Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

IE8 constantly crashing during loading

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

IE8 constantly crashing during loading

Unread postby llanedeyrnjack » December 29th, 2010, 4:40 am

hi all, i am a firefox user but still use IE once every month for windows updates. i run a daily full scan with avast free & 2 days ago it found a virus which was moved to the virus chest. i subsequently checked my security & when i ran secunia psi it told me that it could not find windows update on my system.

i then tried to load IE8 to check for windows update & every time i tried it would crash whilst loading my home page.

prior to the avast scan on the 27th i also ran malwarebytes & SAS scans which both showed no problem. the virus found by avast was called win32:malware-gen & file path was C:\windows\system32\adobe\shockwave11\xtras\multiusr.x32 & after checking on the avast forums it seems as though it was a false positive although i am not convinced given my problem.

hope someone can help,
************************************

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:34:22, on 28/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.planetswans.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Secunia PSI Tray.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3735158343
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7000 bytes
*************************************

uninstall list:

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11.5
ArcSoft PhotoImpression
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Free Antivirus
EPSON Copy Utility
EPSON Photo Print
EPSON PhotoQuicker3.2
EPSON Printer Software
EPSON Smart Panel
EPSON TWAIN 5
ffdshow [rev 1953] [2008-05-04]
Hattrick Manager
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Java(TM) 6 Update 23
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MioMore Desktop
Mozilla Firefox (3.6.13)
MSVC80_x86_v2
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
OpenOffice.org 3.2
PC Connectivity Solution
Picture Resize Genius 2.9.8
PowerDVD
Realtek AC'97 Audio
ScanToWeb
Secunia PSI (2.0.0.1003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Skype™ 5.0
Smart Defrag
Spotify
SpywareBlaster 4.4
SUPERAntiSpyware Free Edition
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC 9.0 Runtime
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
Windows Driver Package - Nokia Modem (10/05/2009 4.2)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Internet Explorer 8
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinPatrol
ZoneAlarm
ZoneAlarm Toolbar
User avatar
llanedeyrnjack
Regular Member
 
Posts: 17
Joined: September 3rd, 2009, 5:00 pm
Location: cardiff, wales
Advertisement
Register to Remove

Re: IE8 constantly crashing during loading

Unread postby askey127 » December 30th, 2010, 8:17 am

Hi llanedeyrnjack,
IOBIT, maker of Smart Defrag, has a checkered past.
I would consider removing Smart Defrag and replacing it with JKDefrag.
You can download JkDefrag-3.36.zip from here: http://kessels.com/jkdefrag/
(Smart Defrag is also set to start up automatically. I would not recommend using a defrag utility that way. Doing a manual scan every few weeks is sufficient.)
------------------------------------------------------------
Please download the GMER Rootkit Scanner from Here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than the System drive (which is typically C:\)
    • Show All (don't miss this one)
      See image below
      Image
  • Then click the Scan button & wait for it to finish
    **Caution** Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in your next reply
Note: Do not run any other programs while Gmer is running.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: IE8 constantly crashing during loading

Unread postby llanedeyrnjack » December 30th, 2010, 4:12 pm

hi askey127, thanks for your help.

since posting my original request i have spent some time tinkering around with IE8 & i have reset it on 2 occasions. the first time i thought it had reset ok, but after a while i checked back & found it was the same as before. the same result happened after the second reset.

i then noticed that when it went faulty it also had an extra toolbar on the browser. it was the zonealarm toolbar & after i uninstalled it IE8 has been loading fine. i think there may still be an issue as i have had that toolbar enabled since september with no problems at all.

i have taken your advice & uninstalled smart defrag but will hold off on the other one & just make do with windows defrag for the moment.

here is the gmer scan as requested


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-30 19:45:31
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-16 WDC_WD800BB-22JHC0 rev.05.01C05
Running: 5bobotnq.exe; Driver: C:\DOCUME~1\COLINP~1\LOCALS~1\Temp\ffnyakoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xB49F2CF0]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwConnectPort [0xB4B39534]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateFile [0xB4B33782]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xB49F2BAC]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreatePort [0xB4B39CC0]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateProcess [0xB4B4CEB4]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateProcessEx [0xB4B4D2A2]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateSection [0xB4B56916]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0xB4B39DF6]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteFile [0xB4B34398]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xB49F3160]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xB49F308A]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDuplicateObject [0xB4B4BDF0]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey [0xB4B5493C]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey2 [0xB4B54B44]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenFile [0xB4B33FAA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xB49F2C86]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenProcess [0xB4B4F1CE]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenThread [0xB4B4EDF8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xB49F2DA6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB49F322E]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwReplaceKey [0xB4B55208]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0xB4B390F4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xB49F2D66]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSecureConnectPort [0xB4B397DC]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetInformationFile [0xB4B3475C]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetSecurityObject [0xB4B55E12]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xB49F2EE6]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSystemDebugControl [0xB4B4DF0A]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwTerminateProcess [0xB4B4DC86]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xB49FFB0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2C9C 80504538 12 Bytes [C0, 9C, B3, B4, B4, CE, B4, ...]
PAGE ntkrnlpa.exe!ZwLoadDriver 8058413A 7 Bytes JMP B49FFB10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC502 5 Bytes JMP B49FB5D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C2F86 5 Bytes JMP B49FCFFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[576] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \Driver\Tcpip \Device\Ip vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\Tcp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\Udp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\RawIp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

---- EOF - GMER 1.0.15 ----
User avatar
llanedeyrnjack
Regular Member
 
Posts: 17
Joined: September 3rd, 2009, 5:00 pm
Location: cardiff, wales

Re: IE8 constantly crashing during loading

Unread postby askey127 » December 30th, 2010, 5:13 pm

Good results.
I would like to see how this machine runs without any ZoneAlarm firewall or toolbar at all.
The toolbar, by the way, is junk, and connects you to the recommended sites related to ask.com. It produces income for ZA.
ZA has not had a good track record for bug-free "features".
If you want to try uninstalling ZoneAlarm and turning ON the Windows firewall, that might be prudent.
If this machine is connected to a router, and is not a mobile laptop, the third party firewall may be of questionable value, given the bugs.

If you are willing to do all that, OK!
If you need a bit of help with it, I can assist.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: IE8 constantly crashing during loading

Unread postby llanedeyrnjack » December 30th, 2010, 7:00 pm

hi askey127, good to hear that the scan went well & i am assuming that the virus found by avast was in fact a false positive.

as regards ZA, the toolbar was unfortunately installed as a by-product of the september program update & i actually disabled it in FF, but left it to run on IE as it never bothered my either way.

i run a desktop pc connected via a modem & i am quite happy to trial it with windows firewall & report how things are if you would like me to & further to that is there any particular firewall that you would recommend.

as you can see by my HJT log, i try to keep my pc security as up to date as possible & also try to cover all angles by using MBAM, SAS, Winpatrol, spywareblaster, secunia psi, ZA & avast. on FF i also use WOT, Adblockplus & Noscript.

anyway, thanks again for looking at my problem

llanedeyrnjack
User avatar
llanedeyrnjack
Regular Member
 
Posts: 17
Joined: September 3rd, 2009, 5:00 pm
Location: cardiff, wales

Re: IE8 constantly crashing during loading

Unread postby askey127 » December 30th, 2010, 7:43 pm

I would go ahead and remove any/all ZA applications showing.
Then turn on Windows Firewall via Control Panel > Security center.
Let me know how it behaves.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: IE8 constantly crashing during loading

Unread postby askey127 » January 4th, 2011, 7:41 am

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 304 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware