Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MS Visual C++ Runtime Eorr on Explorer.exe

Started by pinephyo , Apr 29 2005 04:00 PM

  • Please log in to reply

#1
pinephyo
Posted 29 April 2005 - 04:00 PM

pinephyo

    New Member

  • Member
  • Pip
  • 1 posts
:tazz:
Hi,

I think I have got this azsearch malware or worm or whatever thing on my PC and now everytime I open windows, there is Microsoft Visual C++ Runtime error on C:\Windows\Explorer.EXE

And I also got intermittent IE browsers pop up with ads. I didn't even open any browser at that time. This is really annoying.

Please help !!! ;)

I am running MS XP Professional SP-1. And I have tried using Ad-aware SE Personal but every time I run there are about 12 Critical infected Objects or so with " Alexa" and everytime I reboot, there will be Visual C++ RunTime error and if I run Ad-Aware again, I will get the same infected Objects...

Here is the HijackThis Log...

Logfile of HijackThis v1.99.1
Scan saved at 2:56:41 PM, on 4/29/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\MS\SMS\CORE\BIN\CLISVCL.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\PROGRAM FILES\OfficeScan NT\pccntmon.exe
C:\PROGRA~1\IBM\IMNNQ\imnsvdem.exe
C:\Program Files\Microsoft Office\Office10\msoffice.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\IBM\IMNNQ\HTTPDL.exe
C:\WINDOWS\MS\SMS\clicomp\apa\Bin\smsapm32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\MS\SMS\CORE\BIN\Launch32.exe
C:\WINDOWS\MS\SMS\CLICOMP\SWDist32\bin\smsmon32.exe
D:\HiJackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gmail.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gmail.com...rver/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mycompany.us:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.mycompany.us;<local>
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\PROGRAM FILES\OfficeScan NT\pccntmon.exe" -HideWindow
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = ?
O4 - Global Startup: Start HTML Search Server.lnk = C:\Program Files\SQLLIB\bin\db2nq.exe
O4 - Global Startup: Task Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O14 - IERESET.INF: START_PAGE_URL=http://www.gmail.com
O15 - Trusted Zone: http://www.gmail.com
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://s-salemrev-58...tivexviewer.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mycompany.com
O17 - HKLM\Software\..\Telephony: DomainName = mycompany.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{31486D93-7FD7-4A51-A106-441966F37239}: NameServer = 167.131.14.164,167.131.50.97,167.131.210.149
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mycompany.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{31486D93-7FD7-4A51-A106-441966F37239}: NameServer = 167.131.14.164,167.131.50.97,167.131.210.149
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = mycompany.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{31486D93-7FD7-4A51-A106-441966F37239}: NameServer = 167.131.14.164,167.131.50.97,167.131.210.149
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: DB2 JDBC Applet Server - Control Center (DB2ControlCenterServer) - Unknown owner - C:\Program Files\SQLLIB\bin\db2ccs.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - Unknown owner - C:\Program Files\SQLLIB\bin\db2jds.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\SQLLIB\bin\db2sec.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\PROGRAM FILES\OfficeScan NT\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\PROGRAM FILES\OfficeScan NT\OfcPfwSvc.exe
O23 - Service: Remote Console (RCONSVC) - Unknown owner - C:\WINDOWS\System32\rconsvc.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\PROGRAM FILES\OfficeScan NT\tmlisten.exe
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP