Description
A problem caused this program to stop interacting with Windows.
Problem signature
Problem Event Name: AppHangXProcB1
Application Name: iexplore.exe
Application Version: 8.0.6001.18882
Application Timestamp: 4b3ed243
Hang Signature: efc7
Hang Type: 32
Waiting on Application Name: iexplore.exe
Waiting on Application Version: 8.0.6001.18882
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 1033
Additional Hang Signature 1: 4eb75d2a92e2979989847a082a0020ad
Additional Hang Signature 2: c9b9
Additional Hang Signature 3: 60b5dfc05177aa8347b5d43212e60c59
Additional Hang Signature 4: efc7
Additional Hang Signature 5: 4eb75d2a92e2979989847a082a0020ad
Additional Hang Signature 6: c9b9
Additional Hang Signature 7: 60b5dfc05177aa8347b5d43212e60c59
------------------------------------------------------------------------------------------------------------
My PC info:
Dell Dimension E521
Operating System : Windows Vista Home Premium Home Edition 32bit
Version : 6.00.6001 Service Pack 1
Total Memory : 958 MB
Physical Memory : 1024 MB DDR2-SDRAM
Ran SuperAntiSpyWare (log below) - seemed to work - went to youtube aand plaed 1 vid and then BAM - hanging up and stopped running. Guess I'll try to re-install IE8 and see wht happens.....
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 09/13/2009 at 12:01 PM
Application Version : 4.25.1012
Core Rules Database Version : 3769
Trace Rules Database Version: 1729
Scan type : Complete Scan
Total Scan Time : 01:26:27
Memory items scanned : 686
Memory threats detected : 0
Registry items scanned : 7441
Registry threats detected : 0
File items scanned : 28376
File threats detected : 27
Adware.Tracking Cookie
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@richmedia.yahoo[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@bs.serving-sys[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@ad.yieldmanager[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@content.yieldmanager[3].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@realmedia[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@adinterax[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@azjmp[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@content.yieldmanager[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@247realmedia[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@specificmedia[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@at.atwola[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@interclick[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@www.googleadservices[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@insightexpressai[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@a1.interclick[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@trafficmp[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@serving-sys[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@tacoda[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@yieldmanager[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@tribalfusion[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@questionmarket[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@specificclick[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@ads.bridgetrack[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@adbrite[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@2o7[1].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@oasn04.247realmedia[2].txt
C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies\steve@adtech[1].txt
HijackThis Log file below:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:14:08 PM, on 5/8/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\MAGIX\PC_Check_Tuning_Free\MxTray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKCU\..\Run: [Epson Stylus NX510(Network)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE /FU "C:\Windows\TEMP\E_S201F.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = ?
O4 - Global Startup: MRI_DISABLED
O4 - Global Startup: Orbit.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: M-Audio Fast Track Installer (FastTrackInstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6fa9efce\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 5834 bytes
EDIT: Consolidated data and moved from Web Browsing/Email to more appropriate Malware Removal Logs forum ~ Hamluis.
Edited by hamluis, 08 May 2010 - 07:19 PM.