Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

MS Visual C++ Runtime Eorr on Explorer.exe

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 1 posts

I think I have got this azsearch malware or worm or whatever thing on my PC and now everytime I open windows, there is Microsoft Visual C++ Runtime error on C:\Windows\Explorer.EXE

And I also got intermittent IE browsers pop up with ads. I didn't even open any browser at that time. This is really annoying.

Please help !!! ;)

I am running MS XP Professional SP-1. And I have tried using Ad-aware SE Personal but every time I run there are about 12 Critical infected Objects or so with " Alexa" and everytime I reboot, there will be Visual C++ RunTime error and if I run Ad-Aware again, I will get the same infected Objects...

Here is the HijackThis Log...

Logfile of HijackThis v1.99.1
Scan saved at 2:56:41 PM, on 4/29/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRAM FILES\OfficeScan NT\pccntmon.exe
C:\Program Files\Microsoft Office\Office10\msoffice.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gmail.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gmail.com...rver/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mycompany.us:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.mycompany.us;<local>
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\PROGRAM FILES\OfficeScan NT\pccntmon.exe" -HideWindow
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = ?
O4 - Global Startup: Start HTML Search Server.lnk = C:\Program Files\SQLLIB\bin\db2nq.exe
O4 - Global Startup: Task Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O14 - IERESET.INF: START_PAGE_URL=http://www.gmail.com
O15 - Trusted Zone: http://www.gmail.com
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://s-salemrev-58...tivexviewer.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mycompany.com
O17 - HKLM\Software\..\Telephony: DomainName = mycompany.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{31486D93-7FD7-4A51-A106-441966F37239}: NameServer =,,
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mycompany.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{31486D93-7FD7-4A51-A106-441966F37239}: NameServer =,,
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = mycompany.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{31486D93-7FD7-4A51-A106-441966F37239}: NameServer =,,
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: DB2 JDBC Applet Server - Control Center (DB2ControlCenterServer) - Unknown owner - C:\Program Files\SQLLIB\bin\db2ccs.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - Unknown owner - C:\Program Files\SQLLIB\bin\db2jds.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\SQLLIB\bin\db2sec.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\PROGRAM FILES\OfficeScan NT\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\PROGRAM FILES\OfficeScan NT\OfcPfwSvc.exe
O23 - Service: Remote Console (RCONSVC) - Unknown owner - C:\WINDOWS\System32\rconsvc.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\PROGRAM FILES\OfficeScan NT\tmlisten.exe
  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP