|Attention Before you read this tutorial, I highly recommend you check out my resources page for access to the tools and services I use to not only maintain my system but also fix all my computer errors, by clicking here!|
The runtime error 216 is a fairly common error that has a holistic affect on your Windows environment. It’s an issue that a great many of us are faced with, but the good thing is that it’s not too difficult to fix. What most people tend to find most annoying about this error, is the fact that it’s not easily identifiable, your computer could be exhibiting symptoms synonymous with this error and you may never know it, however once you’ve able to determine what’s causing your system to function unusually, it puts you in a much better position to tackle it.
So What Is This Runtime 216 Error?
This particular runtime error is known for cropping its ugly head when users attempt to load an application. The Backdoor.SubSeven is almost always the cause of this error and can be easily fixed by using the appropriate maintenance tools to remove the virus.
The Backdoor.SubSeven is similar to Back Orifice or Netbus in that it’s a Trojan horse that grants users unauthorised access to your system over the internet without your knowledge.
How Does This Virus Get On Your System?
In most cases, people will receive this virus in an unsolicited email. It’s usually in the form of an executable file, disguised as a Setup.exe for an application. When the user attempts to run the file, it will usually display a “Failed” error message, or it may appear as though it’s installing a program, when in actuality, it’s copying the virus to your system.
Once the virus gets onto your computer, it will immediately proceed to copy itself to your main Windows directory in the name it was executed in. So if it was a Setup.exe, it’ll copy itself as Setup.exe to your Windows directory. It’s also known for imitating important system services such as RUNDLL16.COM, WINDOW.EXE, SERVER.EXE, KERNEL16.DL, and SYSTEMTRAYICON!.EXE. The actual service that the virus will attempt to imitate varies, depending on the version of the virus you have on your computer.
Then it will unpack a particular DLL file (WATCHING.DLL) into your System32 directory. After that, it will make the necessary modifications to your systems registry so that it is run automatically during the boot up phase of your operating system. Lastly, it’ll make a few additional modifications to various other registry entries. This backdoor virus is also capable of attaching itself to your system through the SYSTEM.INI or WIN.INI file.
The latest revision of this nasty backdoor virus copy’s a small program to your system (called WINDOWS.EXE) and registers it so that whenever you run an executable file (.EXE) the virus is automatically started. Through this method, the backdoor virus is able to ensure that it is always in your system memory (RAM).
The Back Orifice 2000 backdoor virus was the first to introduce a server configuration utility which enabled it to make modifications to servers, in the form of startup messages, installation modes etc. Unfortunately, some of the more recent versions of the Backdoor.SubSeven virus also have these capabilities.
How Is It Known When This Virus Is Present On Your System?
The nifty thing about this virus is that it is configured specifically to email your IP address and port number to the person that sent the virus to you. While in other circumstances, it may be configured to send an instant message to the hacker as a form of confirmation.
What Are The Symptoms Of A Computer Infected With This Virus?
All or some of the symptoms outlined below may occur while you are connected to the web:
- Files appear and/or disappear
- Internet files downloads slower than usual
- Audio files play without your consent
- Dialog boxes appear by themselves
- CD/DVD ROM Drive opens randomly
How to Fix This Error
Because of the metamorphic nature of this virus, it can be a little tricky, but not difficult, to get rid of.
The first thing that you’ll want to do is disconnect your system from the internet. This will prohibit the hacker from interfering in the removal process.
However, before you go disconnecting your system from the net, you’ll have to first ensure that you have all the appropriate programs on your computer, and that they are up-to-date and ready to detect and remove the Trojan infection.
SpyHunter is an excellent malware removal tool that is ideally suited for removing the Backdoor.SubSeven (which is primarily responsible for the runtime error).
1. Firstly, download and install the program on your system. You can grab a copy of it here: http://www.compuchenna.co.uk/go/spyhunter
2. Once you’ve installed it on your system, the program should automatically update its virus definitions and run a full scan of your system.
3. However, if it doesn’t automatically scan your system, you can do it manually, by clicking on Start New Scan, then un-ticking the box next to Quick Scan and lastly clicking on Scan Computer Now.
Performing a quick scan should be sufficient, but in the event that it’s unable quarantine or delete a threat, you should consider performing the scan in Safe Mode. For more information on how to do this, check out my post on Trojan horse viruses.
In addition, you may also want to consider upgrading to the paid version, as it comes with Realtime Proactive Protection, which is a feature that enables the program to immediately scan any files or programs you download to your system, making it an ideal preventative measure against future potential threats.
Use Kaspersky TDSSKiller
This is an anti-rootkit program, which will find and remove any infections that were missed by the malware removal program. Many people fail to understand that most viral infections tend to be multifaceted in that they affect folders, processes, registry keys and various other aspects of your operating system. Thus, it’s very important that you ensure there are no hidden files lingering around in your system.
1. To Access this program; simply download the TDSSKiller.exe file to a folder on your computer, from here: http://support.kaspersky.com/
2. Once the file has finished downloading to your computer, double click on the tdsskiller.exe file to execute the program.
3. Using the program is very easily, just click on the Start scan button, to get things rolling.
The registry is an integral component of your operating system, used for storing important application and hardware data. Everything from your soundcard settings to your desktop wallpaper is stored within the registry. Unfortunately, the virus (which causes the runtime error 216) adversely affects this area of your OS, so its best that you run a quick registry scan in order to detect and repair these errors.
1. To repair your registry, you should download and install Ccleaner, which you can find here: http://www.compuchenna.co.uk/go/ccleaner
2. Once installed, start the program by right clicking on Recycle Bin and selecting Open Ccleaner.
3. Once Ccleaner is up and running, click on the Registry Button, then click on Scan for Issues.
4. Once the program has finished scanning for issues, click on Fix selected issues, it will then ask you do you want to backup changes to the registry? Ccleaner is a low level registry cleaner, so backing up your registry is not a necessity, so click on No.
5. From there, click on Fix All Selected Issues, for it to repair all the errors on your registry, then on Close when done.