Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot Start IE6 - The application failed to initialize properly


  • Please log in to reply

#1
hunk714

hunk714

    Member

  • Member
  • PipPip
  • 10 posts
Hi all,

I really hope someone can help me with this terribly annoying problem. Namely, I surfed to some idiotic site which looked innocent enough at the time but threw up some javascript window when accessed.. I tried to not click "Ok" at the prompts, and just tried shutting down Internet Explorer (6). Unfortunately the next time I tried to run the application either from its Icon or Run->iexplore.exe, I got the following application error "The application failed to initialize properly (0xc0000005)....".

My HijackThis log is attached, as is the EWIDO report file. I have tried everything on your recommended ToDo list prior to posting, as well as a couple of other things I can think of, hence the frustration. Here is a list of what I've unsuccesfully tried so far:

(1) Ad-Aware - picked up some minor threat trojans, cleaned them up. Didnt solve problem.
(2) SpyBot S&D - same as (1).
(3) Microsoft Beta - found no problems.
(4) CWShredder - found no problems.
(5) McAffee Scan - found some infected AdClick files and deleted them, but this was occurring "on access" during the EWIDO scan, see (6).
(6) EWIDO - as can be seen by the report. 20 items were dealt with, and many of them upon access generated the McAfee intervention. Again, after fixing all of this and rebooting repeatedly, the problem remained.

Interestingly, if I start the file manager aka Windows Explorer, and then type in a URL in the address bar, I can get IE-functionality so that I think that it is something specific to launching it directly through the iexplore.exe executable.

Please help with this infuriating problem.

Best regards,
hunk714

-----------

Logfile of HijackThis v1.99.1
Scan saved at 01:57:32, on 11/12/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\Program Files\Nokia\Nokia D211\D211CTL.exe
C:\MATLAB7\webserver\bin\win32\matlabserver.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Sierra Wireless Inc\Network Adapter Manager\Network Adapter Manager.exe
C:\Program Files\Nokia\Nokia D211\D211STRT.EXE
C:\WINNT\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Cisco Systems\Aironet Client Monitor\ACUMon.Exe
C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\winnt\system32\fmplug.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\NetPerSec\NetPerSec.exe
C:\Program Files\INS\VitalAgent\Program\VtlAgent.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINNT\explorer.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Class - {E8FB5ADC-1A8F-92CD-F1A0-C2D9D6E088D4} - C:\WINNT\system32\ieny32.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AirCardEnabler] C:\Program Files\Sierra Wireless Inc\Network Adapter Manager\Network Adapter Manager.exe
O4 - HKLM\..\Run: [D211STRT.EXE] "C:\Program Files\Nokia\Nokia D211\D211STRT.EXE"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACUMon] "C:\Program Files\Cisco Systems\Aironet Client Monitor\ACUMon.Exe" -a
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [FMPlug] C:\winnt\system32\fmplug.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: NetPerSec.lnk = C:\Program Files\NetPerSec\NetPerSec.exe
O4 - Global Startup: VitalAgentIT.lnk = C:\Program Files\INS\VitalAgent\Program\VtlAgent.exe
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {483912CF-8995-4434-AD61-6163756E05DF} (AXTNS Control) - http://download.live...tivex/AXTNS.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1126692802265
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1134222672375
O16 - DPF: {769F454F-A488-11D4-AA30-005004C3096A} (DME Web Support) - http://wsmsg0604/dme...bcab/ckoweb.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = core.dir.telstra.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB4F252A-4050-4A49-9D42-9E0145BD6158}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = core.dir.telstra.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = core.dir.telstra.com
O18 - Protocol: bt2 - {1730B77B-F429-498F-9B15-4514D83C8294} - C:\PROGRA~1\BT2Net\BT2PLU~1.DLL (file missing)
O18 - Filter: application/x-bt2 - {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - C:\PROGRA~1\BT2Net\BT2PLU~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: Nokia D211 (D211CTL) - Nokia Corporation - C:\Program Files\Nokia\Nokia D211\D211CTL.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB7\webserver\bin\win32\matlabserver.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe

-----------

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 01:51:37, 11/12/2005
+ Report-Checksum: 2B77C89E

+ Scan result:

C:\WINNT\COM+.log:bsudv -> Downloader.Agent.bc : Cleaned with backup
C:\WINNT\KB824146.log:hhrss -> Downloader.Agent.bq : Cleaned with backup
C:\WINNT\KB824146.log:prfxq -> Downloader.Agent.bq : Cleaned with backup
C:\WINNT\setupapi.log:phzjb -> Downloader.Agent.bq : Cleaned with backup
C:\WINNT\setuplog.txt:czgen -> Downloader.Agent.bc : Cleaned with backup
C:\WINNT\Sti_Trace.log:coajv -> Downloader.Agent.bc : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@bigpond.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@microsofteup.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@msnportal.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@oewabox[1].txt -> Spyware.Cookie.Oewabox : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\c801315\Cookies\c801315@www.burstbeacon[2].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup


::Report End
  • 0

Advertisements


#2
hunk714

hunk714

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hi all,

I know it says not to reply to one's own topic, but since a fellow user has helped me to (partially) resolve this problem, I'm hoping that the SysOps of this site will consider this update message warranted.

Namely, thanks to JohnMP (a fellow user of this site who sent me a personal message) I've received word that someone found the fix to my problem from Microsoft Technet. This is what they said:
---------------------------------------------------------------------------------------------------------------------

I had this same problem and was able to fix it with much searching using
debugging tools. I fixed it by deleting the following registry key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RPCKDM]

Be sure to make a backup of any key before you delete it just in case!!!
---------------------------------------------------------------------------------------------------------------------

And yes, doing this corrected my problem of not being able to start Internet Explorer! Thank you JohnMP!!
But here comes the tricky bit - and it's tricky because I have no idea whether it is related to this original problem or not...

Namely, ever since the original IE6-wont-launch drama started occurring to me, something else followed it - the repeated launching of Windows AutoUpdater (ostensibly to download some Outlook Express Hotfix, and always the same thing over and over again), and each time I restart the computer my McAfee VirusScan finds some Virus called "Generic.Downloader.n" in the Temporary Internet files directory. It claims that it has deleted it, but the repeated Windows AutoUpdates keep happening and it is back when I reboot. Also, I've tried deleting the files manually but of course they return again and again... Oh and I've run EWIDO and still nothing on that front either.

I really don't know if these two are related in any way, so I hope I don't get in trouble for posting.. Should I rerun Hijact This, now that I've run JohnMP's Registry fix and my IE6 launch problem is no longer there?

Thank you all in advance,

hunk714
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP