Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Academics Announce New Protections Against Spectre and Rowhammer Attacks

Featured Deal: Get 98% off the Ultimate Cisco Certification Bundle: Lifetime Access Deal

Photo

IE8 issue - hanging - AppHang

Started by sanger , May 08 2010 10:12 AM

  • This topic is locked This topic is locked
2 replies to this topic

#1 sanger

sanger

  • Members
  • 6 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Boston
  • Local time:08:44 AM

Posted 08 May 2010 - 10:12 AM

this is the problem - I have reset IE8 settings (RIES) to no avail. IE8 'fades' and stops running: thoughts??????

Description
A problem caused this program to stop interacting with Windows.

Problem signature
Problem Event Name: AppHangXProcB1
Application Name: iexplore.exe
Application Version: 8.0.6001.18882
Application Timestamp: 4b3ed243
Hang Signature: efc7
Hang Type: 32
Waiting on Application Name: iexplore.exe
Waiting on Application Version: 8.0.6001.18882
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 1033
Additional Hang Signature 1: 4eb75d2a92e2979989847a082a0020ad
Additional Hang Signature 2: c9b9
Additional Hang Signature 3: 60b5dfc05177aa8347b5d43212e60c59
Additional Hang Signature 4: efc7
Additional Hang Signature 5: 4eb75d2a92e2979989847a082a0020ad
Additional Hang Signature 6: c9b9
Additional Hang Signature 7: 60b5dfc05177aa8347b5d43212e60c59

------------------------------------------------------------------------------------------------------------
My PC info:
Dell Dimension E521
Operating System : Windows Vista ™ Home Premium Home Edition 32bit
Version : 6.00.6001 Service Pack 1
Total Memory : 958 MB
Physical Memory : 1024 MB DDR2-SDRAM

Ran SuperAntiSpyWare (log below) - seemed to work - went to youtube aand plaed 1 vid and then BAM - hanging up and stopped running. Guess I'll try to re-install IE8 and see wht happens.....

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 09/13/2009 at 12:01 PM
Application Version : 4.25.1012
Core Rules Database Version : 3769
Trace Rules Database Version: 1729
Scan type : Complete Scan
Total Scan Time : 01:26:27
Memory items scanned : 686
Memory threats detected : 0
Registry items scanned : 7441
Registry threats detected : 0
File items scanned : 28376
File threats detected : 27
Adware.Tracking Cookie
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@richmedia.yahoo[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@bs.serving-sys[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@ad.yieldmanager[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@content.yieldmanager[3].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@realmedia[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@adinterax[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@azjmp[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@content.yieldmanager[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@247realmedia[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@specificmedia[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@at.atwola[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@interclick[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@www.googleadservices[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@insightexpressai[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@a1.interclick[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@trafficmp[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@serving-sys[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@tacoda[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@yieldmanager[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@tribalfusion[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@questionmarket[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@specificclick[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@ads.bridgetrack[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@adbrite[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@2o7[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@oasn04.247realmedia[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@adtech[1].txt

HijackThis Log file below:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:14:08 PM, on 5/8/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\MAGIX\PC_Check_Tuning_Free\MxTray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKCU\..\Run: [Epson Stylus NX510(Network)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE /FU "C:\Windows\TEMP\E_S201F.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = ?
O4 - Global Startup: MRI_DISABLED
O4 - Global Startup: Orbit.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: M-Audio Fast Track Installer (FastTrackInstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6fa9efce\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 5834 bytes

EDIT: Consolidated data and moved from Web Browsing/Email to more appropriate Malware Removal Logs forum ~ Hamluis.

Edited by hamluis, 08 May 2010 - 07:19 PM.

BC AdBot (Login to Remove)

 

#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
    •  
  • Gender:Female
  • Location:At home
  • Local time:02:44 PM

Posted 10 May 2010 - 04:55 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+

#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
    •  
  • Gender:Female
  • Location:At home
  • Local time:02:44 PM

Posted 15 May 2010 - 11:02 AM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+

Back to Virus, Trojan, Spyware, and Malware Removal Help


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·