817-1148) Multiple Provider Router DLL
WINMM.dll 76b40000 180224 C:\WINDOWS\System32\WINMM.dll 5.1.2600.1106 (xpsp1.020828-1920) MCI API DLL
netcfgx.dll 755f0000 593920 C:\WINDOWS\System32\netcfgx.dll 5.1.2600.1106 (xpsp1.020828-1920) Network Configuration Objects
CLUSAPI.dll 55560000 69632 C:\WINDOWS\System32\CLUSAPI.dll 5.1.2600.1106 (xpsp1.020828-1920) Cluster API Library
DNSAPI.dll 76f20000 151552 C:\WINDOWS\System32\DNSAPI.dll 5.1.2600.1106 (xpsp1.020828-1920) DNS Client API DLL
RASAPI32.dll 76ee0000 225280 C:\WINDOWS\System32\RASAPI32.dll

The rest of the PV log in the next posttoo long)
gorgol

 

PV log contin

5.1.2600.1106 (xpsp1.020828-1920) Remote Access API
rasman.dll 76e90000 69632 C:\WINDOWS\System32\rasman.dll 5.1.2600.1106 (xpsp1.020828-1920) Remote Access Connection Manager
TAPI32.dll 76eb0000 176128 C:\WINDOWS\System32\TAPI32.dll 5.1.2600.1106 (xpsp1.020828-1920) Microsoft® Windows(TM) Telephony API Client DLL
rtutils.dll 76e80000 53248 C:\WINDOWS\System32\rtutils.dll 5.1.2600.0 (xpclient.010817-1148) Routing Utilities
ddraw.dll 51000000 290816 C:\WINDOWS\System32\ddraw.dll 5.3.0000000.900 built by: DIRECTX Microsoft DirectDraw
DCIMAN32.dll 73bc0000 24576 C:\WINDOWS\System32\DCIMAN32.dll 5.1.2600.0 (xpclient.010817-1148) DCI Manager
wdmaud.drv 72d20000 36864 C:\WINDOWS\System32\wdmaud.drv 5.1.2600.0 (XPClient.010817-1148) WDM Audio driver mapper
msacm32.drv 72d10000 32768 C:\WINDOWS\System32\msacm32.drv 5.1.2600.0 (xpclient.010817-1148) Microsoft Sound Mapper
MSACM32.dll 77be0000 81920 C:\WINDOWS\System32\MSACM32.dll 5.1.2600.0 (xpclient.010817-1148) Microsoft ACM Audio Filter
midimap.dll 77bd0000 28672 C:\WINDOWS\System32\midimap.dll 5.1.2600.0 (xpclient.010817-1148) Microsoft MIDI Mapper
hnetcfg.dll 68880000 258048 C:\WINDOWS\System32\hnetcfg.dll 5.1.2600.1106 (xpsp1.020828-1920) Home Networking Configuration Manager
DHCPCSVC.DLL 76d80000 110592 C:\WINDOWS\System32\DHCPCSVC.DLL 5.1.2600.1106 (xpsp1.020828-1920) DHCP Client Service
wbemprox.dll 74ef0000 40960 C:\WINDOWS\System32\wbem\wbemprox.dll 5.1.2600.1106 (xpsp1.020828-1920) WMI
wbemcomn.dll 75290000 229376 C:\WINDOWS\System32\wbem\wbemcomn.dll 5.1.2600.1106 (xpsp1.020828-1920) WMI
wbemsvc.dll 74ed0000 61440 C:\WINDOWS\System32\wbem\wbemsvc.dll 5.1.2600.0 (xpclient.010817-1148) WMI
fastprox.dll 75690000 577536 C:\WINDOWS\System32\wbem\fastprox.dll 5.1.2600.1106 (xpsp1.020828-1920) WMI
RASDLG.dll 75550000 647168 C:\WINDOWS\System32\RASDLG.dll 5.1.2600.1106 (xpsp1.020828-1920) Remote Access Common Dialog API
MPRAPI.dll 76d40000 90112 C:\WINDOWS\System32\MPRAPI.dll 5.1.2600.0 (xpclient.010817-1148) Windows NT MP Router Administration DLL
SAMLIB.dll 71bf0000 69632 C:\WINDOWS\System32\SAMLIB.dll 5.1.2600.1106 (xpsp1.020828-1920) SAM Library DLL
asfsipc.dll 70eb0000 28672 C:\WINDOWS\System32\asfsipc.dll 1.1.00.3917 ASFSipc Object
MSISIP.DLL 605f0000 53248 C:\WINDOWS\System32\MSISIP.DLL 2.0.2600.0 MSI Signature SIP Provider
wshext.dll 74d80000 61440 C:\WINDOWS\System32\wshext.dll 5.6.0.8515 Microsoft (r) Shell Extension for Windows Script Host
MFC42.DLL 73dd0000 991232 C:\WINDOWS\System32\MFC42.DLL 6.00.8665.0 MFCDLL Shared Library - Retail Version
comdlg32.dll 763b0000 282624 C:\WINDOWS\system32\comdlg32.dll 6.00.2800.1106 (xpsp1.020828-1920) Common Dialogs DLL
ScrTrust.dll 10000000 65536 C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrTrust.dll 1, 1, 1, 131 ScriptBlocking Trust Verifier
browselc.dll bf0000 73728 C:\WINDOWS\System32\browselc.dll 6.00.2800.1106 Shell Browser UI Library
SDHelper.dll 1dd0000 765952 E:\PROGRA~1\SPYBOT~1\SDHelper.dll 1, 3, 0, 12 Bad download blocker
olepro32.dll 5edd0000 106496 C:\WINDOWS\System32\olepro32.dll 5.0.5014 Microsoft (R) OLE Property Support DLL
RoboForm.dll 2700000 2473984 C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll 5-7-3 RoboForm Main Module
oledlg.dll 74d30000 131072 C:\WINDOWS\System32\oledlg.dll 1.0 (XPClient.010817-1148) Microsoft Windows(TM) OLE 2.0 User Interface Support
shdoclc.dll 718c0000 540672 C:\WINDOWS\System32\shdoclc.dll 6.00.2800.1106 Shell Doc Object and Control Library
NavShExt.dll db0000 98304 E:\Program Files\Norton AntiVirus\NavShExt.dll 10.00.13 Norton AntiVirusNAVShellExt Module
MSVCP70.dll 7c080000 487424 C:\WINDOWS\System32\MSVCP70.dll 7.00.9466.0 Microsoft® C++ Runtime Library
MSVCR70.dll 7c000000 344064 C:\WINDOWS\System32\MSVCR70.dll 7.00.9466.0 Microsoft® C Runtime Library
ZSHExt.dll f70000 118784 C:\Program Files\Common Files\Zinio\ZSHExt.dll 1,5,0,726 Zinio Shell Extension Module
ntlanman.dll 71c10000 53248 C:\WINDOWS\System32\ntlanman.dll 5.1.2600.1106 (xpsp1.020828-1920) Microsoft® Lan Manager
NETUI0.dll 71cd0000 90112 C:\WINDOWS\System32\NETUI0.dll 5.1.2600.0 (xpclient.010817-1148) NT LM UI Common Code - GUI Classes
NETUI1.dll 71c90000 245760 C:\WINDOWS\System32\NETUI1.dll 5.1.2600.0 (xpclient.010817-1148) NT LM UI Common Code - Networking classes
NETRAP.dll 71c80000 24576 C:\WINDOWS\System32\NETRAP.dll 5.1.2600.0 (xpclient.010817-1148) Net Remote Admin Protocol DLL
drprov.dll 75f60000 24576 C:\WINDOWS\System32\drprov.dll 5.1.2600.0 (xpclient.010817-1148) Microsoft Terminal Server Network Provider
davclnt.dll 75f70000 36864 C:\WINDOWS\System32\davclnt.dll 5.1.2600.0 (xpclient.010817-1148) Web DAV Client DLL
MSGINA.dll 75970000 991232 C:\WINDOWS\System32\MSGINA.dll 5.1.2600.1343 (xpsp2.040109-1800) Windows NT Logon GINA DLL
ODBC32.dll 1540000 204800 C:\WINDOWS\System32\ODBC32.dll 3.520.9042.0 Microsoft Data Access - ODBC Driver Manager
odbcint.dll 1f850000 90112 C:\WINDOWS\System32\odbcint.dll 3.520.7713.0 Microsoft Data Access - ODBC Resources
wiashext.dll 5a500000 577536 C:\WINDOWS\System32\wiashext.dll 5.1.2600.0 (XPClient.010817-1148) Imaging Devices Shell Folder UI
gdiplus.dll 70d00000 1708032 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8\gdiplus.dll 5.1.3101.0 (xpsp1.020828-1920) Microsoft GDI+
sti.dll 73ba0000 73728 C:\WINDOWS\System32\sti.dll 5.1.2600.1106 (xpsp1.020828-1920) Still Image Devices client DLL

Hijack this in a seperate post due to length.

gorgol

 

HijackThis log

Here is the HijackThis log.

Logfile of HijackThis v1.97.7
Scan saved at 8:13:46 AM, on 6/28/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
e:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
E:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
E:\Program Files\Norton AntiVirus\SAVScan.exe
E:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
E:\Program files\ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
E:\Program files\HighStream Turbo\HSTurbo.exe
C:\Documents and Settings\Gordon Golden\Desktop\LtMoh.exe
E:\Program files\TaskZip\TaskZip.exe
E:\Program files\Palm\HOTSYNC.EXE
E:\Program files\Microsoft office\Office\outlook.exe
C:\Program Files\Mozilla Firefox\firefox.exe
e:\Program Files\PowerArchiver\POWERARC.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\cmd.exe
C:\WINDOWS\system32\notepad.exe
E:\My downloads\Windows tuneup\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = -
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5400
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>;*windowsupdate.com;download.microsoft.com;*windowsupdate.microsoft.com;codecs.microsoft.com;activex.microsoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: ShopSafe Browser Helper Object - {333F6B96-3992-4D58-A499-145A10FE48C3} - C:\WINDOWS\System32\BhoSSafe.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Discover deskshop Browser Helper Object - {8DB3D69D-DA5E-4165-B781-72A761790672} - C:\WINDOWS\System32\BhoDshop.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] E:\Program files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [Zone Labs Client] "e:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe "
O4 - Startup: HotSync Manager.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = ?
O4 - Global Startup: HighStream Turbo.lnk = E:\Program files\HighStream Turbo\HSTurbo.exe
O4 - Global Startup: Shortcut to LtMoh.exe.lnk = ?
O4 - Global Startup: TaskZip.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download using LeechGet - file://E:\Program files\LeechGet 2004\\AddUrl.html
O8 - Extra context menu item: Download using LeechGet Wizard - file://E:\Program files\LeechGet 2004\\Wizard.html
O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Parse with LeechGet - file://E:\Program files\LeechGet 2004\\Parser.html
O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show All Original Images - res://E:\Program files\HighStream Turbo\HSTurbo.exe/250
O8 - Extra context menu item: Show Original Image - res://E:\Program files\HighStream Turbo\HSTurbo.exe/227
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
O9 - Extra button: Deskshop (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) - http://fdl.msn.com/public/investor/v13/invinstl.exe
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} - http://download.microsoft.com/download/vizact2000/Install/10/WIN98Me/EN-US/msorun.cab
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/SassCln.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{9313BC3F-7255-453E-B4A9-B876EE5E1C80}: NameServer = 198.6.100.150 198.6.1.150

gorgol

 

Hi gorgol

Well, I don't see anything out of whack in the PV log, and still only that proxy override that needs fixed. You said it doesn't show up in the scan, only the log, so I would suggest you do it manually. Export the key then delete the string.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>;*windowsupdate.com;download.microsoft.com;*windowsupdate.microsoft.com;codecs.microsoft.com;activex.microsoft.com

Information below about this process, taken from answersthatwork.com. C:\WINDOWS\System32\nvsvc32.exe

NVIDIA Driver Helper Service which gets installed under Windows NT4/2000/XP/2003 by the NVIDIA drivers for some of their graphics cards (or graphics cards based on an NVIDIA chipset). We do not at this stage know what this process does except consume memory ! And we also have no idea as to what a “Driver Helper Service†is supposed to do !!

Recommendation :
This service is often responsible for various glitches, from significant shutdown delays to excessive memory usage. Disabling it, however, does not result in our experience in any ill-effect as regards the proper operation of your NVIDIA or NVIDIA chipset graphics card, so we recommend that you definitely set the Startup Mode of this service to Disabled. You can Do this by going to start>run, type services.msc, hit enter. Locate the service in the list and right click>properties.


It seems I also read somewhere recently (man I've got to find that again) that the sasser update control was causing some problems. Only needed it for the one update anyway, so I recommend you get rid of it.

O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/SassCln.CAB

Either with HJT or through IE tools>IE Options>general tab>settings button>view objects.

Let us know how it goes.

 

Still hangs

I used HJT to remove the proxy and sasser lines and disabled the NVIDA driver helper service. Rebooted the machine.

Started up IE and it hung within 10 sec. Rebooted tried again and it ran for almost an hour. Reboot tried it this a.m. and it hung within 2 min.

?????

Firefox still going great.

gorgol

 

Well, I think we've covered everything except clearing cookies , so I suggest you repair IE. I recommend Method 2, but running sfc /scannow sure won't hurt. The event logs will show you what gets replaced. May need to visit Windows Update afterwards either way.

 

Maybe ZoneAlarm

I saw a post on another site that a bad install of ZoneAlarm can cause IE to stumble, so I uninstalled Zone Alarm. I had updated to the latest version with a clean install not long before.

I have been running IE for over 2 hours now without a hiccup, so that may have been it. Why would it affect IE and Opera, but not Firefox?

I will report back if it hangs again, but do not plan to reinstall ZoneAlarm as I am on dial up at the present.

gorgol

 

Simplistic answer but my guess is that ZA reacts badly to some normal process IE and Opera are written to do and that Firefox does whatever in a different fashion.

I doubt it is something simple and obvious though or else ZA would have fixed it since they are losing customers at a significant rate with their newer version breaking so much other software.

 

IE still running, but

IE is still running, however since I switched to FireFox for the 2 wks it took to resolve the issue, I have left my default broser to FireFox. Only download critical updates with IE, which all seem to be security patches to IE.

I did not realize ZA was crashing other software, thanks for the followup. What free firewall would you recommend for broadband users? I have been activating the ICF in XP, especially for most of my customers who get confused with what to allow or block.

gorgol