Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Root Kit - IE Terminates


  • This topic is locked This topic is locked
2 replies to this topic

#1 _JD_

_JD_

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:42 AM

Posted 14 January 2010 - 07:58 PM

I'm having trouble with IE version 6 on Windows XP Home SP2 running Avast! 4.8 home edition anti-virus.

I haven't made any configuration changes or installed any new programs that I can recall...

When attempting to run IE I receive the following error message dialog:

IEXPLORE.EXE - Application Error

The application failed to initialize properly (0x800000003). Click on OK to terminate the application.


This dialog pops up twice.

I've tried uninstalling and reinstalling IE to no avail...Also, I've attempted to use "IEFix" (http://www.majorgeeks.com/download4467.html)

I ran rootkitunhooker which stated "!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)"

Please advise!

Attached is my hijackthis log.

EDIT:: attached DDS and RootRepeal Logs

Attached Files


Edited by _JD_, 14 January 2010 - 09:32 PM.


BC AdBot (Login to Remove)

 


#2 _JD_

_JD_
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:42 AM

Posted 15 January 2010 - 11:04 AM

For anyone else experiencing the same problem, I have stumbled across a solution.

It is not malware related

After contacting MS and being advised to use the security scanner (http://onecare.live.com/site/en-us/center/howsafe.htm), no virus issues were found.

I preformed several reboots and in desperation installed IE 8.

IE 8 produced the same error message but with greater details, the new error message hinted at there being a problem with aclayers.dll (under ModName in the Error signature).

As this (http://social.answers.microsoft.com/Forums/en-US/InternetExplorer/thread/d31b23f2-581c-43d2-b787-e6701dcc4e71) topic outlined, I deleted aclayers.dll from C:\WINDOWS\system32\dllcache and C:\WINDOWS\AppPatch folder

IE was then able to load, however, it asks for the Windows CD to load the missing files. I supplied it and it immediately began exhibiting the error again.

Through more digging, I learned that this error was associated with the Microsoft Update KB955759. See (http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.internetexplorer.general&tid=1fb65a01-5262-4f02-a4f1-01478723b44f&cat=〈=&cr=&sloc=&p=1) for details.

I promptly removed this update using Control Panel and now it is functioning again...I now need only to go back to IE 6...

I doubt this is now the best place for this topic, hope it helps those with this problem in the future.

#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:42 PM

Posted 15 January 2010 - 07:43 PM

Since this topic appears to be resolved, I will now close it. Thanks for lettings us know and giving such detailed instructions! thumbup.gif

If you need this topic re-opened please send me a PM.

Everyone else, please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users