Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Runtime Error


  • Please log in to reply

#1
Kazza1410

Kazza1410

    New Member

  • Member
  • Pip
  • 2 posts
When I switch on my computer an error message pops up "Runtime error 5 at 00405367". Why is this and is there anything I can do to stop this happening.

Also, when I was on the internet at the weekend, it crashed and now when I switch on the computer after sometime it brings up my internet log-on screen ready for me to sign in - really weird, its as if somebody is doing this!! I am also getting a lot of porn sites popping up, which is very unpleasant. What can I do to prevent this happening.

Many thanks.
  • 0

Advertisements


#2
admin

admin

    Founder Geek

  • Administrator
  • 24,504 posts
Welcome Kazza1410 <_<

It's ironic you have Kazaa in your username, because if it's installed on your machine it could be the source of many of your problems. :D

Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.

Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.

Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
  • 0

#3
Kazza1410

Kazza1410

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Logfile of HijackThis v1.97.7
Scan saved at 17:47:49, on 07/05/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\services\wmplayer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\msapp.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\vbrun.exe
C:\WINDOWS\winh.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AOL8~1.0\aoltray.exe
C:\PROGRA~1\AOLCOM~1\COMPAN~1.EXE
C:\PROGRA~1\KODAK\KODAKE~1\bin\EASYSH~1.EXE
C:\PROGRA~1\KODAK\KODAKS~1\7288971\Program\BACKWE~1.EXE
C:\PROGRA~1\BRODER~1\MAVISB~1\MINIMA~1.EXE
C:\PROGRA~1\CASIO\PHOTOL~1\Plauto.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\Save\Save.exe
C:\WINDOWS\System32\shellexp.exe
C:\PROGRA~1\CLOCKS~1\Sync.exe
C:\Documents and Settings\S Archibald\Application Data\awab.exe
C:\WINDOWS\System32\wnscpsu.exe
C:\WINDOWS\OUEUPVWBJ.exe
C:\Program Files\AOL 8.0\waol.exe
C:\Program Files\AOL 8.0\shellmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://tooncomics.com/main/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://brutal-video.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\gmki.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\gmki.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.webcounter.cc/-/?bzbjr (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://drusearch.com/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\gmki.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://in.webcounter.cc/--/?bzbjr (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://brutal-video.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\gmki.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\gmki.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\homepage.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://drusearch.com/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://in.webcounter.cc/--/?bzbjr (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\gmki.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://teenhqpics.com/r/scr.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = C:\WINDOWS\homepage.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://in.webcounter.cc/--/?bzbjr (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://in.webcounter.cc/--/?bzbjr (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://1-se.com/srchasst.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://1-se.com/srchasst.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.sharempeg.com/find/
R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.sharempeg.com/find/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://1-se.com/srchasst.html (obfuscated)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F1 - win.ini: run=C:\WINDOWS\System32\services\wmplayer.exe
O1 - Hosts: 213.159.117.235 auto.search.msn.com
O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\msxslab.dll
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {1F48AA48-C53A-4E21-85E7-AC7CC6B5FFA2} - (no file)
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - C:\WINDOWS\System32\services\2.01.00.dll
O2 - BHO: (no name) - {5DAFD089-24B1-4c5e-BD42-8CA72550717B} - C:\Program Files\SurfAssistant.com\saiemod.dll
O2 - BHO: (no name) - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem217.dll
O2 - BHO: (no name) - {98DBBF16-CA43-4c33-BE80-99E6694468A4} - C:\WINDOWS\System32\msole.dll
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\Downloaded Program Files\bridge.dll
O2 - BHO: (no name) - {E94D5FDD-C46D-4F5A-8761-C81CD5AE3BE8} - C:\WINDOWS\System32\gmki.dll
O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem214.dll
O2 - BHO: OsbornTech Popup Blocker - {FF1BF4C7-4E08-4A28-A43F-9D60A9F7A880} - C:\WINDOWS\System32\mshelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\ISTbar\istbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WinApp32] msapp.exe
O4 - HKLM\..\Run: [Internat Conf] \bootconf.exe
O4 - HKLM\..\Run: [host] C:\WINDOWS\system32\hosts.vbs
O4 - HKLM\..\Run: [Soundmx] \soundmx.exe
O4 - HKLM\..\Run: [Online Service] C:\WINDOWS\svchost.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VB_run] C:\WINDOWS\vbrun.exe
O4 - HKLM\..\Run: [Winhost] C:\WINDOWS\winh.exe
O4 - HKLM\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\Run: [AOL 8.0 Tray Icon.lnk] C:\PROGRA~1\AOL8~1.0\aoltray.exe -check
O4 - HKLM\..\Run: [AOL Companion.lnk] C:\PROGRA~1\AOLCOM~1\COMPAN~1.EXE /s
O4 - HKLM\..\Run: [Kodak EasyShare software.lnk] C:\PROGRA~1\KODAK\KODAKE~1\bin\EASYSH~1.EXE -h
O4 - HKLM\..\Run: [KODAK Software Updater.lnk] C:\PROGRA~1\KODAK\KODAKS~1\7288971\Program\BACKWE~1.EXE
O4 - HKLM\..\Run: [Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office\OSA9.EXE -b -l
O4 - HKLM\..\Run: [Personal Coach.lnk] C:\PROGRA~1\BRODER~1\MAVISB~1\MINIMA~1.EXE
O4 - HKLM\..\Run: [Photo Loader supervisory.lnk] C:\PROGRA~1\CASIO\PHOTOL~1\Plauto.exe
O4 - HKLM\..\Run: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbe
O4 - HKLM\..\Run: [Windows Shell Library Loader] load shell32.dll /c /set
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [xpsystem] C:\WINDOWS\System32\services\wmplayer.exe
O4 - HKLM\..\Run: [WhenUSave] C:\Program Files\Save\Save.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load
O4 - HKLM\..\RunServices: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbe
O4 - HKCU\..\Run: [Explorer] C:\WINDOWS\System32\shellexp.exe en
O4 - HKCU\..\Run: [iedll] c:\WINDOWS\iedll.exe
O4 - HKCU\..\Run: [loader] c:\WINDOWS\loader.exe
O4 - HKCU\..\Run: [olehelp] C:\WINDOWS\System32\olehelp.exe
O4 - HKCU\..\Run: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbe
O4 - HKCU\..\Run: [RealUpdater] C:\WINDOWS\System32\realupd.exe
O4 - HKCU\..\Run: [winlogon] c:\windows\winlogon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - HKCU\..\Run: [xpsystem] C:\WINDOWS\System32\services\wmplayer.exe
O4 - HKCU\..\Run: [Surs] C:\Documents and Settings\S Archibald\Application Data\awab.exe
O4 - HKCU\..\Run: [WNSI] C:\WINDOWS\System32\wnscpsu.exe
O4 - HKCU\..\Run: [VWMTFRFGQXWJJ] C:\WINDOWS\POOAUAYRKPVV.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Global Startup: Photo Loader supervisory.lnk = ?
O8 - Extra context menu item: Web Search - C:\WINDOWS\ex.htm
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - DefaultPrefix: http://prolivation.com/cgi-bin/r.cgi?
O13 - WWW Prefix: http://searching-the-net.com/notfound/?
O14 - IERESET.INF: START_PAGE_URL=http://www.dixons.co.uk/
O16 - DPF: YExplorer1_8US.CAB - http://photos.groups...plorer1_8us.cab
O16 - DPF: {02C20140-76F8-4763-83D5-B660107B7A90} (Moniker32 Class) - http://63.219.181.7/cax.cab
O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\MAIN.MHT!http://d.dialer2004.....chm::/load.exe
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://c:\MAIN.MHT!http://213.159.117.2...uka.chm::/x.exe
O16 - DPF: {11111111-1111-1111-1111-111111111111} - file://c:\info6_s.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://c:\nosuch.mht!http://super-gals.co.../x.chm::/ad.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Program Files\Q330994.exe
O16 - DPF: {12398DD6-40AA-4C40-A4EC-A42CFC0DE797} (Installer Class) - http://www.xxxtoolba...006_regular.cab
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.micr...b?1083867327799
O16 - DPF: {2048B51E-8D74-4762-82CE-B48CF545EEEA} (CAX Object) - http://c.coolshader....aler/eu_cax.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {5053A978-5972-4D8E-BEC7-3E8D4BC6B830} (AXLoader Class) - http://dvdmoviescorp.com/dp5000.dll
O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://www2.flingsto...TInc/bridge.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-downlo...tsInstaller.cab
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft...ols/SassCln.CAB
O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} (EPlugin Control) - http://66.230.146.53/EPlugin_GB.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7BFD6B9D-E642-4394-B450-CB6272755EBB}: NameServer = 195.93.34.134
O19 - User stylesheet: C:\WINDOWS\color.css
O19 - User stylesheet: C:\WINDOWS\hh.htt (HKLM)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP