Nothing worse when you are in the middle of something and the screen starts freezing. Updated the video drivers and it seemed to eliminate the issue but returned aparadically. Stated IE without addons but didn't solve the freeze. Then decided to shutdown SecureAnyWhere and have not yet had the type of freeze (other than perhaps some impatience) previously experienced..
Don't like the idea of having the product shutdown since i'm a paid subscriber but something is going on that is causing a significant conflict and eventual screen freeze and it appears related to secureanywhere.
Best answer by KitView original
Please check the "Edit/View Protected Applications" link under the Identity & Privacy tab.
Look for anything you absolutely trust marked as "Block". If you find this, change it to Allow. You are done and good to go in this case. For bonus points, feel free to contact support and let them know what was under block that you allowed and fixed it.
Look for anything that you have absolutely no idea about marked as Block. If you find this, and can't identify it, contact Support and advise them about the information I am giving here. They will need a full set of wsalogs and will instruct you on how to get them if you have not done so already.
If you find nothing blocked, as a temporary measure you may set iexplore.exe to Allow instead of Protect and contact support. They will need full wsalogs in that case and will instruct you on how to acquire them if you have not done so already.
Once this is done, in any case, you may turn the ID Shield back on.
Way too much info bonus section:
The ID shield specifically prevents blocked and sometimes certain other processes from accessing various resources when a protected browser window is open. Applications should not have any problem when they can't get these, however in order for that to be the case, the application must be written properly, and if it isn't, it'll have problems. If an addon in IE is being blocked from accessing IE and isn't written properly, it will freeze up IE while it tries to get the data it wants and can't. If something else on the computer is trying to access IE and can't, it might freeze up other things on the computer while it is being blocked.
I started using Webroot about 4 or 5 months ago. The antivirus section is not even that good. It has missed viruses that my offline virus scanner that I have created a dvd for never misses. I have used Norton, AVG, Mcaffee, panda. They all have issues. But I have a subscription for a year and will keep an eye on it.
Just requesting the ID shield be disabled specifically. Main window, click on the Identity & Privacy tab at the top, then click on the green "Switch" to the left of the words "Identity Shield is On" to turn it off.
Our SecureAnywhere firewall is a network firewall only ans doesn't care about memory consumption. Are you certain it was a Webroot firewall warning specifically?
The process "plugin-container.exe" is the Firefox sandbox for all plugins. PDFs, Flash, and other things loaded inside the browser in plugins will load inside that process to try to keep them away from the rest of the computer. If the plugin-container.exe process was taking up too much memory, there had to have been something flash (video, animated stuff, or a threat) loading, or something else that uses the plugin system loading, and taking up WAY more memory than it should. This can be caused by so many diffrent things that I can't begin to speak on them unfortunately. I looked to see if there were logs from your ticket, but if you supplied wsalogs results at any point, they were not from the email you used on the forums. This case is best handled through the ticketing system though, since there are so many possibilities, the logs will help narrow it down.
brought WBS online after reboot and went thru the IE8 auto dialogue again.... within short period of time FREEZE.
Get rid of WBS by shutting it down - NO Problem experienced.
Not sure what exact steps to take with the Shields as there are way too many to try and understand and too vague of instructions to an end item customer especially if i am reading it correctly I need to keep track of what's being manipulated nothwithstanding whatever exposure there is from there not being active..
Narrowing down which shield function is causing the issue is still the best idea, which is why I requested that you start by disabling the Identity Shield functionality either by turning of the Identity shield or looking into the Protected Applications for anything standing out as blocked and setting everything in there temporarily to Allow.
However, disabling all shields seems to me to defeat the purpose of WBS. But, it does appear to confirm the thought that one (or more) of the shields is causing an incomatability with IE.
Thanks for the updates Mike and DB. I actually tried resetting IE 8 as directed (SOP for stuff like this). I also ran MBam and Superantispyware scans and no virus. This is affecting several machines, all XP SP3 with IE 8. Disabling all shields seems to resolve the issue.
Also, other browsers seem immune, as I have directed users to use Chrtome or Firefox as a temp workaround.
I will open a support ticket, update upon results.
A rerun of the logs might be a good idea to see if the OS functionality used by the script is working now. I am aware that McAfee is up to date, I was saying that it has been on a relatively long update chain with no clean installs and appears to have a good bit of old stuff sticking around that it should no longer be trying to use, but it is still loading several outdated libraries if I recall correctly. Sometimes cleaning up the old stuff can be helpful.
I still primarily recommend checking stuff in the Identity Shield based on what I'm seeing and the troubleshooting that it will allow us to focus on or rule out.
Edit: Corrected some "smart"-phone-based typos.
I can rerun the logs if need be to see if there is a comparison since I ran MSoft's suggested RegWorks to address any registry issues if that will be of assistance for any comparison. McAfee Total Protection is v11.6 build 11.6.435 affid 101 and last updated 10/26/2012 while the Scan is version 15.6 build 15.6 .dat vers 6882 build 15.6.231.
former SQA & ISO9000 sr. director (now thankfully ret!)
The information I posted is partially generic and generalized information.
Injected DLLs are also not always in addons, mind you. As a good example, there is an HP WebHelper.dll being injected into IE that is technically comprised of incomplete code (TODO:<File Description>).
Regardless, I found the logs from October 18th. Didn't look too deeply into them, but on cursory inspection, some stuff jumped out at me.
Things that caught my eye:
- There was a threat detected on the initial install of WSA. This means there could be damage to the system that could not be rolled back by Webroot because it wa preexisting. Could also be a non-issue, since I research what the items were.
- The copy of McAfee installed on the system has been updating since 2006 or so. You might find it beneficial to either or both: 1: Clear McAfee off and do a clean install of it (make sure you have your license information for them prior to doing so). 2: Tell McAfee to ignore Webroot files, especially c:windowssystem32wruser.dll. If the second of those works, definitely let us know, as it means that we will want to check on what McAfee is doing and we are doing in response that is causing the issue. (I don't think this is the issue personally, but it's a possibility.)
- The logs are incomplete. Specifically, the Windows Scripting Engine is normally used to gather a set of information using a VB Script in the log-gathering utility, but this information is utterly missing. The script ran, as the framework is there, but the data is not filled. Something interfered with a normal Windows function. This could be any number of things from a limited user account to a security program to damage caused by numerous other things from data degradation to malware to badly-applied patches (never seen that be the user's fault). The account is not a limited account, so that can't be the issue. That leaves a question about what blocked the data gathering.
The thing that I think might be worth trying that won't take a huge amount of effort though is to try turning off the Identity and Privacy shield in Webroot temporarily, or going into Protected Applications under that section and looking to see if anything interesting (or at all) is set to blocked. Record or remember the state of the protected applications and set everything to "Allow" with nothing in "Protect" or "Block".
I am going to try to encourage escalation of the ticket if possible, since just the quick glance shows me quite a few things that -could- cause the problem, but no clear indication as to what actually is doing so.
This indicates that there is likely an addon or injected DLL that is being monitored by Webroot and doesn't deal properly with being watched. In a perfect world, code is written in such a way that it handles pico-delays. In reality, much of it is pretty badly-written.
A quick contact with support will allow us to check your logs and see if anything like that is the case, or what is going on if not.
Edit: One of the main ideas behind a reset of IE is that it unloads and re-configures all addons and extra stuff that the browser could be loading, so it has a potential to fix things that a lot of other programs can really badly mess up. If you have a lot of custom configuration in the Internet settings, then you may not want to perform a reset. If you didn' go poking at the guts of IE's advanced settings, then it should be fine and safe. It wipes all stuff that has been there over the use of IE and takes it back to a state as if you just ran IE for the very first time.
If you are worried about losing personal settings you can uncheck the "Delete personal settings" check box (see image below).