PDA

View Full Version : IEv9 MS Visual C++ Runtime error



NZHawk
13-06-2013, 12:38 PM
Vista HP 32bit
firefox will access the internet
IEv9 wont even open:

upon trying to open get this error:
Microsoft Visual C++ Runtime Library.
The application has requested the Runtime to terminate it in an unusual way.

I have uninstalled IEv9 & reinstalled it with no change.

I am unable to access Internet Options either.

I hope I have presented enough facts for someone to assist me in getting IE to work correctly.

Thank you

Speedy Gonzales
13-06-2013, 01:08 PM
Might be an addon if you installed any. Use ccleaner and then go to Tools/startup / IE tab. Disable all of the entries here. Then see what happens

NZHawk
13-06-2013, 01:16 PM
roger - that

NZHawk
13-06-2013, 01:20 PM
didn't change the error

here is HJT Log if it helps:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:01:31 p.m., on 13/06/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16490)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe
C:\Program Files\TelevisionFanatic\bar\1.bin\64SrchMn.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\VPro520.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\lorna\Desktop\2 Cleaning Tools\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^XP^xdm114^YY^nz&ptb=11719187-6E71-4430-A1A8-DA45D786073C&si=CJ2D0YG8jLQCFYsdpQodNkMA6g
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.nz/ig/dell?hl=en&client=dell-row&channel=nz&ibd=3070906
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll
R3 - URLSearchHook: (no name) - {796b75f6-6187-47e2-8f1f-c16e059e6e19} - C:\Program Files\FilmFanatic\bar\1.bin\paSrcAs.dll
R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
R3 - URLSearchHook: (no name) - {3a7f3254-eafa-4dbc-b4f3-0d40916f3352} - C:\Program Files\ReferenceBoss_1p\bar\1.bin\1pSrcAs.dll
R3 - URLSearchHook: (no name) - {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll
R3 - URLSearchHook: (no name) - {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files\WeatherBlink\bar\1.bin\gcSrcAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Search Assistant BHO - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll
O2 - BHO: Toolbar BHO - {090e3203-df81-4ff6-bba7-a178bbc3a774} - C:\PROGRA~1\REFERE~3\bar\1.bin\1pbar.dll
O2 - BHO: Search Assistant BHO - {15da6705-4bfa-47c3-95fa-955b71d8f9e1} - C:\Program Files\ReferenceBoss_1p\bar\1.bin\1pSrcAs.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll
O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\Browser Plugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Search-Results Toolbar - {31d8407c-62e4-4125-a4a9-717efb1a56ae} - C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\SRTOOL~1\se archresultsDx.dll
O2 - BHO: Toolbar BHO - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\PROGRA~1\UTILIT~2\bar\1.bin\49bar.dll
O2 - BHO: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll
O2 - BHO: Toolbar BHO - {631acb68-57c3-48af-9cc5-fcec0837ffd3} - C:\PROGRA~1\FILMFA~2\bar\1.bin\pabar.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.3.1.22\IPS\IPSBHO.DLL
O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Search Assistant BHO - {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Program Files\WeatherBlink\bar\1.bin\gcSrcAs.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\BROWSE~1.DL L
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Toolbar BHO - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~1\TELEVI~2\bar\1.bin\64bar.dll
O2 - BHO: Search Assistant BHO - {d5e9b421-c309-41de-9014-800a2adcdeb0} - C:\Program Files\FilmFanatic\bar\1.bin\paSrcAs.dll
O2 - BHO: Toolbar BHO - {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\PROGRA~1\WEATHE~2\bar\1.bin\gcbar.dll
O3 - Toolbar: Search-Results Toolbar - {31d8407c-62e4-4125-a4a9-717efb1a56ae} - C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\SRTOOL~1\se archresultsDx.dll
O3 - Toolbar: TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: FilmFanatic - {0b84b4b4-8af8-4f1f-91fe-074a666f6425} - C:\Program Files\FilmFanatic\bar\1.bin\pabar.dll
O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll
O3 - Toolbar: ReferenceBoss - {c4676d53-fce5-4a19-be4d-97e6eaf7e19a} - C:\Program Files\ReferenceBoss_1p\bar\1.bin\1pbar.dll
O3 - Toolbar: Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll
O3 - Toolbar: WeatherBlink - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files\WeatherBlink\bar\1.bin\gcbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
O4 - HKLM\..\Run: [ReferenceBoss Search Scope Monitor] "C:\PROGRA~1\REFERE~3\bar\1.bin\1psrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [Utility Chest Search Scope Monitor] "C:\PROGRA~1\UTILIT~2\bar\1.bin\49srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [FilmFanatic Search Scope Monitor] "C:\PROGRA~1\FILMFA~2\bar\1.bin\pasrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~1\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [WeatherBlink Search Scope Monitor] "C:\PROGRA~1\WEATHE~2\bar\1.bin\gcsrchmn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: VPro520.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5 B381380DB17F.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\datamngr.dl l C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FilmFanaticService - COMPANYVERS_NAME - C:\PROGRA~1\FILMFA~2\bar\1.bin\pabarsvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc. exe
O23 - Service: ReferenceBossService (ReferenceBoss_1pService) - COMPANYVERS_NAME - C:\PROGRA~1\REFERE~3\bar\1.bin\1pbarsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TelevisionFanaticService - COMPANYVERS_NAME - C:\PROGRA~1\TELEVI~2\bar\1.bin\64barsvc.exe
O23 - Service: Utility ChestService (UtilityChest_49Service) - COMPANYVERS_NAME - C:\PROGRA~1\UTILIT~2\bar\1.bin\49barsvc.exe
O23 - Service: WeatherBlinkService - COMPANYVERS_NAME - C:\PROGRA~1\WEATHE~2\bar\1.bin\gcbarsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12813 bytes

Speedy Gonzales
13-06-2013, 01:27 PM
I would uninstall these. Looks like some of them are adware / dangerous

R3 - URLSearchHook: (no name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll
R3 - URLSearchHook: (no name) - {796b75f6-6187-47e2-8f1f-c16e059e6e19} - C:\Program Files\FilmFanatic\bar\1.bin\paSrcAs.dll
R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
R3 - URLSearchHook: (no name) - {3a7f3254-eafa-4dbc-b4f3-0d40916f3352} - C:\Program Files\ReferenceBoss_1p\bar\1.bin\1pSrcAs.dll
R3 - URLSearchHook: (no name) - {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll
R3 - URLSearchHook: (no name) - {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files\WeatherBlink\bar\1.bin\gcSrcAs.dll

O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
O4 - HKLM\..\Run: [ReferenceBoss Search Scope Monitor] "C:\PROGRA~1\REFERE~3\bar\1.bin\1psrchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [Utility Chest Search Scope Monitor] "C:\PROGRA~1\UTILIT~2\bar\1.bin\49srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [FilmFanatic Search Scope Monitor] "C:\PROGRA~1\FILMFA~2\bar\1.bin\pasrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~1\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [WeatherBlink Search Scope Monitor] "C:\PROGRA~1\WEATHE~2\bar\1.bin\gcsrchmn.exe" /m=2 /w /h

Dont think this should be here either

O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\datamngr.dl l C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

Dont know what this is or what it belongs to

O4 - Global Startup: VPro520.lnk = ?

This is here C:\Windows\VPro520.exe

O23 - Service: FilmFanaticService - COMPANYVERS_NAME - C:\PROGRA~1\FILMFA~2\bar\1.bin\pabarsvc.exe

O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe

I would get rid of nortons, install somethng better, disable system restore. Then scan with something like malwarebytes

NZHawk
13-06-2013, 02:04 PM
owner decided to go in a different direction - thank you for your help. :)

oh started to run Malwarebytes and it found a trojan that seemed to infect IE