Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 12 of 12 Posts

·
Registered
Joined
·
530 Posts
Discussion Starter · #1 ·
Thanks in advance for your help.
The majority of the time when I close Internet Explorer, I get the following error message:

"iexplore.exe Application error
The instructions at "0x62304390" referenced memory at "0x62304390" . The memory could not be "read". Click on "ok" to terminate the problem"

It doesn't seem to be affecting much although I experience some long waits for pages to load, especially in my Gmail account.
I am running IE 6 and XP Pro SP2. I believe I am current with updates.
Don't know if this is relevant, but it seemed to start appearing when I renewed my virus software (Trend PC-cillin).
Another thing that may or may not be relevant. Recently defragged and still had quite a few fragmented files that could not be fixed. Redid the procedure and reduced the number of files but still seemed like a lot. It takes about 8 hours to completely defrag.
My hard disk is about 6 months old.
Once again, thanks.
Larry
 

·
Registered
Joined
·
8,256 Posts
LLT:
1. If you are running IE 6 & Win XP, you do not have the latest IE updates. IE 7 provides the latest updates, which are not available in IE 6.

2. How large is your HDD?

2.a. How long ago did you most recently defrag?

2.b. How long did it take that time to defrag?

3. Can you reproduce the error message?

4. start > run
delete contents of long, skinny box
type: eventvwr.exe
left click "ok"
maximize the screen.
On the left, left click on "system log"
On the right, look for errors.
Right click on an error. Left click "properties".
For the error that corresponds to the error you provided in your initial post, please provide the "event ID", "source" and "description".

Sincerely,
RF123
 

·
Registered
Joined
·
530 Posts
Discussion Starter · #5 ·
Rainforest123, thanks for your help.
1. I am running IE6 and am quite happy with it right now. I'm not an early adopter. I have seen that there are still some bugs in IE 7. Don't know if that's correct.
2. HDD is 300gb
2a.I did a defrag yesterday with iobit but previously, maybe 2 weeks prior
2b. About 8 hours using Windows defrag tool
3. Since I did the below operations yesterday, the frequency diminished but is still there.
4.Ihave run eventvwr.exe but am a little unclear what I'm looking for. I find a fair amount of errors but can't seem to find one that corresponds with the original error message.
For example, A common error is:
Event ID=7000 Source=Service Control Manager
Description "The DgVecp Service failed to start due to the following error. The system cannot find the file specified."
The majority of errors are ID 7000 and Service Control Manager but the descriptions vary.
There are also some that have to do with problems with quicktime.

Yesterday after reading daz1's advice, I:
Ran ccleaner, sfc /scannow and attempted a fix from the XP disc, Defragged using the iobit defrag tool; took about 2 hours.
 

·
Registered
Joined
·
8,256 Posts
LLT:
The next time the IE [ Internet Explorer ] error message occurs, note the time.
Then, go to event viewer & look for a message that corresponds to the time of the IE error message. Then, provide to us the: Event ID; Source; & description.

Is your computer setup for German?

Do you read German?
http://www.supportnet.de/threads/215355

I searched Yahoo & Google for "DgVecp". Only German language sites appeared.

RF123
 

·
Registered
Joined
·
530 Posts
Discussion Starter · #7 ·
I think I found the error and it was in Application and not system.
Event ID=1002 Source=Application hang
Hanging Application explorer.exe version 6.0.2900.2180. hang module hungapp. version 0.0.0.0. hang address0x00000000
Thanks
 

·
Registered
Joined
·
530 Posts
Discussion Starter · #8 ·
Here's an update.
The latest error.
Event ID=1000 Source application hang

Faulting application iexplore.exe. faulting version 6.0.2900.2180. faulting module urlmon.dll version6.0.2900.3020 fault address 0x0000d932
Thanks for your help.
 

·
Registered
Joined
·
8,256 Posts
LLT:
Good job.

According to this site, http://www.bleepingcomputer.com/forums/lofiversion/index.php/t65676.html, the cause is probably malware.

How I found the above site.
http://search.yahoo.com/search?p="F..."faulting+module+urlmon.dll"&ei=UTF-8&fr=moz2

http://www.google.com/search?q="Fau...s=org.mozilla:en-US:official&client=firefox-a

The rules of this forum are that only authorized people can assist you with malware problems. Thus, you need to click on the red / white triangle at right corner of thread 1, ask moderator to transfer this thread to the "security" forum & have your thread brought to the attention of someone who is qualified.

Sincerely,
RF123
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
Lets see a HJT log and decide from there

go to here and download 'Hijack This!' self installer. Save it to the desktop or other suitable place. DO NOT just press run from the website Double click on the file and it will install to C:\program files\hijackthis and create an entry in the start menu and an optional shortcut on desktop.
Click on the entry in start menu or on the desktop to run HijackThis
Click the "Scan" button, when the scan is finished the scan button will become "Save Log" click that and save the log.
Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.
It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required,
so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.
 

·
Registered
Joined
·
530 Posts
Discussion Starter · #12 ·
Thanks for your help.
Logfile of HijackThis v1.99.1
Scan saved at 8:16:14 AM, on 1/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2

(6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common

Files\Acronis\Schedule2\schedul2.exe
C:\Documents and Settings\Larry\Desktop\CC

Cleaner\security suite\ewidoctrl.exe
C:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCo

m.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.

exe
C:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.e

xe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSr

v.exe
C:\Program Files\Trend Micro\Internet Security

2007\pccguide.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Gmail

Notifier\gnotify.exe
C:\Internet Marketing\Web

Patrolman\WebPatrolman.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\FireTrust\MailWasher

Pro\MailWasher.exe
C:\Program

Files\Google\GoogleToolbarNotifier\1.2.908.500

8\GoogleToolbarNotifier.exe
C:\Documents and

Settings\Larry\Desktop\WCW\WCW2.01

112506\WebsiteContentWizard\WCWizard.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and

Settings\Larry\Desktop\Audiotools\PowerGramo\

PowerGramo.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and

Settings\Larry\Desktop\ewido_micro.exe
C:\WINDOWS\SYSTEM32\freecell.exe
C:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.

exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and

Settings\Larry\Desktop\Unused Desktop

Shortcuts\geektools\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://www.windstream.net/_1_V8STSL04NSSK5

H_48543843_wind.main/my.htm?usrconfirm=1&r

an=17686&ver=18195&confirmerr=3&usrop=my

pagepost&x=25&y=5&ran=22232
R1 -

HKCU\Software\Microsoft\Windows\CurrentVersi

on\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F88}

- C:\Program

Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Yahoo! Toolbar Helper -

{02478D38-C3F9-4EFB-9B51-7695ECA05670}

- C:\Program

Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

- C:\Program Files\Adobe\Acrobat

7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) -

{53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button -

{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}

- C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) -

{724d43a9-0d85-11d4-9908-00400523e39a} -

C:\Program Files\Siber Systems\AI

RoboForm\roboform.dll
O2 - BHO: IeCaptureBho Object -

{7c1ce531-09e9-4fc5-9803-1c2956615786} -

blank (file missing)
O2 - BHO: ST -

{9394EDE7-C8B5-483E-8773-474BF36AF6E4}

- C:\Program Files\MSN

Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} -

c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO -

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0

} - C:\Program Files\MSN Apps\MSN

Toolbar\MSN

Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: &Google Notebook -

{CCCCCCD3-666F-4F81-8B69-745DE9F6D897

} - C:\Program Files\Google\Google

Notebook\gnotes1.0.2.4--722399630.dll
O3 - Toolbar: MSN -

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0

} - C:\Program Files\MSN Apps\MSN

Toolbar\MSN

Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F88}

- C:\Program

Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: The_12_Week_Intensive toolbar -

{4b3f306f-20d0-4beb-8835-c5d022a5457e} -

C:\Program

Files\The_12_Week_Intensive\tbThe1.dll
O3 - Toolbar: &Google Notebook -

{CCCCCCDB-4DDB-4703-95D4-DD2C526397B

F} - C:\Program Files\Google\Google

Notebook\gnotes1.0.2.4--722399630.dll
O3 - Toolbar: Net Snippets -

{67970B26-F57D-4455-8262-81C3AE3B8B5E} -

C:\PROGRA~1\NETSNI~1\NetSnip.dll
O3 - Toolbar: &RoboForm -

{724d43a0-0d85-11d4-9908-00400523e39a} -

C:\Program Files\Siber Systems\AI

RoboForm\roboform.dll
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B18-009027A5CD4F} -

c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program

Files\Trend Micro\Internet Security

2007\pccguide.exe"
O4 - HKCU\..\Run: [ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program

Files\Yahoo!\Messenger\YahooMessenger.exe"

-quiet
O8 - Extra context menu item: &Yahoo! Search -

file:///C:\Program

Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to EverNote -

res://C:\Documents and

Settings\Larry\Desktop\Evernote\enbar.dll/2000
O8 - Extra context menu item: Add to Net

Snippets -

C:\PROGRA~1\NETSNI~1\Res\Clipper.htm
O8 - Extra context menu item: Customize Menu -

file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all by

Free Download Manager - file://C:\Program

Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free

Download Manager - file://C:\Program Files\Free

Download Manager\dllink.htm
O8 - Extra context menu item: Download

selected by Free Download Manager -

file://C:\Program Files\Free Download

Manager\dlselected.htm
O8 - Extra context menu item: Download web

site by Free Download Manager -

file://C:\Program Files\Free Download

Manager\dlpage.htm
O8 - Extra context menu item: E&xport to

Microsoft Excel -

res://C:\PROGRA~1\MICROS~5\OFFICE11\EXC

EL.EXE/3000
O8 - Extra context menu item: Fill Forms -

file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Note this (Google

Note&book) - res://C:\Program

Files\Google\Google

Notebook\gnotes1.0.2.4--722399630.dll/gn_men

u1.html
O8 - Extra context menu item: Note this (Google

Notebook) - res://C:\Program

Files\Google\Google

Notebook\gnotes1.0.2.4--722399630.dll/gn_men

u2.html
O8 - Extra context menu item: RoboForm Toolbar

- file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms -

file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: StumbleUpon:

&Blog This -

res://StumbleUponIEBar.dll/blogimage
O8 - Extra context menu item: Yahoo!

&Dictionary - file:///C:\Program

Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps -

file:///C:\Program

Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS -

file:///C:\Program

Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Fill Forms -

{320AF880-6646-11D3-ABEE-C5DBF3571F46}

- file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms -

{320AF880-6646-11D3-ABEE-C5DBF3571F46}

- file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save -

{320AF880-6646-11D3-ABEE-C5DBF3571F49}

- file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms -

{320AF880-6646-11D3-ABEE-C5DBF3571F49}

- file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComSavePass.html
O9 - Extra button: Yahoo! Services -

{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}

- C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Snippets -

{7130DF06-BBC1-4e16-83D4-1F875E65B695} -

C:\PROGRA~1\NETSNI~1\NetSnip.dll
O9 - Extra button: RoboForm -

{724d43aa-0d85-11d4-9908-00400523e39a} -

file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar -

{724d43aa-0d85-11d4-9908-00400523e39a} -

file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research -

{92780B25-18CC-41C8-B9BE-3C9C571A8263}

-

C:\PROGRA~1\MICROS~5\OFFICE11\REFIEBA

R.DLL
O9 - Extra button: Add to EverNote -

{A5ABA0BB-F195-40d8-A5E9-0801153E6597} -

C:\Documents and

Settings\Larry\Desktop\Evernote\enbar.dll
O9 - Extra 'Tools' menuitem: Add to EverNote -

{A5ABA0BB-F195-40d8-A5E9-0801153E6597} -

C:\Documents and

Settings\Larry\Desktop\Evernote\enbar.dll
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.stumbleupon.com
O16 - DPF:

{01FE8D0A-51AD-459B-B62B-85E135128B32}

(DD_v4.DDv4) -

http://www.drivershq.com/DD_v4.CAB
O16 - DPF:

{164B406B-0FD6-4E7F-BA7E-64D227D4CA37}

(dnlplayer Class) -

http://www.digitalwebbooks.com/reader/dbplugin.

cab
O16 - DPF:

{17492023-C23A-453E-A040-C7C580BBF700}

(Windows Genuine Advantage Validation Tool) -

http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF:

{193C772A-87BE-4B19-A7BB-445B226FE9A1}

(ewidoOnlineScan Control) -

http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF:

{1F2F4C9E-6F09-47BC-970D-3C54734667FE}

(LSSupCtl Class) -

https://www-secure.symantec.com/techsupp/asa/

LSSupCtl.cab
O16 - DPF:

{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}

(YInstStarter Class) - C:\Program

Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF:

{40289096-9F72-4A04-BCB3-E434ECDCEE33}

(AppDLCtrl Class) -

http://download.howudodat.com/chatterbox/downl

oad/appdl.cab
O16 - DPF:

{88D969C0-F192-11D4-A65F-0040963251E5}

(XML DOM Document 4.0) -

file://C:\TempEI4\EI40_\msxml4.cab
O16 - DPF:

{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}

(ActiveScan Installer Class) -

http://acs.pandasoftware.com/activescan/as5fre

e/asinst.cab
O16 - DPF:

{B991DA79-51F7-4011-98D2-1F2592E82A56}

(ACNPlayer2 Class) -

http://204.118.132.145/2_0/ACNePlayer.cab
O16 - DPF:

{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}

(ActiveDataInfo Class) -

https://www-secure.symantec.com/techsupp/asa/

SymAData.cab
O16 - DPF:

{E77C0D62-882A-456F-AD8F-7C6C9569B8C7}

(ActiveDataObj Class) -

https://www-secure.symantec.com/techsupp/acti

vedata/ActiveData.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{0B966328

-D626-441C-9C0E-007AE0D076AA}:

NameServer = 207.91.5.20,207.91.5.252
O17 -

HKLM\System\CS1\Services\Tcpip\Parameters:

SearchList = alltel.net
O17 -

HKLM\System\CS2\Services\Tcpip\Parameters:

SearchList = alltel.net
O17 -

HKLM\System\CS2\Services\Tcpip\..\{0B966328

-D626-441C-9C0E-007AE0D076AA}:

NameServer = 207.91.5.20,207.91.5.252
O17 -

HKLM\System\CCS\Services\Tcpip\Parameters:

SearchList = alltel.net
O18 - Protocol: msnim -

{828030A1-22C1-4009-854F-8E305202313F} -

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file

missing)
O18 - Protocol: vskype - (no CLSID) - (no file)
O20 - AppInit_DLLs:

C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.

DLL
O20 - Winlogon Notify: igfxcui -

C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon -

C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acronis Scheduler2 Service

(AcrSch2Svc) - Acronis - C:\Program

Files\Common

Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ewido security suite control -

ewido networks - C:\Documents and

Settings\Larry\Desktop\CC Cleaner\security

suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager

(IDriverT) - Macrovision Corporation -

C:\Program Files\Common

Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer,

Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service -

Unknown owner - C:\Program Files\Common

Files\Macromedia Shared\Service\Macromedia

Licensing.exe
O23 - Service: Trend Micro Central Control

Component (PcCtlCom) - Trend Micro Inc. -

C:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCo

m.exe
O23 - Service: Trend Micro Protection Against

Spyware (PcScnSrv) - Trend Micro Inc. -

C:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSr

v.exe
O23 - Service: Pml Driver HPZ12 - HP -

C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service

(Tmntsrv) - Trend Micro Inc. -

C:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.

exe
O23 - Service: Trend Micro Personal Firewall

(TmPfw) - Trend Micro Inc. -

C:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.e

xe
O23 - Service: Trend Micro Proxy Service

(tmproxy) - Trend Micro Inc. -

C:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.

exe
 
1 - 12 of 12 Posts
Status
Not open for further replies.
Top