a regfix popup

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by terospawn5, Jun 12, 2006.

  1. terospawn5

    terospawn5 Private E-2

    hello all im new to major geeks.com. i have a problem with my 2000 system.
    for some reason i have a popup that tells me i have a registry problem and to visit a certain web site to fix the promblem. also ussualy it says message from messinger service to (blank) or me. also the popup pops up when im not on the internet. i have a hijack this log file please help.

    EDIT: Inline HJT log removed

    thanks, terospawn5
     
    Last edited by a moderator: Jun 13, 2006
    terospawn5, Jun 12, 2006
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi and Welcome to majorgeeks

    Please follow these standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

    - Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    Make sure you check version numbers and get all updates.


    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

    Downloading, Installing, and Running HijackThis


    When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
    • Bitdefender
    • Panda Scan
    • HijackThis
    .
     
    DavidGP, Jun 13, 2006
    #2
  3. terospawn5

    terospawn5 Private E-2

    this is an example of the popup i'm having.
     

    Attached Files:

    terospawn5, Jun 13, 2006
    #3
  4. terospawn5

    terospawn5 Private E-2

    i have finished all of the scans you asked me to. it found and removed several things but did not fix my problem. what is the next step?
    also one of the scans did not load.(Microsoft Windows Defender 1051 (Beta 2) )
     
    terospawn5, Jun 13, 2006
    #4
  5. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Windows Defender may not run on W2K if you havnt installed SP4, but besides that and going by your Event Log report, seems as if you have messenger service running which some spyware uses to try and infect your PC, just double check that the messenger service is disabled, to do this a few routes are available,

    1. Download and run Shoot the Messenger a nice small app from Steve gibson.

    2. The manual way....
    Click Start > Settings > Control Panel > Administrative Tools > Services > scroll down to Messenger and highlight > Right Click and choose Properties > click Stop > then under the Startup Type dropdown menu pick Disable > OK



    Messenger service is not lined to MSN messenger but is a network alert tool that has sadly been exploited by spyware.


    But also do attach the logs from the guide, so they can be checked over, procedure to attach files is here http://forums.majorgeeks.com/showthread.php?t=86880
     
    DavidGP, Jun 13, 2006
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds