Runcc Grief

Hi all.
I have a box pop up, I think when I open a browser, either that or it pops up after a certain amount of time after booting.
It states that RunCC has stopped working.
I have searched the web for an answer but have failed.
I have typed it in the start search box but nothing comes up.
I've looked at extra info in the box and it says it's a RunCC.exe.
Anyone know what why where how?
Thanks.

 

Please confirm the system in question is the one in your signature (Dell Dimension 9100. Windows 7 Ultimate)
Without us having to make a guess, please tell us what exact program the 'RunCC' error relates to, if you can establish it.
You can have a look at system error reports on your system.
Event Viewer
https://technet.microsoft.com/en-us/library/cc766401(v=ws.11).aspx
System Error logs
https://technet.microsoft.com/en-us/library/cc754364(v=ws.11).aspx

 

Hi Max (or Jeremy)
Spec is the same apart from 4gb of RAM instead of 2.
It's not to do with the browser as I rebooted and left the system idle for 5 minutes or so and up it popped.
This is what it says in the problem details if it's any help.

Problem signature:
Problem Event Name: APPCRASH
Application Name: RunCC.exe
Application Version: 1.0.0.0
Application Timestamp: 57a2025f
Fault Module Name: KERNELBASE.dll
Fault Module Version: 6.1.7601.18869
Fault Module Timestamp: 556366fd
Exception Code: c06d007e
Exception Offset: 000000000000b3dd
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 2057
Additional Information 1: 79df
Additional Information 2: 79dfbcacf61883e68177790c5410ed25
Additional Information 3: c27f
Additional Information 4: c27f1d36cabdc1b55499bd1823f64a65

And this is from event viewer.
RunCC.exe
1.0.0.0
57a2025f
KERNELBASE.dll
6.1.7601.18869
556366fd
c06d007e
000000000000b3dd
1d8
01d1f3ef4e568ab1
C:\Users\My Name\AppData\Roaming\iset\RunCC.exe
C:\Windows\system32\KERNELBASE.dll
8d1bf7f2-5fe2-11e6-9390-0019d14d5292

I've put AppData in the search box and it came up with a system file location called edb.chk
It says Type; Recovered File Fragments.
I open it in word pad and get this

C:\Users\MyName\AppData\Local\Microsoft\Windows Live Mail\Calendars\DBStore
and
C:\Users\MyName\AppData\Local\Microsoft\Windows Live Mail\Calendars\DBStore\LogFiles

 

I can't find reference to "AppData\Roaming\iset", it's a location that might be used by malware...

 

1. What else is in the iset folder?
2. Right-click RunCC.exe, click Properties & click Details. What info is displayed?

 

Hi both.
The folders/files were hidden.
In the iset folder is reference to DevTools.
When I Google that there is reference to Google Chrome.
I will try uninstalling Chrome and reinstalling, can't hurt.
Oh, and there is no option for details when I select properties for the RunCC.exe.
You may also be right about malware. Hadn't ran malwarebytes for a while until a couple of days ago and it found several. I am also having trouble with a couple of my e-mail accounts not sending/receiving so may have to reinstall live mail too.

 

Oh well, that didn't work, same pop up. Any more clues?
I also know why my e-mail isn't working, it's Microsoft messing about with live mail.
My default account has stopped working hence I didn't see your replies until I came an looked on the forums.
It rains then it pours!

 

I am looking into the latest suggestion, though all I want is the pop up to stop, it all looks a bit complex to me but hey.
I shall return to the problem after I have sorted Live Mail.
Thanks

 

Ok, Live Mail sorted (for now, eh Microsoft?)
dr. moriaty, I have viewed the page you suggest and as it says to try the tools on a virtual machine or a test computer as they are some 'heavy tools' I don't think they are the answer for me, but thanks anyway.
I just want a RunCC popup to cease popping.
Anyone any other ideas?
Thanks

 

Yes the beast is there and shows the same location as in post #3
Command Line:
C:\Users\My Name\AppData\Roaming\iset\RunCC.exe
Path:
C:\Users\My Name\AppData\Roaming\iset\RunCC.exe
Showing CPU usage = 0 Private Bytes = 1.012K Working Set = 2.804K PID = 1424 Description = RunCC Company name = Blank
No Signature Virus Total = 2/56

When I click on the virus total it shows as W32/S-68faca22!Eldorado in Cyren and F-Prot.
Avira (which I use) gives it a green tick as does the rest of the anti virus progs?
Shall I kill the beast?

 

Process Explorer should also indicate which process started RunCC, right=click > Properties (Image tab) and look under Parent:

 

Damn it satrow I killed the blighter before carrying out your instruction.
The pop up appears to have ceased since the euthanasia.
I inadvertently deleted the iset folder and it's contents.
There was an uninstall.exe within and I double clicked it expecting a prompt telling me what I would be deleting but no, the whole shebang disappeared as though Harry Potter himself had waved his wand.
Everything seems ok thus far so I'm assuming whatever was in the iset folder was not required.
Thanks.

 

And thanks for the pointers.
Twas a big help and a learning curve.

 

Yup, nice work sobeit, pity we never got to find out a few more details - but there's usually a next time take care.